hr-web.ch Open in urlscan Pro
2607:5300:202::51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hr-web.ch/
Effective URL:
https://hr-web.ch/
Submission Tags: threatview.io malwar3ninja rule: suspicious named domain automated-submission Search All
Submission: On August 27 via api (August 27th 2024, 2:34:00 am UTC) from US — Scanned from CH

Summary HTTP 43 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 43 HTTP transactions. The main IP is 2607:5300:202::51, located in Canada and belongs to OVH, FR. The main domain is hr-web.ch.
TLS certificate: Issued by R11 on August 26th 2024. Valid for: 3 months.

This is the only time hr-web.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2607:5300:202... 2607:5300:202::51	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	172.64.153.29 172.64.153.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.232.39 52.222.232.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
4	2600:9000:235... 2600:9000:235a:d800:11:3b84:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
43	12

8 2607:5300:202::51 (Canada)

ASN16276 (OVH, FR)

hr-web.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.64.153.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn.prod.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-39.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:235a:d800:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	website-files.com cdn.prod.website-files.com — Cisco Umbrella Rank: 11800 assets.website-files.com — Cisco Umbrella Rank: 22240	667 KB
8	hr-web.ch hr-web.ch	146 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 ajax.googleapis.com — Cisco Umbrella Rank: 641	8 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
2	gstatic.com fonts.gstatic.com	66 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	31 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950	12 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	2 KB
43	9

	Domain	Requested by
19	cdn.prod.website-files.com	hr-web.ch cdn.prod.website-files.com
8	hr-web.ch	hr-web.ch
4	assets.website-files.com	cdn.prod.website-files.com
2	www.facebook.com	hr-web.ch
2	connect.facebook.net	hr-web.ch connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	hr-web.ch ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	hr-web.ch
1	use.fontawesome.com	hr-web.ch
1	cdn.jsdelivr.net	hr-web.ch
1	ajax.googleapis.com	hr-web.ch
43	11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.craftly.ai
vape-project.webflow.io
stiddle-marketing.webflow.io
thenxt-podcasts.webflow.io

Subject Issuer	Validity	Valid
hr-web.ch R11	`2024-08-26` - `2024-11-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
prod.website-files.com WE1	`2024-08-23` - `2024-11-21`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-05` - `2024-09-03`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M02	`2024-08-10` - `2025-09-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://hr-web.ch/
Frame ID: 7A805F5117D9EB4477BFBC785544EC8C
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HR Webentwicklung

Page URL History Show full URLs

http://hr-web.ch/ HTTP 307
https://hr-web.ch/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

43
Requests

100 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

1011 kB
Transfer

9765 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/hr.webentwicklung/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hr_webentwicklung
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.craftly.ai/
Title: Craftly KI Copyright Tool

Search URL Search Domain Scan URL

URL: https://vape-project.webflow.io/
Title: Varz Vape Vape Geschäft

Search URL Search Domain Scan URL

URL: https://stiddle-marketing.webflow.io/
Title: Stiddle Data Marketing

Search URL Search Domain Scan URL

URL: https://thenxt-podcasts.webflow.io/
Title: The NXT Technologie-Tools für CEOs

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hr_webentwicklung/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hr-web.ch/ HTTP 307
https://hr-web.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hr-web.ch/
Redirect Chain

http://hr-web.ch/
https://hr-web.ch/

85 KB
11 KB

374ms
120ms

Document
text/html

2607:5300:202::51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hr-web.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:5300:202::51 , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 2159d8dec00193cb6f7ca228c20976f09befe10aaac6b23a9cadc897295a7987

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 11600
content-type: text/html
date: Tue, 27 Aug 2024 02:33:55 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Location: https://hr-web.ch/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 404 bootstrap.min.css
hr-web.ch/vendor/bootstrap/css/ 0
0 118ms
116ms Stylesheet
text/html 2607:5300:202::51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hr-web.ch/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:5300:202::51 , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:55 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 107ms
40ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap

Requested by

Host: hr-web.ch
URL: https://hr-web.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9a0b2a5b4fee4e6e2f74e8131619545972b864657c524d16a52f2618a429eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Aug 2024 02:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Aug 2024 01:31:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Aug 2024 02:33:55 GMT

GET
H2 200 modal.css
hr-web.ch/assets/ 4 KB
1 KB 120ms
118ms Stylesheet
text/css 2607:5300:202::51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hr-web.ch/assets/modal.css
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:5300:202::51 , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 81dae163143a77d235a1ee1fe4263af0f58f41a32f5b703073d46f400e2b0a24

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:55 GMT
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 13:58:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 1126
expires: Tue, 27 Aug 2024 02:48:55 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 97ms
29ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: hr-web.ch
URL: https://hr-web.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:10:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Aug 2025 13:10:21 GMT

GET
H2 200 email.min.js Show response
cdn.jsdelivr.net/npm/@emailjs/browser@4/dist/ 4 KB
2 KB 99ms
36ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@emailjs/browser@4/dist/email.min.js

Requested by

Host: hr-web.ch
URL: https://hr-web.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

052f6916a21ba5be140366439e81b84ad11363c84dfba2a06f208c7b4a6f6d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 30033
x-jsd-version: 4.4.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1469
x-served-by: cache-fra-eddf8230028-FRA, cache-lga21929-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"f65-QgTrEmUi+vs8zc3Zl23FlAXhF9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FIp%2F49xDNWyGRjRIuNPVFBKsARX86dipJXWt59nMaZddQi2kI9c8a61Da3AWKHFKHf2kfJI2ikFBsgODfsFKTo%2B%2FC4zyp%2FpCq3kDIl0XtWzUSuvJ39W%2Bjkn%2B60lD8E%2BOu%2BwBM%2FLAlPiLuC3lvY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b98a8dbfbe1d288-FRA

GET
H3 200 rsacreativestudio.ea9b695f5.min.css
cdn.prod.website-files.com/654a2780b046720fadc8d131/css/ 97 KB
21 KB 75ms
36ms Stylesheet
text/css 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/css/rsacreativestudio.ea9b695f5.min.css
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc9e1669e3fd094a1d8bba36ce7705f97b8a7fa8ed0b26f3385dcc8a8d21b4bd

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:55 GMT
content-encoding: gzip
x-amz-version-id: hXC2.6px_zyFJHxSov5IJ98YgfUiWMys
cf-cache-status: HIT
x-amz-request-id: BN68F9NW64MF57F1
age: 837231
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 21028
x-amz-id-2: P0Jz5RhIicw7WK4fdxhYK/qO6MU6FFgGjW1xuU6Ym3UhXxzwUH/7Yfs6vjvIzsrgsezOzxnjB6nvpya1hSQDyLGkHf7WYsrj4pkwi0ST6VY=
last-modified: Mon, 22 Jul 2024 21:25:03 GMT
server: cloudflare
etag: "1f32b9b46cff27508b773d551b589ab7"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8b98a8dbd969be90-ZRH

GET
H2 200 rsacreativestudio.ea9b695f5.min.css
hr-web.ch/assets/ 25 B
202 B 119ms
117ms Stylesheet
text/css 2607:5300:202::51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hr-web.ch/assets/rsacreativestudio.ea9b695f5.min.css
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:5300:202::51 , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: c28ba9eff35255451bade44a40863c2340cc547951f9ccad12bb1d94ee1aaa72

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:55 GMT
last-modified: Fri, 09 Aug 2024 13:58:05 GMT
server: Apache
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 25
expires: Tue, 27 Aug 2024 02:48:55 GMT

GET
H2 200 fonts.css
hr-web.ch/assets/ 32 KB
1 KB 119ms
118ms Stylesheet
text/css 2607:5300:202::51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hr-web.ch/assets/fonts.css
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:5300:202::51 , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: f01cdf86b2182ac02e50fda5ba1ddabb2f1db5cda519f26a329c7462f197d7a0

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:55 GMT
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 13:58:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=900
accept-ranges: bytes
content-length: 1011
expires: Tue, 27 Aug 2024 02:48:55 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
12 KB 246ms
175ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer: https://hr-web.ch/
Origin: https://hr-web.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lK7W6BVCzsLA7dTAQiCWYwfgsixaEmBofyTG2ohbQCdj%2BkYHUYP6QpsL0GbyYQFlKIk1hPjG%2BnjC0izGVk0dOrUvsOdinEUF17QgWgQ9gPQK6iOy6niCEPdQTZigNJ8cibEytBKRbHh36JKCJ2c29eLX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8b98a8dc0fcd2c6f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
31 KB 113ms
34ms Script
application/javascript 52.222.232.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=654a2780b046720fadc8d131
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://hr-web.ch/
Origin: https://hr-web.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:01:34 GMT
content-encoding: gzip
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
age: 2219
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: x3GRsAu5vdTfr52pfzp9b9Ns0QQe9yBsLAVJV3xuzER-N7ZXIgRQvA==

GET
H3 200 rsacreativestudio.32bd8d546.js Show response
cdn.prod.website-files.com/654a2780b046720fadc8d131/js/ 827 KB
191 KB 34ms
34ms Script
text/javascript 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/js/rsacreativestudio.32bd8d546.js
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b37a75fb0ce0c48d4381d74f0ec59e936136ca42cd4157966a88b2bfbc19cb1b

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:55 GMT
content-encoding: gzip
x-amz-version-id: kXlUf3g.BjmsEuxPy4B8_as.LbISoC4c
cf-cache-status: HIT
x-amz-request-id: BE2B5W46077N7T2H
age: 1858161
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 195444
x-amz-id-2: xXe37APb/eZx4N6vff4MvAE49A38YexJN1RmxuZK0PaopJ+QnyjF4lBn47RJTZrKLVJV1H1t7Fc=
last-modified: Mon, 22 Jul 2024 21:25:03 GMT
server: cloudflare
etag: "f344e020a4d19da50ea24e7a6b52228b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8b98a8dc297dbe90-ZRH

GET
H2 200 modal.js Show response
hr-web.ch/assets/ 5 KB
2 KB 116ms
116ms Script
application/javascript 2607:5300:202::51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hr-web.ch/assets/modal.js
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:5300:202::51 , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 09fc736247880a9075fa70b59a69cfe5c5d2a3a2ecd083f2091862776598a6cd

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:55 GMT
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 13:58:04 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 1623
expires: Tue, 27 Aug 2024 02:48:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 30 KB
1 KB 40ms
38ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

468b3e9ad7eb860239ed3e6eba32e2e0ff79ee9c2bbf132f18a4d9c0809716e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Aug 2024 02:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Aug 2024 01:31:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Aug 2024 02:33:55 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 97ms
30ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hr-web.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 13:58:44 GMT
x-content-type-options: nosniff
age: 563712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 13:58:44 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 33 KB
34 KB 132ms
65ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hr-web.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 07:38:32 GMT
x-content-type-options: nosniff
age: 68124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Aug 2025 07:38:32 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 73ms
34ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hr-web.ch
URL: https://hr-web.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Aug 2024 02:33:56 GMT
document-policy: force-load-at-top
x-fb-server-load: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4292, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: YXiSEv46OLNp/MMjz1v/194qbAq+akjb/toZKAnA5zwLZoqbaLrjnidqreiVQUV4KLeeQmLbjvf8ui8XrChdFw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 6692e3d866d76f0ce1360bf6_RSA%20Creative%20Studio%20Portfolio%20Banner.webp
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 171 KB
172 KB 36ms
36ms Image
image/webp 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/6692e3d866d76f0ce1360bf6_RSA%20Creative%20Studio%20Portfolio%20Banner.webp
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/css/rsacreativestudio.ea9b695f5.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b81685c57adf001c7703cf9559ec689016bc6e2c1f9d7d2786136a6d7b06d3

Request headers

Referer: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/css/rsacreativestudio.ea9b695f5.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: 3Ar_0isu9WDds22fxqazZI0wGboGIiS0
cf-cache-status: HIT
x-amz-request-id: T221N4NXMQ20SV26
age: 28810
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 175394
x-amz-id-2: FCxoJ6M1e615th0lHtZM9BgbZvQPQmHf+noNNC2tZVs1r8wEDwhGyQMqOEqSa3OPh4TT9N5FAK4=
last-modified: Sat, 13 Jul 2024 20:30:34 GMT
server: cloudflare
etag: "6c0b18e1e625e250ad4619e44d9cab0f"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
cf-ray: 8b98a8dd69b2be90-ZRH

GET
H3 200 6582b41ec49783bcdc6c4f81_2-poster-00001.jpg
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 15 KB
15 KB 162ms
162ms Image
image/jpeg 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/6582b41ec49783bcdc6c4f81_2-poster-00001.jpg
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72ea9b9db8346f15ed36cb37ee775378af97f5c3eeff925fbacd9fe0bf4cde

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: ZAp_Qu_v8fpVpNdVN9ZxX3_qgbMR2JyH
cf-cache-status: REVALIDATED
x-amz-request-id: KRS92EBHFPKXQZWP
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 14964
x-amz-id-2: kJYwf8RRQlF/vRoFEiFRxyY0mCnnz492Yr2m1Uvo++FGTGo42+DbHEkr4r+CjcX0jkRRGhSW95s=
cf-bgj: h2pri
last-modified: Tue, 09 Jan 2024 14:48:40 GMT
server: cloudflare
etag: "9f9659ca542fb3d00596c93ac6cfbea2"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b98a8dd69b3be90-ZRH

GET
H3 200 662cc3ef6408cf2a4b4ec877_nxt%20website-poster-00001.jpg
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 36 KB
37 KB 445ms
445ms Image
image/jpeg 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/662cc3ef6408cf2a4b4ec877_nxt%20website-poster-00001.jpg
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3b271d6007309a03a735a504e52d5db3b8466a1bdbc727734d5d3e5316b09ac

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: C8qXCmOSbttynP8C4MMJo5tGFYMza9Ez
cf-cache-status: REVALIDATED
x-amz-request-id: GE3SNXPF66EQG916
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 37004
x-amz-id-2: SEWa+5trvxldkLVMpcE/k2xyTcHi5Z8Oob82fVNxzrZ5j5+dfSSRQkPFSDSVn0ZYCei4NxB3F6Y=
cf-bgj: h2pri
last-modified: Sat, 27 Apr 2024 09:24:56 GMT
server: cloudflare
etag: "95f54aaac72c178b9463fccaea19abda"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b98a8dd69b4be90-ZRH

GET
H2 200 6692cb9b70c013a8fa9e6f66_NunitoSans-Bold.woff2
assets.website-files.com/654a2780b046720fadc8d131/ 33 KB
34 KB 178ms
88ms Font
application/octet-stream 2600:9000:235a:d800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/654a2780b046720fadc8d131/6692cb9b70c013a8fa9e6f66_NunitoSans-Bold.woff2
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/css/rsacreativestudio.ea9b695f5.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:d800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a56ec906778610a9c6c8edf33deb199a60af3342ab212b07391d1821881b5f64

Request headers

Referer: https://cdn.prod.website-files.com/
Origin: https://hr-web.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 18:49:30 GMT
x-amz-version-id: rFICzwFKwowH3P0JcjKpsJjnauGXQHU7
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
age: 3829467
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 34300
last-modified: Sat, 13 Jul 2024 18:46:53 GMT
server: AmazonS3
etag: "37f32af195ea3b4eb7b778640bccbd6d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: IYwfFmS210mepRlC3R8JzzzOts4bsEJ9dYZDpsH3Jno9AVpuETo3gA==

GET
H2 200 6692cb9b60203c462147dd51_NunitoSans-Regular.woff2
assets.website-files.com/654a2780b046720fadc8d131/ 33 KB
34 KB 130ms
40ms Font
application/octet-stream 2600:9000:235a:d800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/654a2780b046720fadc8d131/6692cb9b60203c462147dd51_NunitoSans-Regular.woff2
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/css/rsacreativestudio.ea9b695f5.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:d800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 497e79c6bdf446cfa56a9cf3d90d72d68ebb052732763f362d46bf05b4c93849

Request headers

Referer: https://cdn.prod.website-files.com/
Origin: https://hr-web.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:51:56 GMT
x-amz-version-id: mHpvqeVQifxM.aKCwTkRyHVTj_N0dZOZ
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
age: 1420921
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33816
last-modified: Sat, 13 Jul 2024 18:46:53 GMT
server: AmazonS3
etag: "31fb14adba0d7199df2668cf9e146229"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: NQxgwZsIm0TtvTmW_NDr2yUoP4CCXSMqams6goZVoRzKLcrStT-LBQ==

GET
H2 200 664ba5d3320740090a730cfb_600aGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVIUwaEQbjA.woff2
assets.website-files.com/654a2780b046720fadc8d131/ 13 KB
14 KB 124ms
35ms Font
application/octet-stream 2600:9000:235a:d800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/654a2780b046720fadc8d131/664ba5d3320740090a730cfb_600aGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVIUwaEQbjA.woff2
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/css/rsacreativestudio.ea9b695f5.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:d800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af655af252da7b06fc0a5d997f68068ed6f10744dbf4aced7af1088782ee6f7b

Request headers

Referer: https://cdn.prod.website-files.com/
Origin: https://hr-web.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 20 Jun 2024 18:16:54 GMT
x-amz-version-id: 7hlu.n3aj2.x5wWcq18aCS0DTza1pPVO
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
age: 5818622
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13480
last-modified: Mon, 20 May 2024 19:34:45 GMT
server: AmazonS3
etag: "0537a0a77930d6066b843a86d2b32593"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: V4WA45aphjXiCiKtwvucKOfy_gr0mZFFcg9Iv30sD4fMF1T0E7ZdQw==

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

Referer
Origin: https://hr-web.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 6692cb9ba09d4ad2597d6b82_NunitoSans-SemiBold.woff2
assets.website-files.com/654a2780b046720fadc8d131/ 33 KB
34 KB 157ms
68ms Font
application/octet-stream 2600:9000:235a:d800:11:3b84:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.website-files.com/654a2780b046720fadc8d131/6692cb9ba09d4ad2597d6b82_NunitoSans-SemiBold.woff2
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/css/rsacreativestudio.ea9b695f5.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:d800:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67cb1ca88487cb110c592d976f92f0c0502cbdacd0da940f70dbb8b37bc0e4d4

Request headers

Referer: https://cdn.prod.website-files.com/
Origin: https://hr-web.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 18:49:30 GMT
x-amz-version-id: r97r3.2XUiDRIFRMvkBX57kRc4TgKY.k
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
age: 3829467
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33876
last-modified: Sat, 13 Jul 2024 18:46:53 GMT
server: AmazonS3
etag: "bcddcaae8841cf96df304751f0a3e1ad"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: sFvOh23MHTb_rjxwvDWAsaEo0PMTv9dPn3GFL2zws69SqorhOWxeFQ==

GET
H3 200 654a3f53c21c82a3252d6112_menu%201.json Show response
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 3 KB
1 KB 66ms
37ms XHR
application/json 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/654a3f53c21c82a3252d6112_menu%201.json
Requested by: Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/js/rsacreativestudio.32bd8d546.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0674767a294236b457de350682e6fc4f9b2c7b14733cb2da442a3de0b9528949

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: baCtZz31ZXYYjW2FE9BuFjZNLZjtxjIB
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: H1023T3K8TWRYSCW
age: 325911
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mRoH98DEFsVa3a70Gz9DgYPd9DOogc67LB4cHO0vqvfKmlqPG7GV/i8zKaivBxeDBvABTnVmjf8=
last-modified: Tue, 07 Nov 2023 13:44:54 GMT
server: cloudflare
etag: W/"686bae17101ed96dbf7f10e83188a7a9"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
cf-ray: 8b98a8ddba36bb16-ZRH

GET
H3 206 6582b41ec49783bcdc6c4f81_2-transcode.mp4
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 3 MB
0 172ms
172ms Media
video/mp4 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/6582b41ec49783bcdc6c4f81_2-transcode.mp4
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://hr-web.ch/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: .iveQE4uSHWjTxKPwweQ19faphZW9Dbr
cf-cache-status: HIT
x-amz-request-id: G7T97EVJMYMDRS6J
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
Content-Range: bytes 0-3780680/3780681
alt-svc: h3=":443"; ma=86400
Content-Length: 3780681
x-amz-id-2: M3BaodYiZYSPFdNXXmQgPT/rp4zuPCSNaQOX342aBPFIUtNBZ1SiNWgq38ds3ix9n+pDWLEskIvcuDufJhNAe8x+WDL4UfOO
last-modified: Tue, 09 Jan 2024 14:47:56 GMT
server: cloudflare
etag: "49054d7dbefe4e85cfa65f8d8e9d5a48"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8b98a8ddb9c7be90-ZRH

GET
H3 206 662cc3ef6408cf2a4b4ec877_nxt%20website-transcode.mp4
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 4 MB
0 146ms
146ms Media
video/mp4 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/662cc3ef6408cf2a4b4ec877_nxt%20website-transcode.mp4
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://hr-web.ch/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: re_6zj0oiLx_yQBmhBTJNlPFwRWybjw4
cf-cache-status: HIT
x-amz-request-id: G7T7DGJ4VW6AP4GE
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
Content-Range: bytes 0-6295322/6295323
alt-svc: h3=":443"; ma=86400
Content-Length: 6295323
x-amz-id-2: bDRmgY1ZzNXbGoEk8rzw1CGd/MCl3Xt4FaIQ+KfwhNOiqSh7IMXu7M/4sGwIsPEhWLgF0S+2XlY=
last-modified: Sat, 27 Apr 2024 09:23:41 GMT
server: cloudflare
etag: "775116315089232dbbe6261920c1f963"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8b98a8ddb9c8be90-ZRH

GET
H2 200 Logo.png
hr-web.ch/assets/img/ 130 KB
130 KB 118ms
116ms Image
image/png 2607:5300:202::51
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hr-web.ch/assets/img/Logo.png
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:5300:202::51 , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 541f9934435824ed38c6cd1c5e4ae773d4050965212f4d70932bf5141ed7e6f3

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
last-modified: Fri, 09 Aug 2024 13:57:07 GMT
server: Apache
content-type: image/png
cache-control: max-age=900
accept-ranges: bytes
content-length: 132924
expires: Tue, 27 Aug 2024 02:48:56 GMT

GET
H3 200 6600aa0672c267392483321b_Frame.svg
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 3 KB
939 B 36ms
35ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/6600aa0672c267392483321b_Frame.svg
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0ac09c661e6428b66f381b31566d5206cd640f24f078ecb6a557b2f8949b059

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: d_W2hEK2QqrkcnjUcVIbSh2IHdIg2qzB
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: T22953B34ZP6HHTX
age: 837232
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PeT5C/PsMoALAryo5rwxLkHOwyc5X4kSURd6a9di93nvLSOMJNSQTcwZdLORU/BxI5PSLYV/Aw5tjAhLJOXJ6N2HrbWmSOCRFZ12wL9tT+w=
last-modified: Sun, 24 Mar 2024 22:32:40 GMT
server: cloudflare
etag: W/"5e07715ca567fcb7fd0a34e9a45dfd43"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
cf-ray: 8b98a8ddc9cabe90-ZRH

GET
H3 200 661314ab4694e27c54e08a3d_Fanzeem.svg
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 23 KB
17 KB 38ms
37ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/661314ab4694e27c54e08a3d_Fanzeem.svg
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bac1fea9bc9c0938a24b84ca5c4b25183affe2470198f76c0b5c39cd42af9b4

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: atz4c4z9RBgCx0eEpvVrf1T5PyTg9BtG
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 6QG57N05145PWG58
age: 837232
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: m9mADhIiI0wFRIMEx19T47aFLAq7xY9ZjXwum0xZfHzuFBkUMvyNUNClDDaQtf9ZNePLAuLWsDE=
last-modified: Sun, 07 Apr 2024 21:48:28 GMT
server: cloudflare
etag: W/"debce150c8cc041f93d120b46513bd77"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
cf-ray: 8b98a8ddc9cbbe90-ZRH

GET
H3 200 661314a9e155eff2038fcb77_Paradigm.svg
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 124 KB
44 KB 43ms
42ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/661314a9e155eff2038fcb77_Paradigm.svg
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb28b5d5abd39733b4b174f4f9672f3996c401b909acf85660da513162457a59

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: 05WR6EGgqBbQYScSnMToz.RsIvSXhSk9
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8415Q37SE7Z5X47K
age: 1858162
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +6dT2RU+3WZ3ueLR6fKxEQoy7U7gaEuJ//CbyhC5oyR6p9Urgjldy4bG20zaIviIB74TsJqrVSo=
last-modified: Sun, 07 Apr 2024 21:48:27 GMT
server: cloudflare
etag: W/"52c6717342403efc65edf6eff782cc92"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
cf-ray: 8b98a8ddc9ccbe90-ZRH

GET
H3 200 661314a9c879c9a88ba6ca4a_Juix.svg
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 30 KB
22 KB 40ms
39ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/661314a9c879c9a88ba6ca4a_Juix.svg
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47746dfaa4082946d2ac1b4424d2a94c61bca564cddba205a4b43702c4ed283f

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: Ew.nelo4Vb..47gXoak2Y4VdlFlgsdBi
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 3WD2N30F4EACQ51G
age: 1858162
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: MP1IEGD09ToEvRPrAWaHOufo3DC6nzilQU8uVdAhhg9Xv5ZnvxyiS53sGQpN6OOusZ06IAeuVIA=
last-modified: Sun, 07 Apr 2024 21:48:27 GMT
server: cloudflare
etag: W/"b92381dcff41b1b79cab86e055db2ee3"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
cf-ray: 8b98a8ddc9cdbe90-ZRH

GET
H3 200 661314a9ff3fd2e80be27ca3_BArn.svg
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 6 KB
3 KB 40ms
40ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/661314a9ff3fd2e80be27ca3_BArn.svg
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc0a79bfadf8a1dc029c34c6b84e030df90eae49b49b6130488df7ba8f236a4

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: 11CYyNdOXn.IgH3UkVk3OapnKadV2Eb5
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4WAVCBV8P0Z8QBED
age: 837232
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ld/T2AU93Pvk1uiGth1RLy/PtyKNf3sKcHxTlnKWSuSr21tLIf1vU1lqJXaTgNglzImVatFJ5yluYwRlBGyzLimrTStjMYng
last-modified: Sun, 07 Apr 2024 21:48:28 GMT
server: cloudflare
etag: W/"27e7c2c1dc681ff04d6f9d3ee72012fc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
cf-ray: 8b98a8ddc9cebe90-ZRH

GET
H3 200 661314a9ebaad00fbe02082a_Allaya.svg
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 50 KB
20 KB 46ms
45ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/661314a9ebaad00fbe02082a_Allaya.svg
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebd956d183bb46f8a652526d09ee7c2b2c069ab791fb7a5d4f0ff5b4035cc17c

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: s1QTAHdNmN0FH6_Wsr4UsSzdZb4AYc45
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8Y706FBTB8WS7MTC
age: 837232
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: LR6AGdze93on46xr2+xlcbL84AZhG/6r+rA4vr3cNqmkiKZUmZz5RWHQQAqpaKymUbVDmt+SvYJY8hW3cWCHIYaEUE/M67QHPBEhgtCNhWU=
last-modified: Sun, 07 Apr 2024 21:48:27 GMT
server: cloudflare
etag: W/"6f59c61eecc1ee70a850bd94f509da8c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
cf-ray: 8b98a8ddc9cfbe90-ZRH

GET
H3 200 661314a9d77654a5bfd24a92_Teams.svg
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 11 KB
5 KB 40ms
39ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/661314a9d77654a5bfd24a92_Teams.svg
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25181d9b0667d9358a73882dd6dcb6727c91d47aa24e30ab54ec5177b8d3d6ff

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: IxhZyzhSJLu.H3L5b.CpHG5yvciQLSy6
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 6QG72M66Y8ZBJ8JY
age: 837232
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: B+OLwz6UACpwWSUoYeyDBGlm+AIA9pq4SBNOeC4Vftij0uH5e2LuktaMoYCGlXPQZZXTtbVx5t5RGrZqk86uONwjBDoHzeNI5+IdFpUkdRg=
last-modified: Sun, 07 Apr 2024 21:48:27 GMT
server: cloudflare
etag: W/"712eedbd216be1906b42d1274105753f"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
cf-ray: 8b98a8ddc9d0be90-ZRH

GET
H3 200 661314a9e155eff2038fcb70_NXT.svg
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 5 KB
2 KB 39ms
39ms Image
image/svg+xml 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/661314a9e155eff2038fcb70_NXT.svg
Requested by: Host: hr-web.ch
URL: https://hr-web.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05cb134c05aae160b2087d8f7fdc873a35e52c947f02890334b0448428f3a9d4

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: XOxkf0945ZhRv8KQKbqlOIUcmGd430ON
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4WARQZ22TG876JVC
age: 837232
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KDSpCymZ74ZaN+8L07b0jg8pirnC5OdzAiNQjVZ04kpDdy8ELkwhwlC1TdjNcYfHJomF00GVblM=
last-modified: Sun, 07 Apr 2024 21:48:27 GMT
server: cloudflare
etag: W/"2a1151bece25e9eaa97e43549309b959"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
cf-ray: 8b98a8ddc9d1be90-ZRH

GET
H3 200 490796906775636 Show response
connect.facebook.net/signals/config/ 72 KB
14 KB 228ms
228ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/490796906775636?v=2.9.165&r=stable&domain=hr-web.ch&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

04135ee82f9eb79f4662c4595fdae0a3459a60d607c06447cbbdd6124be4847d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Aug 2024 02:33:56 GMT
document-policy: force-load-at-top
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=74, mss=1232, tbw=66898, tp=63, tpl=0, uplat=198, ullat=0
pragma: public
x-fb-debug: lIYRFo+E5cmEJIZxzwj4WKrwvQ1NXxbNaOuMWm3I0cpp69NEgLpAEqsd/UI3ROK9oEToeuc11lmBJQ4+JnYU+w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 106ms
32ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=490796906775636&ev=PageView&dl=https%3A%2F%2Fhr-web.ch%2F&rl=&if=false&ts=1724726036379&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724726036377.349897210338608324&cs_est=true&ler=empty&cdl=API_unavailable&it=1724726036136&coo=false&rqm=GET

Requested by

Host: hr-web.ch
URL: https://hr-web.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=33, rtx=0, c=10, mss=1297, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Aug 2024 02:33:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 265ms
190ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=490796906775636&ev=PageView&dl=https%3A%2F%2Fhr-web.ch%2F&rl=&if=false&ts=1724726036379&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724726036377.349897210338608324&cs_est=true&ler=empty&cdl=API_unavailable&it=1724726036136&coo=false&rqm=FGET

Requested by

Host: hr-web.ch
URL: https://hr-web.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf0d63d20c48895f3","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:7972988219424051","7830:7972988219424051","10853:7972988219424051","41:7972988219424051","8046:7972988219424051"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Tue, 27 Aug 2024 02:33:56 GMT
x-fb-server-load: 25
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7407641919642511320", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1297, tbw=3101, tp=-1, tpl=-1, uplat=158, ullat=0
pragma: no-cache
x-fb-debug: J9T2wdSA59Tks2+XmKXyhJAKj6koB1ynmDfafg4rMjnX6ENNXUzk82GJqbOSHOKWdhbkid2WnPcwRUKJNiZaPQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7407641919642511320"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 logo-png.png
hr-web.ch/assets/images/ 196 B
289 B 116ms
115ms Other
text/html 2607:5300:202::51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://hr-web.ch/assets/images/logo-png.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:5300:202::51 , Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1

GET
H3 200 65e1b94b1c809e73147a9652_RSA%20Favicon.png
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 922 B
1 KB 36ms
33ms Other
image/png 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/65e1b94b1c809e73147a9652_RSA%20Favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe993f30cbb68710a7304534476ab33e9d83f266de08fae1e08aa9edd875dd96

Request headers

Referer: https://hr-web.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: KIbW6VDGsvjfXIV_Aw8taQjkhlhFlZC8
cf-cache-status: HIT
x-amz-request-id: JBGXD8GGZKMB586N
age: 837231
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 922
x-amz-id-2: IsW+NmLJgf4evyBGIDKrFA8VwbLDAMH/8ESq9hpZ7mkecDCeos72qwvdaaSgWnWwhbSmx2JjNmw=
last-modified: Fri, 01 Mar 2024 11:17:34 GMT
server: cloudflare
etag: "67b72ed4f7b686331d5f5c36c172bc9a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
cf-ray: 8b98a8e1eabfbe90-ZRH

GET
H3 206 662cc3ef6408cf2a4b4ec877_nxt%20website-transcode.mp4
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 64 KB
0 0ms
0ms Media
video/mp4 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/662cc3ef6408cf2a4b4ec877_nxt%20website-transcode.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://hr-web.ch/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=3835652-

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: re_6zj0oiLx_yQBmhBTJNlPFwRWybjw4
cf-cache-status: HIT
x-amz-request-id: G7T7DGJ4VW6AP4GE
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
Content-Range: bytes 3835652-6295322/6295323
alt-svc: h3=":443"; ma=86400
Content-Length: 2459671
x-amz-id-2: bDRmgY1ZzNXbGoEk8rzw1CGd/MCl3Xt4FaIQ+KfwhNOiqSh7IMXu7M/4sGwIsPEhWLgF0S+2XlY=
last-modified: Sat, 27 Apr 2024 09:23:41 GMT
server: cloudflare
etag: "775116315089232dbbe6261920c1f963"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8b98a8ddb9c8be90-ZRH

GET
H3 206 6582b41ec49783bcdc6c4f81_2-transcode.mp4
cdn.prod.website-files.com/654a2780b046720fadc8d131/ 64 KB
0 0ms
0ms Media
video/mp4 172.64.153.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.website-files.com/654a2780b046720fadc8d131/6582b41ec49783bcdc6c4f81_2-transcode.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.153.29 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://hr-web.ch/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=3637652-

Response headers

date: Tue, 27 Aug 2024 02:33:56 GMT
x-amz-version-id: .iveQE4uSHWjTxKPwweQ19faphZW9Dbr
cf-cache-status: HIT
x-amz-request-id: G7T97EVJMYMDRS6J
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
Content-Range: bytes 3637652-3780680/3780681
alt-svc: h3=":443"; ma=86400
Content-Length: 143029
x-amz-id-2: M3BaodYiZYSPFdNXXmQgPT/rp4zuPCSNaQOX342aBPFIUtNBZ1SiNWgq38ds3ix9n+pDWLEskIvcuDufJhNAe8x+WDL4UfOO
last-modified: Tue, 09 Jan 2024 14:47:56 GMT
server: cloudflare
etag: "49054d7dbefe4e85cfa65f8d8e9d5a48"
vary: Accept-Encoding
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 8b98a8ddb9c7be90-ZRH

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hr-web.ch/	1970-01-21 01:15:02	Name: _fbp Value: fb.1.1724726036377.349897210338608324

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hr-web.ch/vendor/bootstrap/css/bootstrap.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hr-web.ch/assets/images/logo-png.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.website-files.com
cdn.jsdelivr.net
cdn.prod.website-files.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hr-web.ch
use.fontawesome.com
www.facebook.com
157.240.253.1
172.64.153.29
2600:9000:235a:d800:11:3b84:d200:93a1
2606:4700:3036::6815:1b98
2606:4700::6812:ba1f
2607:5300:202::51
2a00:1450:4001:80b::200a
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2003
2a03:2880:f177:185:face:b00c:0:25de
52.222.232.39
04135ee82f9eb79f4662c4595fdae0a3459a60d607c06447cbbdd6124be4847d
052f6916a21ba5be140366439e81b84ad11363c84dfba2a06f208c7b4a6f6d5f
05cb134c05aae160b2087d8f7fdc873a35e52c947f02890334b0448428f3a9d4
0674767a294236b457de350682e6fc4f9b2c7b14733cb2da442a3de0b9528949
09fc736247880a9075fa70b59a69cfe5c5d2a3a2ecd083f2091862776598a6cd
2159d8dec00193cb6f7ca228c20976f09befe10aaac6b23a9cadc897295a7987
25181d9b0667d9358a73882dd6dcb6727c91d47aa24e30ab54ec5177b8d3d6ff
36b81685c57adf001c7703cf9559ec689016bc6e2c1f9d7d2786136a6d7b06d3
468b3e9ad7eb860239ed3e6eba32e2e0ff79ee9c2bbf132f18a4d9c0809716e3
47746dfaa4082946d2ac1b4424d2a94c61bca564cddba205a4b43702c4ed283f
497e79c6bdf446cfa56a9cf3d90d72d68ebb052732763f362d46bf05b4c93849
541f9934435824ed38c6cd1c5e4ae773d4050965212f4d70932bf5141ed7e6f3
67cb1ca88487cb110c592d976f92f0c0502cbdacd0da940f70dbb8b37bc0e4d4
7cc0a79bfadf8a1dc029c34c6b84e030df90eae49b49b6130488df7ba8f236a4
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81dae163143a77d235a1ee1fe4263af0f58f41a32f5b703073d46f400e2b0a24
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
8e72ea9b9db8346f15ed36cb37ee775378af97f5c3eeff925fbacd9fe0bf4cde
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
9bac1fea9bc9c0938a24b84ca5c4b25183affe2470198f76c0b5c39cd42af9b4
a56ec906778610a9c6c8edf33deb199a60af3342ab212b07391d1821881b5f64
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af655af252da7b06fc0a5d997f68068ed6f10744dbf4aced7af1088782ee6f7b
b0ac09c661e6428b66f381b31566d5206cd640f24f078ecb6a557b2f8949b059
b37a75fb0ce0c48d4381d74f0ec59e936136ca42cd4157966a88b2bfbc19cb1b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc9e1669e3fd094a1d8bba36ce7705f97b8a7fa8ed0b26f3385dcc8a8d21b4bd
c28ba9eff35255451bade44a40863c2340cc547951f9ccad12bb1d94ee1aaa72
c3b271d6007309a03a735a504e52d5db3b8466a1bdbc727734d5d3e5316b09ac
d9a0b2a5b4fee4e6e2f74e8131619545972b864657c524d16a52f2618a429eec
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd956d183bb46f8a652526d09ee7c2b2c069ab791fb7a5d4f0ff5b4035cc17c
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f01cdf86b2182ac02e50fda5ba1ddabb2f1db5cda519f26a329c7462f197d7a0
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb28b5d5abd39733b4b174f4f9672f3996c401b909acf85660da513162457a59
fe993f30cbb68710a7304534476ab33e9d83f266de08fae1e08aa9edd875dd96

hr-web.ch Open in urlscan Pro 2607:5300:202::51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

73 %IPv6

9 Domains

11 Subdomains

12 IPs

3 Countries

1011 kBTransfer

9765 kBSize

1 Cookies

7 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hr-web.ch Open in urlscan Pro
2607:5300:202::51 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

1011 kB
Transfer

9765 kB
Size

1
Cookies

43 HTTP transactions
1 data transactions