urlscan.io logo urlscan.io
SecurityTrails logo

www.paulhaenni.ch Open in urlscan Pro
3.160.150.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://paulhaenni.ch/
Effective URL: https://www.paulhaenni.ch/
Submission: On November 02 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 12 domains to perform 42 HTTP transactions. The main IP is 3.160.150.75, located in United States and belongs to AMAZON-02, US. The main domain is www.paulhaenni.ch.
TLS certificate: Issued by R11 on September 11th 2024. Valid for: 3 months.
This is the only time www.paulhaenni.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    54.228.141.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-141-200.eu-west-1.compute.amazonaws.com
paulhaenni.ch
6    3.160.150.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-75.fra60.r.cloudfront.net
www.paulhaenni.ch
3    2600:9000:223e:6800:3:d38e:b280:21 (United States)

ASN16509 (AMAZON-02, US)
d31wnqc8djrbnu.cloudfront.net
1    108.138.24.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-148.fra56.r.cloudfront.net
d22q34vfk0m707.cloudfront.net
2    13.224.189.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-84.fra2.r.cloudfront.net
copycockpit.net
2    2606:4700:10::ac43:69f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.landbot.io
2    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2606:4700:3031::ac43:d1b4 (United States)

ASN13335 (CLOUDFLARENET, US)
f.copycockpit.com
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    2a00:1450:4001:831::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    18.203.10.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-10-32.eu-west-1.compute.amazonaws.com
piwik.incms.net
2    172.217.23.123 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f27.1e100.net
storage.googleapis.com
2    172.67.6.159 (United States)

ASN13335 (CLOUDFLARENET, US)
welcome.landbot.io
cdn.landbot.io
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
identitytoolkit.googleapis.com
2    172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net
identitytoolkit.googleapis.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firestore.googleapis.com
1    142.250.184.202 (None, )

ASN- ()
firestore.googleapis.com
1    151.101.192.176 (None, )

ASN- ()
js.stripe.com
Apex Domain
Subdomains		 Transfer
10 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 356
identitytoolkit.googleapis.com — Cisco Umbrella Rank: 2298
firestore.googleapis.com — Cisco Umbrella Rank: 1524
230 KB
7 paulhaenni.ch
paulhaenni.ch
www.paulhaenni.ch
103 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
228 KB
4 landbot.io
cdn.landbot.io — Cisco Umbrella Rank: 108778
welcome.landbot.io — Cisco Umbrella Rank: 240715
566 KB
4 cloudfront.net
d31wnqc8djrbnu.cloudfront.net
d22q34vfk0m707.cloudfront.net
58 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
2 incms.net
piwik.incms.net
22 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1102
164 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
2 copycockpit.net
copycockpit.net
733 B
1 copycockpit.com
f.copycockpit.com
807 B
42 12
Domain Requested by
6 www.paulhaenni.ch www.paulhaenni.ch
4 identitytoolkit.googleapis.com copycockpit.net
4 connect.facebook.net www.paulhaenni.ch
connect.facebook.net
3 firestore.googleapis.com copycockpit.net
3 storage.googleapis.com copycockpit.net
www.paulhaenni.ch
3 www.facebook.com www.paulhaenni.ch
connect.facebook.net
3 www.youtube.com www.paulhaenni.ch
3 cdn.landbot.io www.paulhaenni.ch
copycockpit.net
cdn.landbot.io
3 d31wnqc8djrbnu.cloudfront.net www.paulhaenni.ch
d31wnqc8djrbnu.cloudfront.net
2 piwik.incms.net www.paulhaenni.ch
piwik.incms.net
2 js.stripe.com copycockpit.net
js.stripe.com
2 www.google-analytics.com www.paulhaenni.ch
www.google-analytics.com
2 copycockpit.net 1 redirects www.paulhaenni.ch
1 welcome.landbot.io copycockpit.net
1 f.copycockpit.com connect.facebook.net
1 d22q34vfk0m707.cloudfront.net www.paulhaenni.ch
1 paulhaenni.ch 1 redirects
42 17

This site contains no links.

Subject Issuer Validity Valid
www.paulhaenni.ch
R11		 2024-09-11 -
2024-12-10		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
copycockpit.net
Amazon RSA 2048 M02		 2024-09-30 -
2025-10-29		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-11 -
2024-11-09		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
f.copycockpit.com
WE1		 2024-10-30 -
2025-01-28		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-10-30 -
2025-02-06		 3 months crt.sh
storage.googleapis.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.incms.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-29 -
2024-12-29		 a year crt.sh
landbot.io
WE1		 2024-10-31 -
2025-01-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
edgecert.googleapis.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.paulhaenni.ch/
Frame ID: C6F2020E29CA39E41802966A1785BAF9
Requests: 32 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7Lla8kjdHJ0?autoplay=0&loop=0&fs=1&nocookie=0&controls=1&iv_load_policy=0&rel=0&playsinline=1&start=&end=&wmode=transparent
Frame ID: DF7BD25A9E1BA21D1EC1CD27A6DD724F
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/G62suIqCTqQ?autoplay=0&loop=0&fs=1&nocookie=0&controls=1&iv_load_policy=0&rel=0&playsinline=1&start=&end=&wmode=transparent
Frame ID: 899B800329274962E58F2133CF9ACDD9
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/98ijbufyXJ4?autoplay=0&loop=0&fs=1&nocookie=0&controls=1&iv_load_policy=0&rel=0&playsinline=1&start=&end=&wmode=transparent
Frame ID: 532BF7E6514764DF1D0221732181092C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/fan.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd71d23bd96baa3a3%26domain%3Dwww.paulhaenni.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.paulhaenni.ch%252Ffdd556fb9390ca764%26relation%3Dparent.parent&connections=8&container_width=1058&locale=de_DE&profile_id=1948587322084340&sdk=joey&stream=false&width=1058
Frame ID: E8DFE44B115A4D7CBC57866677595F86
Requests: 1 HTTP requests in this frame

Frame: https://cdn.landbot.io/assets/fonts/Roboto/fonts.css
Frame ID: CC56BA7089F056A46FE4FC0ECA58EDE4
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 3B0AD2071E2137FD7773A4B124CE0BC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paul Hänni - Paul Hänni

Page URL History Show full URLs

  1. https://paulhaenni.ch/ HTTP 301
    https://www.paulhaenni.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Page Statistics

42
Requests

98 %
HTTPS

43 %
IPv6

12
Domains

17
Subdomains

21
IPs

3
Countries

1398 kB
Transfer

4340 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paulhaenni.ch/ HTTP 301
    https://www.paulhaenni.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://copycockpit.net/landbot.js HTTP 301
  • https://cdn.landbot.io/landbot-3/landbot-3.0.0.js

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.paulhaenni.ch/
Redirect Chain
  • https://paulhaenni.ch/
  • https://www.paulhaenni.ch/
22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-75.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
85e6b1a82909a84b12ab8f06ac8396ef811fab4ecc45f0a45c2aeee34038c173

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, s-maxage=180
content-encoding
gzip
content-length
6585
content-type
text/html; charset=UTF-8
date
Sat, 02 Nov 2024 08:05:25 GMT
server
Apache
vary
Accept-Encoding
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
x-amz-cf-id
dIySSWjIvOdUah5kKXHxAaVjhqyezokuS9dkDiJ03_GbH2bwa1jaBQ==
x-amz-cf-pop
FRA60-P7
x-cache
Miss from cloudfront
x-mod-pagespeed
1.13.35.2-0

Redirect headers

content-length
162
content-type
text/html
date
Sat, 02 Nov 2024 08:05:24 GMT
location
https://www.paulhaenni.ch/
server
nginx
css
d31wnqc8djrbnu.cloudfront.net/api/ 		774 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d31wnqc8djrbnu.cloudfront.net/api/css?family=Open+Sans:600,regular,300
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6800:3:d38e:b280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
acb274f9b92303c4c0b6e95ef8056b9008f3452fad9a506e8dd964ab04c4c0e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

cache-control
public, max-age=86400
age
24290
via
1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
apigw-requestid
AmCvkgU7DoEEPaw=
x-cache
Hit from cloudfront
content-length
774
x-amz-cf-id
napv2Y0RgQVPF6Q-HOAj8iqh9PuAsZaUIXGDDzZvJNuxldNKQ1SSOQ==
date
Sat, 02 Nov 2024 01:20:35 GMT
content-type
text/css; charset=utf-8
x-amz-cf-pop
FRA56-P4
A.vendor,,_components,,_font-awesome,,_css,,_font-awesome.min.css+incms_styles,,_missing_icons.css,Mcc.kJTdPxLmI9.css.pagespeed.cf.tik0HKeOYs.css
d22q34vfk0m707.cloudfront.net/incms_core/5.2410.3/ 		47 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d22q34vfk0m707.cloudfront.net/incms_core/5.2410.3/A.vendor,,_components,,_font-awesome,,_css,,_font-awesome.min.css+incms_styles,,_missing_icons.css,Mcc.kJTdPxLmI9.css.pagespeed.cf.tik0HKeOYs.css
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.24.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-24-148.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
2e7abbfc69b26f70ad9c29f9c075e0d5d4338fa6c707bd7b9ee76bd21fa42304
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

content-encoding
gzip
age
43180
x-content-type-options
nosniff
expires
Wed, 30 Oct 2024 20:03:42 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
-zPgcJPvAuFyxYUxb3lPfezp8bYpHBbVMR4HzTSBYFlvAA3jPVIzug==
date
Fri, 01 Nov 2024 20:05:45 GMT
content-type
text/css
last-modified
Wed, 30 Oct 2024 19:58:42 GMT
vary
Accept-Encoding
cache-control
max-age=300,private
x-original-content-length
45333
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
9592
x-amz-cf-pop
FRA56-P7
server
Apache
css_7dc2606fee30285f4375e067f3c17b50.css.pagespeed.ce.fcJgb-4wKF.css
www.paulhaenni.ch/incms_files/pagecache/ 		201 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paulhaenni.ch/incms_files/pagecache/css_7dc2606fee30285f4375e067f3c17b50.css.pagespeed.ce.fcJgb-4wKF.css
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-75.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
393fc504670d41a999bb187f08bf6afcfd7b75025b629f5e51444fbccccd5e86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

content-encoding
gzip
etag
W/"0-gzip"
expires
Sun, 02 Nov 2025 08:05:25 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
kq_eJ-Rn_S_DIy5dcH1Lf5EkwrKgDT5PJrIj-V4sWhne5jtFhobNCg==
date
Sat, 02 Nov 2024 08:05:25 GMT
content-type
text/css
last-modified
Mon, 21 Oct 2024 16:50:14 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
x-original-content-length
205754
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
36836
x-amz-cf-pop
FRA60-P7
server
Apache
xpaulhaenni_f1a8f47169398563852100b463daa153.jpg.pagespeed.ic.SXItKpXlY0.webp
www.paulhaenni.ch/incms_files/filebrowser/cache/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paulhaenni.ch/incms_files/filebrowser/cache/xpaulhaenni_f1a8f47169398563852100b463daa153.jpg.pagespeed.ic.SXItKpXlY0.webp
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-75.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
175f7a6f4c611ea2b8dce99c2d78e32f6b3490ee596a9576127a4ac1529dcfca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

link
<https://www.paulhaenni.ch/incms_files/filebrowser/cache/paulhaenni_f1a8f47169398563852100b463daa153.jpg>; rel="canonical"
cache-control
max-age=31536000
etag
W/"0"
x-original-content-length
44168
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
expires
Sun, 02 Nov 2025 08:05:25 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
5742
x-amz-cf-id
gEpSLy9WvxjiKn8OUHXF-309hNqH-8r7hMMX-xLNwY-1huNRghyXUg==
date
Sat, 02 Nov 2024 08:05:25 GMT
content-type
image/webp
last-modified
Sat, 02 Nov 2024 08:05:25 GMT
server
Apache
x-amz-cf-pop
FRA60-P7
landbot-3.0.0.js
cdn.landbot.io/landbot-3/
Redirect Chain
  • https://copycockpit.net/landbot.js
  • https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
2 MB
551 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Server
2606:4700:10::ac43:69f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db22768d8a89c868940cf8c90e87e47ceaf01e4da1aa25841265b0ba3e916640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=K+uEew==, md5=/fDOlIIbs7HivAe+y57Gxg==
etag
"fdf0ce94821bb3b1e2bc07becb9ec6c6"
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
x-goog-stored-content-encoding
gzip
expires
Sat, 02 Nov 2024 08:05:26 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
562804
date
Sat, 02 Nov 2024 08:05:26 GMT
content-type
application/javascript
last-modified
Thu, 31 Oct 2024 08:47:50 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0jpPyzdfOJT6u2iu1afApj8Tu7vzhKHgoeioCudAcMz7SUakMPuNUyq_4IzmwdAVkBTdAexYP3Pw
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=120, no-transform
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8dc29e96ce001c11-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1730364470807479
content-length
562804
server
cloudflare

Redirect headers

cache-control
max-age=0
location
https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
expires
Sat, 02 Nov 2024 08:05:25 GMT
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
l8BnMqPT-dJfKUi-Qb-Zn7KZAG5dMq8YV8FvtQNqamiXSTtN7GWVQA==
date
Sat, 02 Nov 2024 08:05:25 GMT
content-type
text/html; charset=UTF-8
x-amz-cf-pop
FRA2-C1
server
Apache
incmsconfig.js
copycockpit.net/ 		119 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://copycockpit.net/incmsconfig.js
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-84.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
ff8f6680c08c2c145590477c5ab5682dccf3bbae73faeb592804392487addde0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

cache-control
max-age=0
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
expires
Sat, 02 Nov 2024 08:05:25 GMT
x-cache
Miss from cloudfront
content-length
119
x-amz-cf-id
oulLmrFhcfZLefY2UgJeVJqyTAquHna11nRXAxmjO7FiY5DBl5JB_w==
date
Sat, 02 Nov 2024 08:05:25 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
FRA2-C1
server
Apache
js_5cb984ac749f2e4ec39b4f3718b9b961.js.pagespeed.jm.0el99qFHf7.js
www.paulhaenni.ch/incms_files/pagecache/ 		165 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paulhaenni.ch/incms_files/pagecache/js_5cb984ac749f2e4ec39b4f3718b9b961.js.pagespeed.jm.0el99qFHf7.js
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-75.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
260d5005f744f0337c39f1e6df442c792e084b1524e797ca8fe67bd5980c4cb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

content-encoding
gzip
etag
W/"0-gzip"
expires
Sun, 02 Nov 2025 08:05:25 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
qno63YVWGRjn4JNn7P4UT9zaxL6aBrRo0AYFOFuk67_Ccd1ksKQFrg==
date
Sat, 02 Nov 2024 08:05:25 GMT
content-type
application/javascript
last-modified
Sat, 02 Nov 2024 08:05:25 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
x-original-content-length
168912
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
52842
x-amz-cf-pop
FRA60-P7
server
Apache
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

content-encoding
gzip
age
2116
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 09:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 07:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-40cCqj6V' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 08:05:25 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-40cCqj6V' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=23, mss=1232, tbw=4432, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
KRkgHJ0gc7dXfyLL8KVwd6qvbho3/euMGHb/34MOEvgeNzAdSZSBSFZd82MUrRadHSYq+14Xdzk5V+vrdYNLJA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62086
x-xss-protection
0
origin-agent-cluster
?1
718161024872092
connect.facebook.net/signals/config/ 		301 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/718161024872092?v=2.9.176&r=stable&domain=www.paulhaenni.ch&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
82fa505008f86ae474b7ae5f1953060e71234f299492647827734bf5e99ba77d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-DPMxkagG' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 08:05:25 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-DPMxkagG' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=76, mss=1232, tbw=72512, tp=70, tpl=0, uplat=223, ullat=0
pragma
public
x-fb-debug
IpuglMZbJteZAkD4HMXeZDthHyUURTi13uQm8kvaOfj38UzVnB4M6FMKF3wd/YXeeX+vYVvXUjVRkHuXLIoqOw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google-analytics.com/j/ 		3 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1348503275&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paulhaenni.ch%2F&ul=de-ch&de=UTF-8&dt=Paul%20H%C3%A4nni%20-%20Paul%20H%C3%A4nni&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1037339479&gjid=591963294&cid=1838070644.1730534726&tid=UA-101858047-1&_gid=1208180318.1730534726&_r=1&_slc=1&z=221191007
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.paulhaenni.ch/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 08:05:25 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.paulhaenni.ch
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
7Lla8kjdHJ0
www.youtube.com/embed/ Frame DF7B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/7Lla8kjdHJ0?autoplay=0&loop=0&fs=1&nocookie=0&controls=1&iv_load_policy=0&rel=0&playsinline=1&start=&end=&wmode=transparent
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paulhaenni.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 08:05:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
G62suIqCTqQ
www.youtube.com/embed/ Frame 899B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/G62suIqCTqQ?autoplay=0&loop=0&fs=1&nocookie=0&controls=1&iv_load_policy=0&rel=0&playsinline=1&start=&end=&wmode=transparent
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paulhaenni.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 08:05:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
98ijbufyXJ4
www.youtube.com/embed/ Frame 532B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/98ijbufyXJ4?autoplay=0&loop=0&fs=1&nocookie=0&controls=1&iv_load_policy=0&rel=0&playsinline=1&start=&end=&wmode=transparent
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paulhaenni.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 08:05:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
all.js
connect.facebook.net/de_DE/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/all.js
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
3ffcb93533091a22604512e2ff5812257fd8dc0d16fe83ea3b977e08dfdc7ae3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

content-md5
5QIVnJqj2oN7+R5YhXaMFA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"a07c6374f7ce2860e2cc0b7bf2e0c13d"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 02 Nov 2024 08:13:16 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 08:05:25 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
1ebd4c61595922c588ce310a2eb414c5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=74, mss=1232, tbw=70304, tp=66, tpl=0, uplat=0, ullat=-1
x-fb-debug
1Gftdx7yJQUjspjkDbtweTrEcoemSg7m4EDlZq6W1KNmHL6PELD8ifxDZh9g4PqbMlUFa9EhqOlXb7vEt1pm7g==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1687
origin-agent-cluster
?1
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf
d31wnqc8djrbnu.cloudfront.net/s/opensans/v40/ 		34 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d31wnqc8djrbnu.cloudfront.net/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVc.ttf
Requested by
Host: d31wnqc8djrbnu.cloudfront.net
URL: https://d31wnqc8djrbnu.cloudfront.net/api/css?family=Open+Sans:600,regular,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6800:3:d38e:b280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
6fee568ee1e985a28351734213271ab3c518744bb3819af52246e1b7d15b7372
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paulhaenni.ch
Referer
https://d31wnqc8djrbnu.cloudfront.net/api/css?family=Open+Sans:600,regular,300

Response headers

content-encoding
gzip
age
8477620
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 27 Jul 2025 05:11:45 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
QwYXGTTZXqrrvTUhy0us11O1pQxy_NxQNtcgBW8HMQKcZ-hhF43bRg==
date
Sat, 27 Jul 2024 05:11:45 GMT
content-type
font/ttf
last-modified
Thu, 14 Dec 2023 02:00:42 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
via
1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
23490
x-xss-protection
0
x-amz-cf-pop
FRA56-P4
server
sffe
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVc.ttf
d31wnqc8djrbnu.cloudfront.net/s/opensans/v40/ 		35 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d31wnqc8djrbnu.cloudfront.net/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVc.ttf
Requested by
Host: d31wnqc8djrbnu.cloudfront.net
URL: https://d31wnqc8djrbnu.cloudfront.net/api/css?family=Open+Sans:600,regular,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:6800:3:d38e:b280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
9788f42e28c41922e8bd6bc78ffdcf9747f11edd1ac1a02614c20e9300efa313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paulhaenni.ch
Referer
https://d31wnqc8djrbnu.cloudfront.net/api/css?family=Open+Sans:600,regular,300

Response headers

content-encoding
gzip
age
27943922
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 21:53:23 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
NWPC95KtC43WIGBKPuUb3LmT-g-JYHWoST92b5hPCI7mB7f1g0nKXg==
date
Thu, 14 Dec 2023 21:53:23 GMT
content-type
font/ttf
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
via
1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
23603
x-xss-protection
0
x-amz-cf-pop
FRA56-P4
server
sffe
3fa4dd3698704ce1e82a8d256d5fc41017f3097933e8e92ae608e7226cb31ccc
f.copycockpit.com/events/ 		0
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.copycockpit.com/events/3fa4dd3698704ce1e82a8d256d5fc41017f3097933e8e92ae608e7226cb31ccc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/718161024872092?v=2.9.176&r=stable&domain=www.paulhaenni.ch&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.paulhaenni.ch/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4rbW0DvV44y2xo9fUwoxmuJB8VP8waM7FyP%2BhZcAeXv75jFcCUfjgKgxGQdGtw%2BidfMNyAKM8UlEaP6P6iCcunv4ZfCA2oa07lFEpB8%2FIhAhU9xJmopDKazkhi%2FbEnWCDTa%2FSP%2FLNHr2aM0YfAs7TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8dc29e9bdbc6dc5c-FRA
access-control-allow-origin
https://www.paulhaenni.ch
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=TCP&rtt=32865&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3944&recv_bytes=2672&delivery_rate=115224&cwnd=182&unsent_bytes=0&cid=a3963e8855ae0d01&ts=127&x=0"
date
Sat, 02 Nov 2024 08:05:27 GMT
vary
origin
server
cloudflare
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=718161024872092&ev=PageView&dl=https%3A%2F%2Fwww.paulhaenni.ch%2F&rl=&if=false&ts=1730534726230&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730534726217.864448539133698976&eid=ob3_plugin-set_4fa45b3c73492ae7a84b4cef6bd4bfc9953c3a6ea2cdf3e7e12e98fd9cca8f21&ler=empty&cdl=API_unavailable&it=1730534725554&coo=false&rqm=GET
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1297, tbw=2943, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 02 Nov 2024 08:05:26 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=718161024872092&ev=PageView&dl=https%3A%2F%2Fwww.paulhaenni.ch%2F&rl=&if=false&ts=1730534726230&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730534726217.864448539133698976&eid=ob3_plugin-set_4fa45b3c73492ae7a84b4cef6bd4bfc9953c3a6ea2cdf3e7e12e98fd9cca8f21&ler=empty&cdl=API_unavailable&it=1730534725554&coo=false&rqm=FGET
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432590054646472476"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 08:05:26 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
7b06LkG38JqIhfJoj3Px4FemS6Qk3NIRHyInokrLddfC3dxnADuit9YVuBKWHYA7CfoMi2i87xuU2wootAVomg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432590054646472476", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=12, mss=1297, tbw=3261, tp=-1, tpl=-1, uplat=158, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
all.js
connect.facebook.net/de_DE/ 		253 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/all.js?hash=7fa2568f05fdd816f21a3a74a103d568
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
1916a6c4a50ef889b115d41e16cdf31c43a53f31ee36d2c4d9b13ea5bf9104d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paulhaenni.ch
Referer
https://www.paulhaenni.ch/

Response headers

content-md5
M+Byn26CtGin7FKeZsxV/Q==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"69b28b795d9708592323172ebdf82909"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 07:11:11 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 02 Nov 2024 08:05:26 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
dd3522da6c1655e9354fe4afec4dcf4f
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1825, tp=5, tpl=0, uplat=1, ullat=-1
x-fb-debug
sLNQiZeKN6UxZYo58EfPn+SrjMoJKFcnq0dFXA+ZnoFl1WQuHqjupJMGHMUTCbuq6s5tGIKObSaV9WwTxzvOOQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
75121
origin-agent-cluster
?1
v3
js.stripe.com/ 		675 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: copycockpit.net
URL: https://copycockpit.net/landbot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c341cbcb569df8a6e02a6fc8e2eb78838f8314cd90755b66772d76c31ec4f7cb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

x-request-id
97d2ec7a-53d2-4491-b9e9-82b31bc3ff79
content-encoding
br
etag
"a17f7a827649ecbe8ac041de597740da"
age
20
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 02 Nov 2024 08:05:27 GMT
last-modified
Fri, 01 Nov 2024 21:31:31 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-fra-etou8220064-FRA
x-cache-hits
4
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
167538
server
Fastly
index.json
storage.googleapis.com/landbot.pro/v3/H-1791325-LBLI9LCY8P8JGFR0/ 		6 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/landbot.pro/v3/H-1791325-LBLI9LCY8P8JGFR0/index.json?ts=1730534727011
Requested by
Host: copycockpit.net
URL: https://copycockpit.net/landbot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c9728729e791ce90e52d9cd76e43fc3cbf280f31e216f9c6201e09b3b7a00103

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Referer
https://www.paulhaenni.ch/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=b5ueBg==, md5=fSFwPSfoJXpOgQLYe5FJmg==
etag
"7d21703d27e8257a4e8102d87b91499a"
x-goog-stored-content-encoding
identity
expires
Sun, 02 Nov 2025 08:05:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6227
date
Sat, 02 Nov 2024 08:05:27 GMT
last-modified
Sun, 27 Oct 2024 00:52:04 GMT
content-type
application/json
x-guploader-uploadid
AHmUCY1npZUofOyEp6-MbPp6-BGN2kvkhQKvS_WWUtCW89CBt2T2GGQDHVh43K0K5SRkXp-48fc
cache-control
no-store
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1729990324708898
content-length
6227
server
UploadServer
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
piwik.js
piwik.incms.net/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://piwik.incms.net/piwik.js
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.203.10.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-10-32.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

Content-Encoding
gzip
ETag
"1042f-6137baaa1a3a8-gzip"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
21709
Keep-Alive
timeout=120, max=100
Date
Sat, 02 Nov 2024 08:05:27 GMT
Last-Modified
Tue, 12 Mar 2024 19:28:44 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
application/javascript
fan.php
www.facebook.com/plugins/ Frame E8DF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/fan.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd71d23bd96baa3a3%26domain%3Dwww.paulhaenni.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.paulhaenni.ch%252Ffdd556fb9390ca764%26relation%3Dparent.parent&connections=8&container_width=1058&locale=de_DE&profile_id=1948587322084340&sdk=joey&stream=false&width=1058
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=7fa2568f05fdd816f21a3a74a103d568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paulhaenni.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Nov 2024 08:05:27 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432590057088206816"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432590057088206816", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=10, mss=1297, tbw=2929, tp=-1, tpl=-1, uplat=207, ullat=0
x-fb-debug
BgYavYb1Rztz07nGLJbLb7FUkosl4TD+F6RQv2vkgRXh1hpDS836N1T6XhjhRq9pt8cb248ahqAZosA+DgPfcQ==
x-xss-protection
0
fonts.css
cdn.landbot.io/assets/fonts/Roboto/ Frame CC56 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.landbot.io/assets/fonts/Roboto/fonts.css
Requested by
Host: copycockpit.net
URL: https://copycockpit.net/landbot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:69f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
513d7933f4712c75b5862d346a4a46544df2d2adbec1339b64d4a5fd3e849ac3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=Eaacvg==, md5=V6xhO6+ZnB0veRw3ttfhZA==
etag
"57ac613baf999c1d2f791c37b6d7e164"
age
2019
cf-cache-status
HIT
x-content-type-options
nosniff
x-goog-stored-content-encoding
gzip
expires
Sat, 02 Nov 2024 08:31:48 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
787
date
Sat, 02 Nov 2024 08:05:27 GMT
content-type
text/css
last-modified
Tue, 10 Sep 2024 08:36:18 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY2eHr8WL2jmRpRcFCdVaSRvqGDwyIVVhLJ9IFiT63WS-zpVFQboc_XfDYPgntTvC83h5aI
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8dc29e9f6c6f1c11-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1725957378620311
content-length
787
server
cloudflare
54C5S90FXAJ1DYFH4RYBKAQ0JCRR6E94.png
storage.googleapis.com/media.landbot.io/297822/channels/ Frame CC56 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/media.landbot.io/297822/channels/54C5S90FXAJ1DYFH4RYBKAQ0JCRR6E94.png
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f27.1e100.net
Software
UploadServer /
Resource Hash
4be474ebfb74b9a06a8923bea698027bb22fde40c3955bed97b605a8eb8e383a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=OIFBWA==, md5=HCX0gXoFJmlz+oCDwkI4Mg==
etag
"1c25f4817a05266973fa8083c2423832"
age
0
x-goog-stored-content-encoding
identity
expires
Sat, 02 Nov 2024 09:05:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
149421
date
Sat, 02 Nov 2024 08:05:27 GMT
last-modified
Thu, 23 Nov 2023 07:44:35 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY3mRSsS_GER_5ofYKkKlpIfC2fdMSHstgv5J_BEdOrI7_DL-_bEDG_Dmb3axJAluoZ63xQe9HXKsw
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1700725475934175
content-length
149421
server
UploadServer
/
welcome.landbot.io/webchat/auth/H-1791325-LBLI9LCY8P8JGFR0/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://welcome.landbot.io/webchat/auth/H-1791325-LBLI9LCY8P8JGFR0/
Requested by
Host: copycockpit.net
URL: https://copycockpit.net/landbot.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.6.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50353e027ee3257b6826a651bc770a333ee1b841c18c7a947a989e87bbfd9f8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Referer
https://www.paulhaenni.ch/

Response headers

cf-cache-status
DYNAMIC
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 02 Nov 2024 08:05:27 GMT
content-type
application/json
priority
u=1,i
access-control-allow-headers
*
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer-when-downgrade
allow
GET, POST, HEAD, OPTIONS
cf-ray
8dc29ea09c70d268-FRA
access-control-allow-origin
*
content-length
1820
server
cloudflare
piwik.php
piwik.incms.net/ 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://piwik.incms.net/piwik.php?action_name=Paul%20H%C3%A4nni%20-%20Paul%20H%C3%A4nni&idsite=9660&rec=1&r=998805&h=9&m=5&s=27&url=https%3A%2F%2Fwww.paulhaenni.ch%2F&_id=9d8e5ec1eea490a8&_idn=1&send_image=0&_refts=0&pv_id=cXFM45&pf_net=295&pf_srv=223&pf_tfr=10&pf_dm1=1832&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: piwik.incms.net
URL: https://piwik.incms.net/piwik.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.203.10.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-10-32.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://www.paulhaenni.ch/

Response headers

Connection
Keep-Alive
Access-Control-Allow-Origin
https://www.paulhaenni.ch
Keep-Alive
timeout=120, max=99
Date
Sat, 02 Nov 2024 08:05:27 GMT
Server
Apache
Access-Control-Allow-Credentials
true
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
cdn.landbot.io/assets/fonts/Roboto/ Frame CC56 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.landbot.io/assets/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/assets/fonts/Roboto/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.6.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paulhaenni.ch
Referer
https://cdn.landbot.io/assets/fonts/Roboto/fonts.css

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding
gzip
x-goog-hash
crc32c=sLlR+Q==, md5=HMXtF0S6tTcHScJC4H/VOw==
etag
"1cc5ed1744bab5370749c242e07fd53b"
cf-cache-status
MISS
x-content-type-options
nosniff
x-goog-stored-content-encoding
gzip
expires
Sat, 02 Nov 2024 08:06:55 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
11051
server-timing
cfExtPri
date
Sat, 02 Nov 2024 08:05:28 GMT
content-type
font/woff2
last-modified
Tue, 10 Sep 2024 08:36:18 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-guploader-uploadid
AHmUCY20yKI00NvIZmNnE0YqD8s87wrl2uOZ4mcDGw8OxwPtv0juWLU8ut20CbinpGpNYLgAikk
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8dc29ea22d5fdbf2-FRA
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1725957378410386
content-length
11051
server
cloudflare
accounts:signInWithCustomToken
identitytoolkit.googleapis.com/v1/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o
Requested by
Host: copycockpit.net
URL: https://copycockpit.net/landbot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
23f6c9eeb7ab6c0665fad747e269cf640cdc7adf1afbbcdce41ed796f5d76224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Firebase-Client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTIgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEyIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC85LjIyLjIgZmlyZS1hdXRoLzAuMjMuMiBmaXJlLWF1dGgtZXNtMjAxNy8wLjIzLjIgZmlyZS1mc3QvMy4xMi4yIGZpcmUtZnN0LWVzbTIwMTcvMy4xMi4yIiwiZGF0ZXMiOlsiMjAyNC0xMS0wMiJdfV19
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-Client-Version
Chrome/JsCore/9.22.2/FirebaseCore-web
Content-Type
application/json
X-Firebase-gmpid
1:918494355153:web:d67e2dcbb1f0779f276ff0

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-expose-headers
date,vary,vary,vary,content-encoding,server,content-length
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.paulhaenni.ch
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
976
date
Sat, 02 Nov 2024 08:05:28 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
accounts:signInWithCustomToken
identitytoolkit.googleapis.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version,x-firebase-client,x-firebase-gmpid
Access-Control-Request-Method
POST
Origin
https://www.paulhaenni.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-client-version,x-firebase-client,x-firebase-gmpid
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.paulhaenni.ch
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 02 Nov 2024 08:05:28 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
accounts:lookup
identitytoolkit.googleapis.com/v1/ 		295 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o
Requested by
Host: copycockpit.net
URL: https://copycockpit.net/landbot.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
ESF /
Resource Hash
f0c4f41ed35ed918739de9c80a062a9d4288bd980053be1b601c1a4b0316f392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-Client-Version
Chrome/JsCore/9.22.2/FirebaseCore-web
Content-Type
application/json
X-Firebase-gmpid
1:918494355153:web:d67e2dcbb1f0779f276ff0

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-expose-headers
date,vary,vary,vary,content-encoding,server,content-length
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.paulhaenni.ch
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
227
date
Sat, 02 Nov 2024 08:05:28 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
accounts:lookup
identitytoolkit.googleapis.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version,x-firebase-gmpid
Access-Control-Request-Method
POST
Origin
https://www.paulhaenni.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-client-version,x-firebase-gmpid
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.paulhaenni.ch
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sat, 02 Nov 2024 08:05:28 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		54 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Ffirestore-helloumi%2Fdatabases%2F(default)&RID=49054&CVER=22&X-HTTP-Session-Id=gsessionid&zx=4wnmilcue6hu&t=1
Requested by
Host: copycockpit.net
URL: https://copycockpit.net/landbot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
831dcb15df1e7cd80036bde8036022988e6661ed5b51bfc02f2468e8cc1680d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
Referer
https://www.paulhaenni.ch/

Response headers

access-control-expose-headers
x-client-wire-protocol,x-http-session-id
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 08:05:29 GMT
content-type
text/plain; charset=utf-8
vary
origin
x-http-session-id
U2ZsHHZ3491xwc9TlNwzhLRn4tLVE_ULfmrs4Ymc814
x-frame-options
SAMEORIGIN
cache-control
private
access-control-allow-credentials
true
x-client-wire-protocol
h2
access-control-allow-origin
https://www.paulhaenni.ch
content-length
71
x-xss-protection
0
server
ESF
DL2IKS1LYIMOR1JBSAD4JGACVZUNGWX1.png
storage.googleapis.com/media.landbot.io/297822/channels/ Frame CC56 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/media.landbot.io/297822/channels/DL2IKS1LYIMOR1JBSAD4JGACVZUNGWX1.png
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f27.1e100.net
Software
UploadServer /
Resource Hash
9efc8b4de91a372771e4c23ba72bb97760af38ee28eef69a9463478ece36ad11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
x-goog-hash
crc32c=2wq9UQ==, md5=QefucLiQqsyQhVVca+lrAw==
etag
"41e7ee70b890aacc9085555c6be96b03"
age
0
x-goog-stored-content-encoding
identity
expires
Sat, 02 Nov 2024 09:05:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
77756
date
Sat, 02 Nov 2024 08:05:29 GMT
last-modified
Thu, 23 Nov 2023 07:45:01 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY3w8MSvH0W4yP7ip9rzsfa5JpAVltkEONFPWi0Z3yVrdKZOyCZ7laF5SZdTlsXBEfiqXwq1xsI31Q
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1700725501316277
content-length
77756
server
UploadServer
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		413 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=U2ZsHHZ3491xwc9TlNwzhLRn4tLVE_ULfmrs4Ymc814&VER=8&database=projects%2Ffirestore-helloumi%2Fdatabases%2F(default)&RID=rpc&SID=zHd-MmhitJwji4I1zDprDw&AID=0&CI=0&TYPE=xmlhttp&zx=476seh1a77l2&t=1
Requested by
Host: copycockpit.net
URL: https://copycockpit.net/landbot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

x-debug-tracking-id
17519008042506073777;o=0
cache-control
private, max-age=0
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.paulhaenni.ch
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 08:05:29 GMT
x-xss-protection
0
content-type
text/plain; charset=utf-8
vary
Referer, origin
server
ESF
x-frame-options
SAMEORIGIN
mod_pagespeed_beacon
www.paulhaenni.ch/ 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paulhaenni.ch/mod_pagespeed_beacon?url=https%3A%2F%2Fwww.paulhaenni.ch%2F
Requested by
Host: www.paulhaenni.ch
URL: https://www.paulhaenni.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-75.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.paulhaenni.ch/

Response headers

cache-control
max-age=0, no-cache, max-age=300
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
expires
Sat, 02 Nov 2024 08:10:31 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
csQscN78iaOrp5SzyCmXsDG_n6V_jGXWjot2zLDWuVXak2nus_ytrg==
date
Sat, 02 Nov 2024 08:05:31 GMT
x-amz-cf-pop
FRA60-P7
server
Apache
favicon.ico
www.paulhaenni.ch/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.paulhaenni.ch/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-75.fra60.r.cloudfront.net
Software
Apache /
Resource Hash
4a138aa69ba24ec5c757504be3edf312edef7b259dcd6485f2ab44cf266fda0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

cache-control
max-age=300
etag
"47e-56c3ce0808d18"
via
1.1 99a0678067c9afa5ffc6dde34b960d40.cloudfront.net (CloudFront)
expires
Sat, 02 Nov 2024 08:10:31 GMT
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
1150
x-amz-cf-id
5ArXU2lX3Z1D674VA-SJ2FQLB1ecZGAGV6gFGHJXicq_VNUoRK2TAA==
date
Sat, 02 Nov 2024 08:05:31 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 15 May 2018 11:26:43 GMT
server
Apache
x-amz-cf-pop
FRA60-P7
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		17 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=U2ZsHHZ3491xwc9TlNwzhLRn4tLVE_ULfmrs4Ymc814&VER=8&database=projects%2Ffirestore-helloumi%2Fdatabases%2F(default)&RID=rpc&SID=zHd-MmhitJwji4I1zDprDw&AID=3&CI=0&TYPE=xmlhttp&zx=epedzqm7egz9&t=1
Requested by
Host: copycockpit.net
URL: https://copycockpit.net/landbot.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paulhaenni.ch/

Response headers

cache-control
private, max-age=0
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.paulhaenni.ch
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 08:05:31 GMT
x-xss-protection
0
content-type
text/plain; charset=utf-8
vary
origin
server
ESF
x-frame-options
SAMEORIGIN
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 3B0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 -, , ASN (),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paulhaenni.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
948300
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 02 Nov 2024 08:05:32 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
159843
x-content-type-options
nosniff
x-request-id
6ad63d12-a07f-449b-8a45-6457ae35c5fa
x-served-by
cache-fra-etou8220076-FRA

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| pagespeed object| regeneratorRuntime object| FB object| __buffer object| Landbot string| copycockpitIncmsConfigUrl object| copycockpitIncmsCustomData object| myLandbot object| sessionHelper object| dpHelper object| noSpam object| dropdownmenu object| mobileMenu function| applySticky function| applyStickyHeader function| scrollAnchorMenu function| resizeContent object| charToAccentedCharClassMap object| mod_search function| $ function| jQuery object| Ext function| ES6Promise object| inCMS object| _paq object| jQuery11110711255822191164 object| webpackChunkStripeJSouter function| noop function| Stripe object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

11 Cookies

Domain/Path Name / Value
.f.copycockpit.com/events/3fa4dd3698704ce1e82a8d256d5fc41017f3097933e8e92ae608e7226cb31ccc Name: cee
Value: wy6tu0lejj%2BQJ6660o1ch7hoV8OxBTpEw%2BEtfTadae0%3D.%7B%7D
.paulhaenni.ch/ Name: _ga
Value: GA1.2.1838070644.1730534726
.paulhaenni.ch/ Name: _gid
Value: GA1.2.1208180318.1730534726
.paulhaenni.ch/ Name: _gat
Value: 1
.paulhaenni.ch/ Name: _fbp
Value: fb.1.1730534726217.864448539133698976
.landbot.io/ Name: __cf_bm
Value: h2pNlSepwO6pyoqmHNSLNOSufRqAbyepHLdeQnKnM4k-1730534726-1.0.1.1-ZIep_a29Mhx2K29.Ctx5PR3yHMDrA_frLoR78W6uDF.fk0qqg.7ksrtQNAtl5ntW9h6QLCZbrlng_zLTCF5Mtw
.youtube.com/ Name: YSC
Value: 146te3uVvOU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: kK75uBKJ_Fc
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgUQ%3D%3D
www.paulhaenni.ch/ Name: _pk_id.9660.50c0
Value: 9d8e5ec1eea490a8.1730534728.
www.paulhaenni.ch/ Name: _pk_ses.9660.50c0
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.landbot.io
connect.facebook.net
copycockpit.net
d22q34vfk0m707.cloudfront.net
d31wnqc8djrbnu.cloudfront.net
f.copycockpit.com
firestore.googleapis.com
identitytoolkit.googleapis.com
js.stripe.com
paulhaenni.ch
piwik.incms.net
storage.googleapis.com
welcome.landbot.io
www.facebook.com
www.google-analytics.com
www.paulhaenni.ch
www.youtube.com
108.138.24.148
13.224.189.84
142.250.184.202
151.101.0.176
151.101.192.176
157.240.253.1
172.217.16.138
172.217.23.123
172.67.6.159
18.203.10.32
2001:4860:4802:38::178
2600:9000:223e:6800:3:d38e:b280:21
2606:4700:10::ac43:69f
2606:4700:3031::ac43:d1b4
2a00:1450:4001:801::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:830::200a
2a00:1450:4001:831::201b
2a03:2880:f176:181:face:b00c:0:25de
3.160.150.75
54.228.141.200
175f7a6f4c611ea2b8dce99c2d78e32f6b3490ee596a9576127a4ac1529dcfca
1916a6c4a50ef889b115d41e16cdf31c43a53f31ee36d2c4d9b13ea5bf9104d3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23f6c9eeb7ab6c0665fad747e269cf640cdc7adf1afbbcdce41ed796f5d76224
260d5005f744f0337c39f1e6df442c792e084b1524e797ca8fe67bd5980c4cb8
2e7abbfc69b26f70ad9c29f9c075e0d5d4338fa6c707bd7b9ee76bd21fa42304
393fc504670d41a999bb187f08bf6afcfd7b75025b629f5e51444fbccccd5e86
3ffcb93533091a22604512e2ff5812257fd8dc0d16fe83ea3b977e08dfdc7ae3
4a138aa69ba24ec5c757504be3edf312edef7b259dcd6485f2ab44cf266fda0f
4be474ebfb74b9a06a8923bea698027bb22fde40c3955bed97b605a8eb8e383a
50353e027ee3257b6826a651bc770a333ee1b841c18c7a947a989e87bbfd9f8d
513d7933f4712c75b5862d346a4a46544df2d2adbec1339b64d4a5fd3e849ac3
6fee568ee1e985a28351734213271ab3c518744bb3819af52246e1b7d15b7372
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
82fa505008f86ae474b7ae5f1953060e71234f299492647827734bf5e99ba77d
831dcb15df1e7cd80036bde8036022988e6661ed5b51bfc02f2468e8cc1680d4
85e6b1a82909a84b12ab8f06ac8396ef811fab4ecc45f0a45c2aeee34038c173
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
9788f42e28c41922e8bd6bc78ffdcf9747f11edd1ac1a02614c20e9300efa313
9efc8b4de91a372771e4c23ba72bb97760af38ee28eef69a9463478ece36ad11
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
acb274f9b92303c4c0b6e95ef8056b9008f3452fad9a506e8dd964ab04c4c0e4
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
c341cbcb569df8a6e02a6fc8e2eb78838f8314cd90755b66772d76c31ec4f7cb
c9728729e791ce90e52d9cd76e43fc3cbf280f31e216f9c6201e09b3b7a00103
db22768d8a89c868940cf8c90e87e47ceaf01e4da1aa25841265b0ba3e916640
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0c4f41ed35ed918739de9c80a062a9d4288bd980053be1b601c1a4b0316f392
ff8f6680c08c2c145590477c5ab5682dccf3bbae73faeb592804392487addde0