urlscan.io logo urlscan.io
SecurityTrails logo

secure.meriq.com Open in urlscan Pro
3.124.47.78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://secure.meriq.com/winterthur/register.asp?language=de
Effective URL: https://secure.meriq.com/winterthur/register.asp?language=de
Submission: On June 04 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 38 HTTP transactions. The main IP is 3.124.47.78, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is secure.meriq.com. The Cisco Umbrella rank of the primary domain is 557779.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 1st 2023. Valid for: a year.
This is the only time secure.meriq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 3.124.47.78 16509 (AMAZON-02)
18 2a00:1450:400... 15169 (GOOGLE)
3 104.17.25.14 13335 (CLOUDFLAR...)
1 104.18.10.207 13335 (CLOUDFLAR...)
38 4
Apex Domain
Subdomains		 Transfer
18 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 613
fonts.googleapis.com — Cisco Umbrella Rank: 101
114 KB
16 meriq.com
secure.meriq.com — Cisco Umbrella Rank: 557779
620 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 341
94 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1612
12 KB
38 4
Domain Requested by
16 secure.meriq.com secure.meriq.com
15 fonts.googleapis.com secure.meriq.com
3 cdnjs.cloudflare.com secure.meriq.com
cdnjs.cloudflare.com
3 ajax.googleapis.com secure.meriq.com
1 maxcdn.bootstrapcdn.com secure.meriq.com
38 5

This site contains links to these domains. Also see Links.

Domain
www.bluecinema.ch
www.google.com
Subject Issuer Validity Valid
*.meriq.com
Amazon RSA 2048 M02		 2023-08-01 -
2024-08-29		 a year crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://secure.meriq.com/winterthur/register.asp?language=de
Frame ID: B0FC2E202715EBA8BBC62A85C6EEB38B
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Deine Angaben

Page URL History Show full URLs

  1. http://secure.meriq.com/winterthur/register.asp?language=de HTTP 307
    https://secure.meriq.com/winterthur/register.asp?language=de Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

38
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

840 kB
Transfer

1223 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secure.meriq.com/winterthur/register.asp?language=de HTTP 307
    https://secure.meriq.com/winterthur/register.asp?language=de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request register.asp
secure.meriq.com/winterthur/
Redirect Chain
  • http://secure.meriq.com/winterthur/register.asp?language=de
  • https://secure.meriq.com/winterthur/register.asp?language=de
19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bf5be1f42cbd76886a58337b144e5c194749a1a4c7dd8b95fd5b02c3870e1686

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control
private
content-length
19760
content-type
text/html
date
Tue, 04 Jun 2024 14:08:14 GMT
expires
Mon, 03 Jun 2024 14:08:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

Location
https://secure.meriq.com/winterthur/register.asp?language=de
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
secure.meriq.com/winterthur/css/ 		126 KB
126 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/winterthur/css/bootstrap.min.css
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
22c79f29509c314960a5742020c46ca9b22a0ba68fd79dc99326f14daed6efff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
last-modified
Wed, 09 Mar 2016 15:04:50 GMT
server
Microsoft-IIS/10.0
etag
"8f591c7157ad11:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
129027
1-col-portfolio.css
secure.meriq.com/winterthur/css/ 		385 B
560 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/winterthur/css/1-col-portfolio.css
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
beaab24c83f84f56afba5a97c15c9acce7f52b8d4ac3c97279138918d951f09d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
last-modified
Thu, 10 Mar 2016 10:19:53 GMT
server
Microsoft-IIS/10.0
etag
"a1a6ef62b67ad11:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
385
meriq.css
secure.meriq.com/winterthur/css/ 		30 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/winterthur/css/meriq.css?now=2024-06-04%2016:08:14
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d940a6765a2a47b4e9364433e9aad11071ebd55a235a2ac6fc78b94c66a405c2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
last-modified
Thu, 27 Jul 2023 11:52:27 GMT
server
Microsoft-IIS/10.0
etag
"26d78d080c0d91:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
30833
vector.css
secure.meriq.com/vector/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/vector/css/vector.css
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e48bf04f7f2b0767be34549ad2a39043c659fa0cb05cf0dbcfc33efcb83367c9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2010 13:31:08 GMT
server
Microsoft-IIS/10.0
etag
"0b631b18e1cb1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
906
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 01:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 01:39:10 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/themes/smoothness/jquery-ui.css
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 21:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8060
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Jun 2025 21:05:50 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 		235 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 01 Jun 2024 14:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64481
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Jun 2025 14:26:39 GMT
css2
fonts.googleapis.com/ 		2 KB
642 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bddb1d00c98a3623bd08ecdd521a4324328b4fd5d3700b6ddd1f0f66d6ebeb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 13:54:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		402 B
380 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abel&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06173c7a47216b2032a5caff35acf38ac5b8b6d1499e757c70c1b4695bca79d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 13:36:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		1 KB
553 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=PT+Sans&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b096f186d91b7557ed9e427cc811517095122a29f714bcc902d22580159d2a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 14:01:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Heebo&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11a3d38935d6c1d38af5b1bd9eef5dab1ecced32d43b20377348458b24f705f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 14:08:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		427 B
398 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Luckiest+Guy&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dea92c7f6ca1d2af47370e64d431bca2f93712d3b74adc1460dcd8598a87ef9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 12:57:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		781 B
459 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 13:23:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		412 B
388 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Monoton&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8710f99d487e4761bbd52d0b0a7258650cdcc0f13f31b47cdd3d1ff7207dbf5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 14:00:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		857 B
486 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Petit+Formal+Script&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a7aee0d95fe0a9d8358382dee3c11a47d8f06f38f923eeeda3c0696bf5fe96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 14:08:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
286b689e6def6e4f0e84c5ab255bc8798d1b393378dbfd3fcd8ac1130fe346af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 12:20:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		1 KB
527 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bungee+Inline&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67cac6ec7e9341a2c337fa847beb04fb7de36858f5fc2958eb7f3e1c2c836a4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 14:08:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12eebba255ce6f856459cab6b183b507be0417a322f46faf7dd71b3c4b0eec27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 13:13:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		2 KB
673 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Alegreya+Sans&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2721d9384e08735d1b89a686ec0c1e3b3f0dbb69f50925e32ded05e24f72a030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 14:08:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		2 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ffe0a411dd1edeba11b4d6aceaa104c20470cbf12b397531ed31f9fa5c5f7bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 13:08:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
css2
fonts.googleapis.com/ 		1 KB
597 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Fjalla+One&display=swap
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f13234dabd5e0c1168d32682fd179b8e279d1f4a660afd642406d4ffd80bf772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 12:41:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
403928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHqrXSTdc%2BjBMVm18K6WnHeRCvVA3yVjwAltwN0jbLVa1I7Iv02Ig%2FatlhYganRmyV%2F%2F7iuRcjH0AJB4JOxUu2eMcCbAqKDY3MACrSBPB23sbgkt%2FRy9vUrcmdy4Mya8faGonYHa"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88e87e6c2c1fbb29-MXP
expires
Sun, 25 May 2025 14:08:14 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Origin
https://secure.meriq.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
496598
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10482
last-modified
Sat, 06 Jan 2024 21:52:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6599bda5-28f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4NqwNmMy5AUEQosSVPcn%2Fn9SnnzXXmrk%2FwdGDpGH%2FlI1ZM%2BlGFh5rNhSc69VeLeQ6lHX6zEuh7Z0W9%2FxMFoGXWGSKPGB%2FbA93HA5sK20ztABLvNplKCleZLOuQXuEUtB6zVcnmRa"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88e87e6c29b6baa3-MXP
expires
Sun, 25 May 2025 14:08:14 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
864
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5337148
cdn-cachedat
10/31/2023 19:01:52
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"4becdc9104623e891fbb9d38bba01be4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f583464d877c7caa4408787a75be772c
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
88e87e6c29fe0e75-MXP
cdn-requestpullsuccess
True
reservation_local_storage.js
secure.meriq.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/js/reservation_local_storage.js?v=549907694
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6d48bc0ee9ea38e49d76282b6fa9342be13396fe6c33aa0f84e3caa7f463058b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
last-modified
Wed, 17 Apr 2024 06:49:01 GMT
server
Microsoft-IIS/10.0
etag
"806c50549390da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1373
script_lanes.js
secure.meriq.com/winterthur/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/winterthur/js/script_lanes.js
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7fa58d86ee2b3600d48d2fab386df24a46e4b310828e9a68a1cda367c7d6dc5c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
last-modified
Tue, 31 May 2011 19:14:36 GMT
server
Microsoft-IIS/10.0
etag
"8a634fbc61fcc1:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
8963
md5.js
secure.meriq.com/winterthur/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/winterthur/js/md5.js
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dc0df8d67a1cd007a197171d3c5594dbc0635e47e18c67ba3487ce90f183e474

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
last-modified
Mon, 18 Sep 2006 09:16:21 GMT
server
Microsoft-IIS/10.0
etag
"4a3b2c1b3dbc61:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
8827
payment.js
secure.meriq.com/winterthur/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/winterthur/js/payment.js
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6646404416504c9aeaa7bbdba220cd394cb2fe90d8d878d91bdb80c055033408

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
last-modified
Mon, 11 Jun 2012 14:28:50 GMT
server
Microsoft-IIS/10.0
etag
"1693785de47cd1:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
8111
navigate.js
secure.meriq.com/winterthur/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/winterthur/js/navigate.js?Now=2024-06-04%2016:08:14
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c829eda21876bfed7c710f12b25908e58906ff23105e2cf4a89b8c24b94ddfe8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
last-modified
Wed, 09 Mar 2016 13:43:28 GMT
server
Microsoft-IIS/10.0
etag
"d3264a997ad11:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
2515
packages.js
secure.meriq.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/js/packages.js?Now=2024-06-04%2016:08:14
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
08b1143f9d2c3892e19a456a225c16fcccafef0ddd1f26910d8628362ec5105e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
last-modified
Wed, 13 Mar 2013 10:12:04 GMT
server
Microsoft-IIS/10.0
etag
"0f2b535d31fce1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1427
SC_blueCinema_neg.png
secure.meriq.com/winterthur/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.meriq.com/winterthur/images/SC_blueCinema_neg.png
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29d719494a4ad6b79fe798a9230c2e78c34ed12c39d0b48b07a514b147547246

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
last-modified
Fri, 14 Aug 2020 12:30:12 GMT
server
Microsoft-IIS/10.0
etag
"0a29ea73672d61:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
45458
css
fonts.googleapis.com/ 		2 KB
513 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cedbb3ef3425527e2f76c6627db41133543a55553a61089509f4ebb830736e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 14:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 14:03:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Jun 2024 14:08:14 GMT
bowlingWI2.jpg
secure.meriq.com/winterthur/images/ 		257 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.meriq.com/winterthur/images/bowlingWI2.jpg
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/register.asp?language=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8d9b8bb0cb7c68f6ddf08c4832157f8e4435dcea2efcd8b5d7f1c589bfc11258

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
last-modified
Mon, 18 Sep 2023 10:50:13 GMT
server
Microsoft-IIS/10.0
etag
"e931f0e61dead91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
263219
TheSansB_500_.woff
secure.meriq.com/winterthur/fonts/ 		89 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/winterthur/fonts/TheSansB_500_.woff
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/css/meriq.css?now=2024-06-04%2016:08:14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d3a83e8cb4e62928d12e36cc4fd4b9c779f76bbebbcc8cef5ece9e515abb2c6e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/css/meriq.css?now=2024-06-04%2016:08:14
Origin
https://secure.meriq.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
last-modified
Thu, 23 Jul 2020 07:23:56 GMT
server
Microsoft-IIS/10.0
etag
"0e9539c260d61:0"
x-powered-by
ASP.NET
content-type
font/x-woff
accept-ranges
bytes
content-length
91099
glyphicons-halflings-regular.woff2
secure.meriq.com/winterthur/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/winterthur/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: secure.meriq.com
URL: https://secure.meriq.com/winterthur/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/css/bootstrap.min.css
Origin
https://secure.meriq.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
last-modified
Tue, 07 Jul 2015 10:57:43 GMT
server
Microsoft-IIS/10.0
etag
"8af0eebfa3b8d01:0"
x-powered-by
ASP.NET
content-type
application/font-woff2
accept-ranges
bytes
content-length
18028
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://secure.meriq.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
559335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78196
last-modified
Sat, 06 Jan 2024 21:53:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6599bdc3-13174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LmHbibfQhu4sdWwAI7IFZqC8kI6lcm2vYz64X86Dg1sooElsLwdgJ0DVq4t4hTh0vrQguaUxXvw6HCxU6X%2BKfO9mRRyjeFsAVB0Q2lysd90t2FC8pnxAhyTld%2BLISZMuv6aW9l3h"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88e87e6d1b3fbaa3-MXP
expires
Sun, 25 May 2025 14:08:14 GMT
cinedome_favicon.png
secure.meriq.com/winterthur/images/ 		947 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://secure.meriq.com/winterthur/images/cinedome_favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.47.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-47-78.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
77ceb20852b1e9e23912d46c1f28eb3e5993d8fcd5bfb35976d7dd95c7daef76

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://secure.meriq.com/winterthur/register.asp?language=de
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:08:14 GMT
last-modified
Thu, 04 May 2023 11:41:41 GMT
server
Microsoft-IIS/10.0
etag
"d926c7647d7ed91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
947

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery111305464601174316892 boolean| localStorageInitialized object| mrqFieldKeys object| mrqCheckboxKeys object| mrqRadioBoxKeys function| InitializeLocalStorage function| getLocalValue function| setLocalValue function| deleteLocalValue function| setMrqStorage function| addRememberedInfo function| addRememberedInfoNew function| fieldExists function| fieldExistsByName number| alleyLaneCount number| alleyID string| nocache number| usePath number| showDays number| todayDate number| selectedDate string| alleyPhone number| minimumMinutes number| laneLimit number| laneHourLimit string| useURLPath string| maxplayersperlane string| useLanguage string| alertLaneSelectionError1 string| alertLaneSelectionError2 string| alertLaneSelectionError3 string| alertLaneSelectionError4 string| alertLaneSelectionError5 string| alertLaneSelectionError6 string| alertLaneSelectionError7 string| alertLaneSelectionError8 string| alertLaneSelectionError9 string| alertLaneSelectionError10 string| alertLaneSelectionError11 string| alertLaneSelectionError20a string| alertLaneSelectionError20b string| alertLaneSelectionError20c string| chooseTextLabel string| nameOfHour string| nameOfHours function| ClearDropDown function| SetLengthOptions function| TranslateLength function| GoLaneStatus function| QueryLaneStatus function| selectTime function| selectLanes function| selectPart function| TransferFromParent function| SetDropdownValue number| hexcase string| b64pad number| chrsz function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 string| alertSpecifyPaymentMethod string| alertSpecifyValidCardNumber string| alertSpecifyCVV function| GoExpressCheckout function| GoNormalCheckout function| ChoosePayment function| SelectPaymentMethod function| ValidateCVV2 function| ValidateCard function| returnOnlyNumbers function| CheckFullForm function| CheckForm function| HelpCVV2 function| CopyCard function| checkEmail function| ChoosePath function| ChooseWaitingList function| GoLink function| FocusMe function| BlurMe string| alertPleaseSpecifyNumberOfGuests string| alertTooFewGuests string| textGuestOfHonor string| textAge string| textGender number| minimumNumberOfGuests function| FormatNumber function| ContinueWithoutPackage function| ChooseOpenPlay function| ChoosePackage function| TransferPackagesFromParent boolean| debugmode function| Validate function| validateEmail function| ReturnOnlyNumbers function| ValidateBirthdate object| local

1 Cookies

Domain/Path Name / Value
secure.meriq.com/ Name: ASPSESSIONIDCQARSRSB
Value: EFFKJKIDIOONOMNBFEKFIMBC

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
secure.meriq.com
104.17.25.14
104.18.10.207
2a00:1450:4001:81c::200a
3.124.47.78
06173c7a47216b2032a5caff35acf38ac5b8b6d1499e757c70c1b4695bca79d7
08b1143f9d2c3892e19a456a225c16fcccafef0ddd1f26910d8628362ec5105e
11a3d38935d6c1d38af5b1bd9eef5dab1ecced32d43b20377348458b24f705f1
12eebba255ce6f856459cab6b183b507be0417a322f46faf7dd71b3c4b0eec27
171ad06d195b0098c704a465fef9e726222a369c1dc39873a7a57ab6e0d74c9d
1b096f186d91b7557ed9e427cc811517095122a29f714bcc902d22580159d2a1
22c79f29509c314960a5742020c46ca9b22a0ba68fd79dc99326f14daed6efff
2721d9384e08735d1b89a686ec0c1e3b3f0dbb69f50925e32ded05e24f72a030
286b689e6def6e4f0e84c5ab255bc8798d1b393378dbfd3fcd8ac1130fe346af
29d719494a4ad6b79fe798a9230c2e78c34ed12c39d0b48b07a514b147547246
2cedbb3ef3425527e2f76c6627db41133543a55553a61089509f4ebb830736e4
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4a7aee0d95fe0a9d8358382dee3c11a47d8f06f38f923eeeda3c0696bf5fe96f
4ffe0a411dd1edeba11b4d6aceaa104c20470cbf12b397531ed31f9fa5c5f7bf
5bddb1d00c98a3623bd08ecdd521a4324328b4fd5d3700b6ddd1f0f66d6ebeb4
6646404416504c9aeaa7bbdba220cd394cb2fe90d8d878d91bdb80c055033408
67cac6ec7e9341a2c337fa847beb04fb7de36858f5fc2958eb7f3e1c2c836a4f
6d48bc0ee9ea38e49d76282b6fa9342be13396fe6c33aa0f84e3caa7f463058b
77ceb20852b1e9e23912d46c1f28eb3e5993d8fcd5bfb35976d7dd95c7daef76
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
7fa58d86ee2b3600d48d2fab386df24a46e4b310828e9a68a1cda367c7d6dc5c
8710f99d487e4761bbd52d0b0a7258650cdcc0f13f31b47cdd3d1ff7207dbf5e
8d9b8bb0cb7c68f6ddf08c4832157f8e4435dcea2efcd8b5d7f1c589bfc11258
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
beaab24c83f84f56afba5a97c15c9acce7f52b8d4ac3c97279138918d951f09d
bf5be1f42cbd76886a58337b144e5c194749a1a4c7dd8b95fd5b02c3870e1686
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c829eda21876bfed7c710f12b25908e58906ff23105e2cf4a89b8c24b94ddfe8
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d3a83e8cb4e62928d12e36cc4fd4b9c779f76bbebbcc8cef5ece9e515abb2c6e
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d940a6765a2a47b4e9364433e9aad11071ebd55a235a2ac6fc78b94c66a405c2
dc0df8d67a1cd007a197171d3c5594dbc0635e47e18c67ba3487ce90f183e474
dea92c7f6ca1d2af47370e64d431bca2f93712d3b74adc1460dcd8598a87ef9b
e48bf04f7f2b0767be34549ad2a39043c659fa0cb05cf0dbcfc33efcb83367c9
f13234dabd5e0c1168d32682fd179b8e279d1f4a660afd642406d4ffd80bf772
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c