www.helpinghand.ch Open in urlscan Pro
46.4.250.97 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://helpinghand.ch/
Effective URL:
https://www.helpinghand.ch/
Submission: On November 23 via api (November 23rd 2024, 7:09:21 pm UTC) from US — Scanned from CH

Summary HTTP 103 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 12 domains to perform 103 HTTP transactions. The main IP is 46.4.250.97, located in Bad Muenstereifel, Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is www.helpinghand.ch.
TLS certificate: Issued by R11 on October 19th 2024. Valid for: 3 months.

This is the only time www.helpinghand.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	46.4.250.97 46.4.250.97	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
8	20.246.218.104 20.246.218.104	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
5	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	168.119.44.214 168.119.44.214	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
24	172.67.15.14 172.67.15.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
29	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	142.250.185.72 142.250.185.72	15169 (GOOGLE) (GOOGLE)
103	16

21 46.4.250.97 (Bad Muenstereifel, Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: rlx1.loginserver.ch

helpinghand.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.helpinghand.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 20.246.218.104 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

services.cognitoforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cognitoforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.44.214 (Düsseldorf, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: lx36.hoststar.hosting

www.kundenversprechen.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.67.15.14 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static.cognitoforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	cognitoforms.com services.cognitoforms.com — Cisco Umbrella Rank: 258360 www.cognitoforms.com — Cisco Umbrella Rank: 49077 static.cognitoforms.com — Cisco Umbrella Rank: 63943	396 KB
24	tawk.to embed.tawk.to — Cisco Umbrella Rank: 11098 va.tawk.to — Cisco Umbrella Rank: 10657	270 KB
21	helpinghand.ch 1 redirects helpinghand.ch www.helpinghand.ch	2 MB
5	gstatic.com fonts.gstatic.com	113 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	471 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	57 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	214 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	74 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1	kundenversprechen.ch www.kundenversprechen.ch
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
103	12

	Domain	Requested by
29	static.cognitoforms.com	www.cognitoforms.com
21	embed.tawk.to	www.helpinghand.ch embed.tawk.to
20	www.helpinghand.ch	www.helpinghand.ch
7	www.cognitoforms.com	services.cognitoforms.com static.cognitoforms.com www.cognitoforms.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagmanager.com	www.helpinghand.ch www.googletagmanager.com static.cognitoforms.com
3	va.tawk.to	embed.tawk.to
3	cdn.jsdelivr.net	www.helpinghand.ch embed.tawk.to
2	region1.google-analytics.com	www.googletagmanager.com
2	www.facebook.com	www.helpinghand.ch
2	connect.facebook.net	www.helpinghand.ch connect.facebook.net
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	www.kundenversprechen.ch	www.helpinghand.ch
1	services.cognitoforms.com	www.helpinghand.ch
1	fonts.googleapis.com	www.helpinghand.ch
1	helpinghand.ch	1 redirects
103	16

This site contains links to these domains. Also see Links.

Domain
kundenversprechen.ch
www.google.com
www.facebook.com
twitter.com
www.instagram.com
www.web-d-vision.ch

Subject Issuer	Validity	Valid
helpinghand.ch R11	`2024-10-19` - `2025-01-17`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.cognitoforms.com Go Daddy Secure Certificate Authority - G2	`2024-07-08` - `2025-08-09`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
kundenversprechen.ch R10	`2024-10-01` - `2024-12-30`	3 months	crt.sh
tawk.to WE1	`2024-11-19` - `2025-02-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.helpinghand.ch/
Frame ID: 8919A72325635CA80323425E11706443
Requests: 96 HTTP requests in this frame

Frame: https://www.kundenversprechen.ch/widget/widgetcontent.php?id=2433
Frame ID: 2A6D6C551C85838E84723157E1BA6C18
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.helpinghand.ch
Frame ID: 4F6893D3BFA9AEE9FE1968967C41E8D6
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/min-widget.css
Frame ID: 3D0E4A7364E75AE665D639B301AC2E69
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/message-preview.css
Frame ID: D04440EC0E4671E936330E3BE605F746
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/bubble-widget.css
Frame ID: 3532871A9A812CCFED8FBCD3F2104253
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css
Frame ID: DC87F980226FB2704A09D4381E67E983
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Helping Hand Moving & Services

Page URL History Show full URLs

https://helpinghand.ch/ HTTP 301
https://www.helpinghand.ch/ Page URL

Detected technologies

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

uikit.*\.js

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

103
Requests

100 %
HTTPS

33 %
IPv6

12
Domains

16
Subdomains

16
IPs

2
Countries

3229 kB
Transfer

6912 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://kundenversprechen.ch/profil/helping-hand-gmbh/

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//Helping+Hand+GmbH,+H%C3%B6hestrasse+90,+8702+Zollikon/@47.339011,8.5788783,17z/data=!4m8!4m7!1m0!1m5!1m1!1s0x479aa6e201fdf57d:0xfe0782292f4fd484!2m2!1d8.581067!2d47.339011?hl=de
Title: Höhestrasse 90Postfach 3138702 Zollikon

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Helping+Hand+GmbH/@47.3390146,8.578873,17z/data=!3m1!4b1!4m5!3m4!1s0x0:0xfe0782292f4fd484!8m2!3d47.339011!4d8.581067?hl=de

Search URL Search Domain Scan URL

URL: https://www.facebook.com/helpinghandzurich/

Search URL Search Domain Scan URL

URL: https://twitter.com/helpinghandgmbh

Search URL Search Domain Scan URL

URL: https://www.instagram.com/helpinghand.ch/

Search URL Search Domain Scan URL

URL: https://www.web-d-vision.ch/
Title: Web-D-Vision

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://helpinghand.ch/ HTTP 301
https://www.helpinghand.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

103 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.helpinghand.ch/
Redirect Chain

https://helpinghand.ch/
https://www.helpinghand.ch/

94 KB
15 KB

109ms
52ms

Document
text/html

46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PHP/8.1.30 PleskLin
Resource Hash: cabfcc9c90adb992b0888e5a7de8aa3969faece1ae2a01fe09993782d4cdecfd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 23 Nov 2024 19:08:52 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.1.30 PleskLin

Redirect headers

content-length: 162
content-type: text/html
date: Sat, 23 Nov 2024 19:08:52 GMT
location: https://www.helpinghand.ch/
server: nginx

GET
H2 200 cookieconsent.css
cdn.jsdelivr.net/gh/orestbida/cookieconsent@3.0.1/dist/ 31 KB
7 KB 102ms
26ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/orestbida/cookieconsent@3.0.1/dist/cookieconsent.css

Requested by

Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ca046b8b1b1094107205988e7096a687b241c8ef5f3fefe5e543ed28d26646c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"7dcf-yCJw48dW3/w69banJQYABRxtQxE"
age: 2717760
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230037-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6317
x-jsd-version: 3.0.1

GET
H2 200 uikit.min.css
www.helpinghand.ch/css/ 256 KB
28 KB 100ms
99ms Stylesheet
text/css 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.helpinghand.ch/css/uikit.min.css
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 7f74951573f7d0c81a859d19ecba755b4d8cb8b82d880b64f2e16a4db1b135f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-powered-by: PleskLin
content-encoding: gzip
etag: "3fec7-60d05d3d1bf00-gzip"
accept-ranges: bytes
content-length: 28820
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: text/css
last-modified: Thu, 21 Dec 2023 14:22:20 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 theme.css
www.helpinghand.ch/css/ 386 KB
47 KB 97ms
96ms Stylesheet
text/css 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.helpinghand.ch/css/theme.css
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 9876182161e88094727991be7443f4c9f83999f8ef3a8bee7ecbdc7b8b1e452c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-powered-by: PleskLin
content-encoding: gzip
etag: "60831-60d05d3d1bf00-gzip"
accept-ranges: bytes
content-length: 48227
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: text/css
last-modified: Thu, 21 Dec 2023 14:22:20 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 custom.css
www.helpinghand.ch/css/ 2 KB
1012 B 42ms
41ms Stylesheet
text/css 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.helpinghand.ch/css/custom.css
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: c142081494bca392cb1b07a80f65c71e06007b81262e73a0d0be3f062445e43e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-powered-by: PleskLin
content-encoding: gzip
etag: "9f8-612d4f4820fe2-gzip"
accept-ranges: bytes
content-length: 822
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: text/css
last-modified: Mon, 04 Mar 2024 12:35:04 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 24 KB
1 KB 145ms
58ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bec0b406aac0001b783fb1f55bfa909661261ddf17f59f57af90a864bf06f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 23 Nov 2024 19:08:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 23 Nov 2024 19:08:52 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 uikit.min.js Show response
www.helpinghand.ch/js/ 131 KB
45 KB 65ms
64ms Script
application/javascript 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.helpinghand.ch/js/uikit.min.js
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 80712f2f3be98d4f775454e0bb99b202099cfb42350b307361ed1885327cbaa2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-powered-by: PleskLin
content-encoding: gzip
etag: "20db5-60d05d3f04380-gzip"
accept-ranges: bytes
content-length: 45982
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: application/javascript
last-modified: Thu, 21 Dec 2023 14:22:22 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 uikit-icons.min.js Show response
www.helpinghand.ch/js/ 64 KB
18 KB 96ms
95ms Script
application/javascript 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.helpinghand.ch/js/uikit-icons.min.js
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 3f1adc0ae0651643d594fb06c4dcede7d5b710a60e1fbf73faffedabdb854b63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-powered-by: PleskLin
content-encoding: gzip
etag: "1006e-60d05d3f04380-gzip"
accept-ranges: bytes
content-length: 18430
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: application/javascript
last-modified: Thu, 21 Dec 2023 14:22:22 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 helping-hand-logo.png
www.helpinghand.ch/images/ 6 KB
7 KB 42ms
41ms Image
image/png 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helpinghand.ch/images/helping-hand-logo.png
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 2a91fe5cebcfc1242a75cb12702bd547903f2e10fd59f0e4a80a5729eb3e6e51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "199d-6115a4823a24e"
accept-ranges: bytes
content-length: 6557
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 16:48:35 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 de_ch.gif
www.helpinghand.ch/images/ 369 B
521 B 33ms
33ms Image
image/gif 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helpinghand.ch/images/de_ch.gif
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 265ba0828fe5222f289924f2c7bd1ae2238d98afe7c4ed119a9c447250e58c34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "171-6115a482f69d8"
accept-ranges: bytes
content-length: 369
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: image/gif
last-modified: Wed, 14 Feb 2024 16:48:36 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 en_gb.gif
www.helpinghand.ch/images/ 1 KB
1 KB 35ms
35ms Image
image/gif 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helpinghand.ch/images/en_gb.gif
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 5d14e1355f6dc3fae99dda64bd1b376867196c66c2eb3dd07ffb18f8dd0d242b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "403-6115a4822b7f0"
accept-ranges: bytes
content-length: 1027
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: image/gif
last-modified: Wed, 14 Feb 2024 16:48:35 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 BzPE_ouunUaSmP1r_m_NLQ Show response
services.cognitoforms.com/s/ 727 B
1 KB 746ms
184ms Script
application/javascript 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://services.cognitoforms.com/s/BzPE_ouunUaSmP1r_m_NLQ

Requested by

Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

36ce5793622f53fdea0da07e2aad17fbb995f29e32373561c49ecdab9640033e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://; connect-src 'self' https:// wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
Strict-Transport-Security	max-age=35136000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

access-control-expose-headers: X-SessionToken,X-Server-Time, Request-Context
content-encoding: gzip
x-request-time: 12ms
x-content-type-options: nosniff
expires: -1
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=35136000; includeSubDomains
content-security-policy: default-src 'self' https://*; connect-src 'self' https://* wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
cache-control: no-cache, no-store, must-revalidate
x-role-instance: cogwprdb0003AO
pragma: no-cache
referrer-policy: origin-when-cross-origin
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
access-control-allow-origin: *
content-length: 517
x-server-time: 2024-11-23T19:08:52.828Z

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 288 KB
100 KB 451ms
62ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N93DBZL

Requested by

Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a17d57754fa3cfa41c4feda5318d89723eaafc86b1636419762894ba25cb10e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 23 Nov 2024 19:08:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 23 Nov 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101203
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 cookieconsent-config.js Show response
www.helpinghand.ch/cookieconsent/cookie_gtm_DE/ 11 KB
3 KB 45ms
43ms Script
application/javascript 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.helpinghand.ch/cookieconsent/cookie_gtm_DE/cookieconsent-config.js
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 5eaef8ae27227263b3ad4c15d087e6e0b1b9519465a09b8c413aab86a9cf79ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://www.helpinghand.ch/

Response headers

x-powered-by: PleskLin
content-encoding: gzip
etag: "2aed-62278752ae23f-gzip"
accept-ranges: bytes
content-length: 2379
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 12:56:57 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 Helping_Hand_Titelbild-_Heli.jpg
www.helpinghand.ch/images/ 1 MB
1 MB 34ms
34ms Image
image/jpeg 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helpinghand.ch/images/Helping_Hand_Titelbild-_Heli.jpg
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: ab11b26b8cb1b8ca8750bbcc7f9b15ac89f95237715cefa876cd15adc236ae15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "106d07-6115a483ce6e0"
accept-ranges: bytes
content-length: 1076487
date: Sat, 23 Nov 2024 19:08:52 GMT
content-type: image/jpeg
last-modified: Wed, 14 Feb 2024 16:48:36 GMT
server: nginx
x-powered-by: PleskLin

GET
H3 200 wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2
fonts.gstatic.com/s/barlowsemicondensed/v15/ 22 KB
22 KB 396ms
30ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpvgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXeIqq.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow+Semi+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

74ec7aa456249a38fb4826bd398c5ceb4fc82469ca304492a70af2b8500db605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://fonts.googleapis.com/

Response headers

age: 353158
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 17:02:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 17:02:54 GMT
last-modified: Tue, 02 May 2023 14:53:03 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22356
x-xss-protection: 0
server: sffe

GET
H3 200 wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfi6m_B2sl.woff2
fonts.gstatic.com/s/barlowsemicondensed/v15/ 22 KB
22 KB 394ms
29ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfi6m_B2sl.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

bb6c2d338fe27c66180e8a3a04ac75c949a525f4bdd49b575d7fd520e33d0b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://fonts.googleapis.com/

Response headers

age: 270794
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 15:55:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:55:38 GMT
last-modified: Tue, 02 May 2023 14:53:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22368
x-xss-protection: 0
server: sffe

GET
H3 200 wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfw6-_B2sl.woff2
fonts.gstatic.com/s/barlowsemicondensed/v15/ 23 KB
23 KB 419ms
53ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfw6-_B2sl.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

2ab71d12b24e5ade0280071d749fdec1684c256d397a258f78176f2d4f5b524f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://fonts.googleapis.com/

Response headers

age: 420861
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 22:14:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 22:14:31 GMT
last-modified: Tue, 02 May 2023 14:53:06 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23196
x-xss-protection: 0
server: sffe

GET
H2 200 seamless.js Show response
www.cognitoforms.com/svc/load-form/script/ 61 KB
16 KB 650ms
362ms Script
application/javascript 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/svc/load-form/script/seamless.js

Requested by

Host: services.cognitoforms.com
URL: https://services.cognitoforms.com/s/BzPE_ouunUaSmP1r_m_NLQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d100c1876b63595fd3e95c01592429bf8432722ed5600063f217c5cd17e61ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=35136000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

access-control-expose-headers: X-SessionToken,X-Server-Time, Request-Context
content-encoding: gzip
x-request-time: 3ms
etag: 7e298c232b49e5d86648b42731a33fb2
expires: -1
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
date: Sat, 23 Nov 2024 19:08:53 GMT
content-type: application/javascript
strict-transport-security: max-age=35136000; includeSubDomains
cache-control: no-cache, must-revalidate
x-role-instance: cogwprdb0003BB
pragma: no-cache
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
access-control-allow-origin: *
content-length: 15839
x-server-time: 2024-11-23T19:08:53.405Z

GET
H2 200 widgetcontent.php
www.kundenversprechen.ch/widget/ Frame 2A6D 0
0 3582ms
3045ms Document
text/html 168.119.44.214
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kundenversprechen.ch/widget/widgetcontent.php?id=2433

Requested by

Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

168.119.44.214 Düsseldorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

lx36.hoststar.hosting

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.helpinghand.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 1286
content-type: text/html; charset=utf-8
date: Sat, 23 Nov 2024 19:08:56 GMT
server: nginx
strict-transport-security: max-age=63072000
vary: Accept-Encoding

GET
H3 200 1f5jb7sjn Show response
embed.tawk.to/609d5d2b185beb22b30cfbf0/ 2 KB
1010 B 370ms
85ms Script
application/x-javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/609d5d2b185beb22b30cfbf0/1f5jb7sjn

Requested by

Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a8d974a353eb027b506652b28f38f9ef7adbbf29ab0bd5a3301e67b2bf88e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"stable-v4-67354992019"
age: 6499
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:08:53 GMT
content-type: application/x-javascript
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 8e737351ed902c59-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Kundenversprechen_G%C3%BCtesiegel.png
www.helpinghand.ch/images/ 350 KB
351 KB 187ms
7ms Image
image/png 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helpinghand.ch/images/Kundenversprechen_G%C3%BCtesiegel.png
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: e04a8ce859afa6764035daa4ee9853b6af187d6be7448719181eee46f1f37fc0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "579c7-6115a483f771b"
accept-ranges: bytes
content-length: 358855
date: Sat, 23 Nov 2024 19:08:53 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 16:48:37 GMT
server: nginx
x-powered-by: PleskLin

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 293ms
50ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-SMmnY4au' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 19:08:53 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-SMmnY4au' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=111, rtx=0, c=26, mss=1232, tbw=8212, tp=13, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: lTo5foAnsJK/9r8jEubVZKVgoPdz05Lqd2lJCCVD5eJVZNCzH5mVzR5itE2/x/jSsv6pmOiQN3oEDeDO24zF4A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 IMG_1872.jpg
www.helpinghand.ch/images/head/ 130 KB
130 KB 174ms
29ms Image
image/jpeg 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helpinghand.ch/images/head/IMG_1872.jpg
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 49cd56c9e3dfb926dc0542b8bf5b8934ea8aeedb41d43f2d4c7a6a513331508f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "207c2-6115a4a34dae4"
accept-ranges: bytes
content-length: 133058
date: Sat, 23 Nov 2024 19:08:53 GMT
content-type: image/jpeg
last-modified: Wed, 14 Feb 2024 16:49:09 GMT
server: nginx
x-powered-by: PleskLin

GET
DATA 200
OK truncated
/ 191 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8da0eca82a747f98da93aea04e8d343b1892741cd374386858ba20c218e3689

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_B2sl.woff2
fonts.gstatic.com/s/barlowsemicondensed/v15/ 22 KB
22 KB 50ms
50ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfp66_B2sl.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

57ada345dc677b0b614d9f39e775fedde2d2ec49f29660654cbba52b1b5a2220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://fonts.googleapis.com/

Response headers

age: 271546
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 15:43:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:43:07 GMT
last-modified: Tue, 02 May 2023 14:53:02 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22908
x-xss-protection: 0
server: sffe

GET
H3 200 wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbqoIE4.woff2
fonts.gstatic.com/s/barlowsemicondensed/v15/ 24 KB
24 KB 51ms
50ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowsemicondensed/v15/wlphgxjLBV1hqnzfr-F8sEYMB0Yybp0mudRXfbqoIE4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

4e61bbdda25e99cbde738641c0362d00875468cf0967e2da08c7d831c79cc66d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://fonts.googleapis.com/

Response headers

age: 272650
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 15:24:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:24:43 GMT
last-modified: Tue, 02 May 2023 14:56:43 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24548
x-xss-protection: 0
server: sffe

GET
H2 200 moving.png
www.helpinghand.ch/images/services/ 6 KB
6 KB 382ms
362ms Image
image/png 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helpinghand.ch/images/services/moving.png
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: e342c686ca7f80dba6133afd17f537f6d734f921e6435c07d3cdd5bc9151b5aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "184d-6115a4ad56f1e"
accept-ranges: bytes
content-length: 6221
date: Sat, 23 Nov 2024 19:08:53 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 16:49:20 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 transport.png
www.helpinghand.ch/images/services/ 5 KB
5 KB 428ms
408ms Image
image/png 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helpinghand.ch/images/services/transport.png
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 879c9c6440e6cf00f5c9ce12c552146d96978e4f98420215531d77848965f3ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "12bf-6115a4ad743db"
accept-ranges: bytes
content-length: 4799
date: Sat, 23 Nov 2024 19:08:53 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 16:49:20 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 assembly.png
www.helpinghand.ch/images/services/ 7 KB
7 KB 429ms
409ms Image
image/png 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helpinghand.ch/images/services/assembly.png
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 80e2dba80fdae6f3671ebef401a125cf1107b1d836f1fa8f5221abb8874b8537

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "1abd-6115a4ad56f1e"
accept-ranges: bytes
content-length: 6845
date: Sat, 23 Nov 2024 19:08:53 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 16:49:20 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 recycle.png
www.helpinghand.ch/images/services/ 9 KB
9 KB 426ms
407ms Image
image/png 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helpinghand.ch/images/services/recycle.png
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 6de7acc40f47ea3830940af44818f2f13eed1a58b921f53571be854e301b4637

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "239f-6115a4ad27183"
accept-ranges: bytes
content-length: 9119
date: Sat, 23 Nov 2024 19:08:53 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 16:49:20 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 storage.png
www.helpinghand.ch/images/services/ 3 KB
3 KB 286ms
258ms Image
image/png 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helpinghand.ch/images/services/storage.png
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 5a67b7eb828aa59da76df63181a6f65a03a565dd4c9190435a27bd6605d23ada

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "adb-6115a4ad697fc"
accept-ranges: bytes
content-length: 2779
date: Sat, 23 Nov 2024 19:08:54 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 16:49:20 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 cleaning.png
www.helpinghand.ch/images/services/ 7 KB
7 KB 182ms
173ms Image
image/png 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.helpinghand.ch/images/services/cleaning.png
Requested by: Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 6a8a08d9057f97e33172e7d0502385a5de10e4aca1d79e799c1d171ff0345cc6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "1a99-6115a4ad6e61b"
accept-ranges: bytes
content-length: 6809
date: Sat, 23 Nov 2024 19:08:54 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 16:49:20 GMT
server: nginx
x-powered-by: PleskLin

GET
H3 200 cookieconsent.umd.js Show response
cdn.jsdelivr.net/gh/orestbida/cookieconsent@3.0.1/dist/ 23 KB
10 KB 308ms
176ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/orestbida/cookieconsent@3.0.1/dist/cookieconsent.umd.js

Requested by

Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1267fd33fcf3ab4043a7cc62cc9259a2c66f839f695216f7737ed37b7b3e62e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://www.helpinghand.ch/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"5ae9-1uPP8Sj3nBuFOtKQ44sSj//twvY"
age: 1868604
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sat, 23 Nov 2024 19:08:53 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230077-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9661
x-jsd-version: 3.0.1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 442 KB
137 KB 373ms
223ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9D6Y845RS7&l=dataLayer&cx=c&gtm=45He4bk0v812234447za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N93DBZL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a879b4a29ad03a09b29af34fc8d62ad844c80a845d874a3972308302988434f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 23 Nov 2024 19:08:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 19:08:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 140042
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
pagead2.googlesyndication.com/ccm/ 0
0 370ms
220ms Ping
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.helpinghand.ch%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1279203123.1732388934&npa=1&gtm=45He4bk0v812234447za200&gcs=G100&gcd=13p3p3p3p5l1&dma_cps=-&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732388933610&tfd=1674&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N93DBZL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 281 KB
97 KB 371ms
222ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-836505241&l=dataLayer&cx=c&gtm=45He4bk0v812234447za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N93DBZL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97fb4f21d6be818dd69b452d459366c4f357e027b865898f973361e0ba7579a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 23 Nov 2024 19:08:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 19:08:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 23 Nov 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99354
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 4F68 0
0 337ms
53ms Document
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.helpinghand.ch

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N93DBZL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 282134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Nov 2024 12:46:40 GMT
expires: Thu, 20 Nov 2025 12:46:40 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 15.086489267d794c70c2b2.js Show response
static.cognitoforms.com/form/modern/ 897 B
1 KB 387ms
2ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/15.086489267d794c70c2b2.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e435d9836691d05d9191e0ef08e2a9ddf6ac65a24d35f6cc09ed453bd32b954b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DD099C827EF64E
x-fd-int-roxy-purgeid: 76635488
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:08:54 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2024 19:49:56 GMT
cache-control: public, max-age=31536000
x-ms-request-id: 7eefff00-801e-002d-1387-3b1f4e000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 897
x-azure-ref: 20241123T190854Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000001yv1
x-ms-blob-type: BlockBlob

GET
H2 200 59.cedee19326e9355d55cd.js Show response
static.cognitoforms.com/form/modern/ 958 B
1 KB 388ms
4ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/59.cedee19326e9355d55cd.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8b35638ab1e248890e75acf51458f03a42272911ef096cb40ddb3f2a91002e56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DD099C825FAA9B
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:08:54 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2024 19:49:56 GMT
cache-control: public, max-age=31536000
x-ms-request-id: 14e993c4-501e-003e-059d-3b3b42000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 958
x-azure-ref: 20241123T190854Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000001yv2
x-ms-blob-type: BlockBlob

GET
H2 200 166.c36cd2387c277ec069f2.js Show response
static.cognitoforms.com/form/modern/ 1 KB
1 KB 390ms
5ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/166.c36cd2387c277ec069f2.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fcf69b85a1931d9f9117128815196ec3f9ebe925d293c4cb6fe61d9054815203

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190854Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000001yv3
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: e98f586b-301e-0075-5d85-3bc711000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:08:54 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:56 GMT

GET
H3 200 576490840421285 Show response
connect.facebook.net/signals/config/ 68 KB
13 KB 190ms
187ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/576490840421285?v=2.9.176&r=stable&domain=www.helpinghand.ch&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

1fb642d5602a312717ffd1ddc938f0b279b3861fc810c83025afbfea0de4bf63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-6cuWmO8i' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 19:08:54 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-6cuWmO8i' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=68, mss=1232, tbw=74068, tp=69, tpl=0, uplat=155, ullat=0
pragma: public
x-fb-debug: qcXhcfiT4EO89LaZf2zOWawe6w0Ic3dSxHAnXDQXpDYL63ABBskFkG698iRs4knlChxEY1K77Jnz+xakrz+1nw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 26.e7854b04cb40707eda24.js Show response
static.cognitoforms.com/form/modern/ 115 KB
49 KB 59ms
45ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/26.e7854b04cb40707eda24.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6bf72c2a60763aeb8bdb34d79103531e49b39ddfd763be8b76017e27a92bea0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190854Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000001yv6
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 1e6356ee-001e-0033-25b8-3bf396000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:08:54 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:55 GMT

GET
H2 200 97.a58e418a30a485ad73c9.js Show response
static.cognitoforms.com/form/modern/ 2 KB
1 KB 47ms
33ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/97.a58e418a30a485ad73c9.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f3fdc0e9751d1e12ab731f07e23ba7d3922b91b2bf66bb3e17c0712adfc60ae4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190854Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000001yv7
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 1f5f1045-301e-005a-537c-3bcada000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:08:54 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Nov 2024 21:04:19 GMT

GET
H2 200 179.b3ad8883616224d153c3.js Show response
static.cognitoforms.com/form/modern/ 3 KB
2 KB 58ms
44ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/179.b3ad8883616224d153c3.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dba97f9a9c67e3e3b8bc5ef29ee553ed65509de7ed685937b505cab79d1ceeea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190854Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000001yv8
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 5a11ed4a-401e-0032-5572-3bac4a000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:08:54 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Nov 2024 21:04:20 GMT

GET
DATA 200
OK truncated
/ 497 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05d055c4cb935414f1cc2eb7ffec3f85f541991a10899c53baf31a1e630a78fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 159.4050a6606b15567589b7.js Show response
static.cognitoforms.com/form/modern/ 126 KB
39 KB 130ms
32ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/159.4050a6606b15567589b7.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63582851836dff82728f8856ebb49d5201bc670eab37902b08a3f8f54af4af2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190855Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000001yw2
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 76635488
x-ms-request-id: 3ef1e34c-f01e-0018-1088-3b735a000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:08:55 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:56 GMT

GET
H2 200 175.12fc93df660160b493b6.js Show response
static.cognitoforms.com/form/modern/ 38 KB
9 KB 128ms
32ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/175.12fc93df660160b493b6.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dad3626bfdd6df8df3ef134a0792f5f33facd3748ed90e10c5c2f5e61baa0aa8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190855Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000001yw3
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: dc053f6e-c01e-005e-527d-3b47dd000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:08:55 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Nov 2024 21:04:19 GMT

GET
H2 200 92.847df545fd4326f7a7f0.js Show response
static.cognitoforms.com/form/modern/ 44 KB
17 KB 127ms
33ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/92.847df545fd4326f7a7f0.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a0f0b1a16a4248c76b01b41d9a3896820ef161cc49e87462c0e120f7a35c28f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190855Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000001yw4
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: ae8dbe1e-801e-0002-807d-3b1285000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:08:55 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Nov 2024 21:04:20 GMT

GET
H2 200 174.c051cfc8f164c8f0ad16.js Show response
static.cognitoforms.com/form/modern/ 114 KB
44 KB 124ms
31ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/174.c051cfc8f164c8f0ad16.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0fd8b460196e608469911def62fb205410138e07a57fd704642f2b2ee50c3345

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190855Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000001yw5
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 76635488
x-ms-request-id: 05d6609e-501e-0063-4088-3b31c6000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:08:55 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:55 GMT

GET
H2 200 43.b4d323c88a83b9cbaf2c.js Show response
static.cognitoforms.com/form/modern/ 137 KB
46 KB 124ms
31ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/43.b4d323c88a83b9cbaf2c.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 061148d21151e8d4e029850266d14213945409723193e807293c8587fe357098

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190855Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000001yw6
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 55284f16-e01e-0076-2af8-3c2675000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:08:55 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 15:39:58 GMT

GET
H2 200 156.aa34b79839789dfbb3ed.js Show response
static.cognitoforms.com/form/modern/ 108 KB
40 KB 102ms
32ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/156.aa34b79839789dfbb3ed.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e809bbf3532cb8a36f7769c71e5c797e5158946c5ea722be317a6ec3b5aed3d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190855Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000001yw7
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 76635488
x-ms-request-id: 86f61117-101e-005d-07f8-3ca6b9000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:08:55 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 15:39:58 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 19939ms
19873ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=576490840421285&ev=PageView&dl=https%3A%2F%2Fwww.helpinghand.ch%2F&rl=&if=false&ts=1732388935187&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732388935179.904969299205509899&ler=empty&cdl=API_unavailable&it=1732388934757&coo=false&rqm=GET

Requested by

Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4511, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 23 Nov 2024 19:08:55 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 19938ms
19872ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=576490840421285&ev=PageView&dl=https%3A%2F%2Fwww.helpinghand.ch%2F&rl=&if=false&ts=1732388935187&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732388935179.904969299205509899&ler=empty&cdl=API_unavailable&it=1732388934757&coo=false&rqm=FGET

Requested by

Host: www.helpinghand.ch
URL: https://www.helpinghand.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440553821805433090"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 19:08:55 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: PUiFA45r8BNzgMm6bikorC97j0YRQHruP1E13NGUYA5Gq7pYVUvsEp/uQ7F9tEOFfTMvDSBGhQsH4+dHaqlRPA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440553821805433090", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4879, tp=13, tpl=0, uplat=167, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 19768ms
19697ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9D6Y845RS7&gtm=45je4bk0v886857335z8812234447za200zb812234447&_p=1732388932292&gcs=G100&gcd=13p3p3V3p5l1&npa=1&dma_cps=-&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1683747288.1732388935&ecid=370655292&ul=de-ch&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=EA&_s=1&sid=1732388935&sct=1&seg=0&dl=https%3A%2F%2Fwww.helpinghand.ch%2F&dt=Home%20-%20Helping%20Hand%20Moving%20%26%20Services&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&tfd=3440
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9D6Y845RS7&l=dataLayer&cx=c&gtm=45He4bk0v812234447za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.helpinghand.ch
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 19:08:55 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 1 Show response
www.cognitoforms.com/svc/load-form/new-session/BzPE_ouunUaSmP1r_m_NLQ/ 2 KB
3 KB 190ms
189ms XHR
application/json 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/svc/load-form/new-session/BzPE_ouunUaSmP1r_m_NLQ/1?embedContext=seamless

Requested by

Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/174.c051cfc8f164c8f0ad16.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

af266fd571cdc1216e721f2d20d7cbfc162e755e790b455095311aa8702310d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=35136000; includeSubDomains

Request headers

Referer: https://www.helpinghand.ch/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*

Response headers

strict-transport-security: max-age=35136000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate
access-control-expose-headers: X-SessionToken,X-Server-Time, Request-Context
x-request-time: 77ms
x-role-instance: cogwprdb0003AL
pragma: no-cache
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
expires: -1
access-control-allow-origin: *
content-length: 2439
x-server-time: 2024-11-23T19:09:15.870Z
date: Sat, 23 Nov 2024 19:09:15 GMT
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
content-type: application/json; charset=utf-8

OPTIONS
H2 200 1
www.cognitoforms.com/svc/load-form/new-session/BzPE_ouunUaSmP1r_m_NLQ/ Frame 0
0 518ms
131ms Preflight 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/svc/load-form/new-session/BzPE_ouunUaSmP1r_m_NLQ/1?embedContext=seamless

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=35136000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.helpinghand.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: x-requested-with, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: Request-Context
access-control-max-age: 1728000
content-length: 0
date: Sat, 23 Nov 2024 19:09:15 GMT
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
strict-transport-security: max-age=35136000; includeSubDomains
x-request-time: 0ms
x-role-instance: cogwprdb0003AP

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 121 B
382 B 77ms
72ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/609d5d2b185beb22b30cfbf0/1f5jb7sjn

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
age: 157317
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373dacac92c59-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 81 KB
32 KB 53ms
47ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/609d5d2b185beb22b30cfbf0/1f5jb7sjn

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
age: 821104
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373dadace2c59-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 212 KB
71 KB 79ms
76ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/609d5d2b185beb22b30cfbf0/1f5jb7sjn

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"77a40166698f808a0942865537165b0f"
age: 286131
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373dadad02c59-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 223 KB
63 KB 175ms
171ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/609d5d2b185beb22b30cfbf0/1f5jb7sjn

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b17f212fc06e1cde0574bdd1ee89d507461f5777e3039c725dbb40b5ebb3f192

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"ae0a97d1265892fc012190aa72881581"
age: 724418
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373dadad22c59-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 2 KB
1 KB 201ms
198ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/609d5d2b185beb22b30cfbf0/1f5jb7sjn

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41c6e86ff4eff6723f15faa7650734836876f67fd98e91d08908115271eac6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"895415bbe1b8cf97aef258d17cb33187"
age: 821104
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373dadad42c59-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 151 B
400 B 201ms
197ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/609d5d2b185beb22b30cfbf0/1f5jb7sjn

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373dadad62c59-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 favicon.png
www.helpinghand.ch/images/ 111 KB
111 KB 48ms
44ms Other
image/png 46.4.250.97
HETZNER-AS Hetzne...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.helpinghand.ch/images/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.4.250.97 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: rlx1.loginserver.ch
Software: nginx / PleskLin
Resource Hash: 1aa4a8d09a2271ee07dd6cc28f932809d85c6b82b7dc46859ae29d1b915d2815

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

etag: "1ba62-6115a48340d50"
accept-ranges: bytes
content-length: 113250
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: image/png
last-modified: Wed, 14 Feb 2024 16:48:36 GMT
server: nginx
x-powered-by: PleskLin

GET
H3 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
2 KB 114ms
92ms Fetch
application/json 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=609d5d2b185beb22b30cfbf0&widgetId=1f5jb7sjn&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdfde08a34842ed6e4b098a1ecc72dc10f2d12f3aeaf949e5220cbd07df55040

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: HIT
etag: W/"2-25-0"
age: 1191
access-control-allow-methods: GET,OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-r3ts
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 8e7373dcbc762c59-FRA
access-control-allow-origin: *
server: cloudflare

OPTIONS
H3 200 start
va.tawk.to/v1/session/ Frame 0
0 177ms
169ms Preflight
text/html 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.helpinghand.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.helpinghand.ch
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8e7373dcbc782c59-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 23 Nov 2024 19:09:15 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-0d53

POST
H3 200 start Show response
va.tawk.to/v1/session/ 164 B
429 B 152ms
145ms Fetch
application/json 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80703151c084c7bd9ede7edf72ced94da55ee016efde74f7bf45820aaa750215

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: https://www.helpinghand.ch/

Response headers

access-control-max-age: 3600
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-zb63
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-credentials: true
cf-ray: 8e7373ddcab4dc7a-FRA
access-control-allow-origin: https://www.helpinghand.ch
server: cloudflare

GET
H3 200 de.js Show response
embed.tawk.to/_s/v4/app/67354992019/languages/ 17 KB
5 KB 72ms
71ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/languages/de.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e48d6154edd50d50f89e872905008649b26846145f381974d43c6bc95f434619

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"68a07aa546b548e38614d384cf36bd42"
age: 823914
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: MISS
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373dd494adc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-bf24a88e.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 10 KB
3 KB 67ms
62ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"c96127c9a0429d69fecbeb73fd410443"
age: 823916
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373decd39dc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-71978bb6.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 18 KB
5 KB 44ms
40ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-71978bb6.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e24c6486aaebd7397266feec4133d7ece6c169444a438e5ccd93d7aa89246d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"adcf466d8e820d5dd8a7df9975fcba50"
age: 823916
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373decd3fdc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-f1565420.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 11 KB
4 KB 69ms
65ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-f1565420.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c794b77e334506d36bd79580f6d33ccedc6d13b5c05b2b701123399d3d49947

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1f098cd7a811a2ceef21d53835262c2d"
age: 823916
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: MISS
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373decd40dc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-7c2f6ba4.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 5 KB
2 KB 69ms
65ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-7c2f6ba4.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"977b0aa25f349861d14d837b480e5615"
age: 823916
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373decd43dc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 17 KB
6 KB 44ms
40ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4decde1fd4af3ee8c5952646190f4c638de918ceb129cc4e87e2e2edc67dc87d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"d26f24b5583b0a809ef3db128cbf6a06"
age: 823916
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373decd45dc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 906 B
696 B 44ms
40ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
age: 823916
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373decd46dc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 535 B
608 B 66ms
62ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"c506281367048d4a134c9affbc68c8c6"
age: 823916
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373decd4bdc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 120 KB
31 KB 66ms
64ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42428b7cf745a93ba7853cdb58324b7e0121fbbeb5f61be5479d73e384be104

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"ad43e469764eb884ca6ab070740c1931"
age: 823916
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:15 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373decd4ddc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 1 Show response
www.cognitoforms.com/svc/load-form/form-def/BzPE_ouunUaSmP1r_m_NLQ/ 184 KB
20 KB 345ms
345ms Script
application/javascript 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/svc/load-form/form-def/BzPE_ouunUaSmP1r_m_NLQ/1

Requested by

Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/43.b4d323c88a83b9cbaf2c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2da5b205cde84ee5cd7e5ffa132d9b8b1cb4cf0c9f03ed3334dd3ffc0f5c6edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=35136000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

strict-transport-security: max-age=35136000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate
access-control-expose-headers: X-SessionToken,X-Server-Time, Request-Context
content-encoding: gzip
x-role-instance: cogwprdb0003AK
pragma: no-cache
x-request-time: 98ms
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
expires: -1
access-control-allow-origin: *
content-length: 19477
x-server-time: 2024-11-23T19:09:16.063Z
date: Sat, 23 Nov 2024 19:09:16 GMT
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
content-type: application/javascript; charset=utf-8

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame 3D0E 24 KB
6 KB 40ms
39ms Stylesheet
text/css 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69fb03e8827d27e64583979ae09fe2242047e15c953e7aa3a85b9af66a031cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2d7f176b563b25833791f4844819b5ee"
age: 823917
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373df5ed6dc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame D044 42 KB
10 KB 36ms
35ms Stylesheet
text/css 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ebe81ec01c33bd339149314130d65c8a716890fe6c9edb50300c0965c759b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"313ec28abf9889abec5153d8318e8022"
age: 823917
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 00:52:20 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373df7f5bdc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame 3532 13 KB
3 KB 35ms
34ms Stylesheet
text/css 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb4d72e4e2a01c6eb415c6645a0e9da33f5e85afe211230132f59341e1f1a23e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"ce7913b80c763449b3895d46419f7a6b"
age: 823916
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 00:52:20 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373df8f75dc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame DC87 79 KB
18 KB 46ms
46ms Stylesheet
text/css 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b24be039d81d334a5b082bd6c883988e026ca276debc7bea3b4941d4146abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"d20ad407080e4c57efd32ce36955d7db"
age: 823917
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 00:52:20 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-cache-status: MISS
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373df9fa4dc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
40 KB 26ms
26ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
age: 1872247
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230037-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41275

GET
H3 200 70-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 3532 7 KB
3 KB 47ms
47ms Image
image/svg+xml 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/70-r-br.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45b4082b87474e2c206fa66a24d028f1449118bc95ef9393fe1fa19d68581ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"69a4bfc4b10e40bb10175a0ada4f75a8"
age: 1617922
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: image/svg+xml
last-modified: Sat, 22 May 2021 07:25:17 GMT
vary: Accept-Encoding
priority: u=3,i
x-cache-status: MISS
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e7373dfd886dc7a-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 opensanscondensed.css
www.cognitoforms.com/content/fonts/opensanscondensed/ 5 KB
1 KB 189ms
189ms Stylesheet
text/css 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/content/fonts/opensanscondensed/opensanscondensed.css

Requested by

Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/form-def/BzPE_ouunUaSmP1r_m_NLQ/1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5470d8ba3d52e47b7719c9d91ff8bd76d2c502e8c93d05738a0c23956dd4d491

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://; connect-src 'self' https:// wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
Strict-Transport-Security	max-age=35136000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

access-control-expose-headers: X-SessionToken,X-Server-Time, Request-Context
content-encoding: gzip
x-request-time: 0ms
etag: "003f4ef43cdb1:0"
x-content-type-options: nosniff
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: text/css
last-modified: Fri, 22 Nov 2024 15:36:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=35136000; includeSubDomains
content-security-policy: default-src 'self' https://*; connect-src 'self' https://* wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
x-role-instance: cogwprdb0003BB
referrer-policy: origin-when-cross-origin
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
accept-ranges: bytes
access-control-allow-origin: *
content-length: 609
x-server-time: 2024-11-23T19:09:16.473Z

GET
H2 200 42.3a91f38e2af1979e451f.js Show response
static.cognitoforms.com/form/modern/ 20 KB
9 KB 31ms
31ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/42.3a91f38e2af1979e451f.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d6a49ac01aa5c4175c35c4574d76a10aebda7a7626fc89d99b3d9da14f0e7fe2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202d
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 8def95d4-a01e-0048-0d84-3bb10a000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Nov 2024 21:04:19 GMT

GET
H2 200 143.2d4ee67a3c3cadd27c82.js Show response
static.cognitoforms.com/form/modern/ 6 KB
4 KB 40ms
40ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/143.2d4ee67a3c3cadd27c82.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c2ff1f572aa56db9c494b01c0951ca8aa34def963aff09ec2bf89235461887df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202g
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 76635488
x-ms-request-id: eb846128-501e-0011-399e-3b3689000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:55 GMT

GET
H2 200 182.17d29c9292682a224972.js Show response
static.cognitoforms.com/form/modern/ 566 B
1 KB 52ms
50ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/182.17d29c9292682a224972.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4e617eb84bff1e6dd6cf5da959006376f36f00a91c8002aa4685a35c2b649897

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202m
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DD099C81F18612
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 0213c15e-801e-0060-4d9a-3bd0a2000000
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 566
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2024 19:49:55 GMT
x-ms-blob-type: BlockBlob

GET
H2 200 110.29b486be44df173ab6bf.js Show response
static.cognitoforms.com/form/modern/ 4 KB
2 KB 75ms
74ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/110.29b486be44df173ab6bf.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1d18993469cea82b18024c6834565d58cda868f4283a753d3d2b36d90773c571

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202n
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 76635488
x-ms-request-id: 6fac7169-c01e-004e-1f80-3b82b5000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Nov 2024 21:04:19 GMT

GET
H2 200 4.0b86619b240a1fdcc31b.js Show response
static.cognitoforms.com/form/modern/ 749 B
1 KB 76ms
74ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/4.0b86619b240a1fdcc31b.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5a3b88dad614f85ad7268d39c1a580c576fbd6aec5811ddb41d7aa4058329077

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DD099C8206A407
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: application/javascript
last-modified: Wed, 20 Nov 2024 19:49:55 GMT
cache-control: public, max-age=31536000
x-ms-request-id: b871bc10-801e-004f-27b8-3bdd69000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 749
x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202p
x-ms-blob-type: BlockBlob

GET
H2 200 7.1b20be2a1f1b0be8f590.js Show response
static.cognitoforms.com/form/modern/ 8 KB
3 KB 75ms
74ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/7.1b20be2a1f1b0be8f590.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2041f5c5779b09be2765cfc98e6f1fdbe76d25b437261a42ba0dcd684555e7a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202q
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 76635488
x-ms-request-id: 0079067b-901e-0021-4588-3b8846000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:56 GMT

GET
H2 200 116.66e2a09799902175d35c.js Show response
static.cognitoforms.com/form/modern/ 18 KB
5 KB 88ms
87ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/116.66e2a09799902175d35c.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 032d44de0fcd539a39626b0c6aa91cb2c18cd07711b5bf69e3e152d42e49b57b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202r
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 76635488
x-ms-request-id: a77f647d-601e-0025-2088-3b0541000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:56 GMT

GET
H2 200 22.7300176f638027ea8b47.js Show response
static.cognitoforms.com/form/modern/ 10 KB
4 KB 88ms
88ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/22.7300176f638027ea8b47.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0b4ca4f5eb8e603848043715371d934f3dd0ea67474a74fca5109cc217c21e05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202s
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 044ceda9-b01e-0054-19b8-3be36a000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:56 GMT

GET
H2 200 12.f19387a6966f45ac93d9.js Show response
static.cognitoforms.com/form/modern/ 1 KB
1 KB 89ms
88ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/12.f19387a6966f45ac93d9.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e9f4dd05b30595d6273309278be2171bcb7b5cd8a8f2c9957e9fae9876f277f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202t
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 76635488
x-ms-request-id: 04118d70-301e-0028-6a88-3bcd95000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:56 GMT

GET
H2 200 106.86ec25bb55a7c46cf354.js Show response
static.cognitoforms.com/form/modern/ 5 KB
2 KB 84ms
83ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/106.86ec25bb55a7c46cf354.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ce41ef95e80be8f3b424bb5740da2d4a842a16981cf00fe23806c5e56d529233

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202u
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: ad8cdd3a-801e-0070-7ab6-3b15ca000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:56 GMT

GET
H2 200 11.29b04c9cb8f6c974f4f0.js Show response
static.cognitoforms.com/form/modern/ 544 B
1 KB 169ms
168ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/11.29b04c9cb8f6c974f4f0.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 38d28e8d380a897e2e9af020901efcef16e6e06ed1a30d71aa64c398dbb12c80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DD08DDBCE8FD4A
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 21:04:20 GMT
cache-control: public, max-age=31536000
x-ms-request-id: 52418e05-101e-0062-646e-3b6e1a000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 544
x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202v
x-ms-blob-type: BlockBlob

GET
H2 200 0.2ea25ae8a6b9fba9e71b.js Show response
static.cognitoforms.com/form/modern/ 269 B
780 B 116ms
115ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/0.2ea25ae8a6b9fba9e71b.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a91f4ab764c39a720ef3a5fe0d590a62029ca02a6b3cf940bd70c5fbb726d711

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DD08DDBC9B8294
x-fd-int-roxy-purgeid: 76635488
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: application/javascript
last-modified: Tue, 19 Nov 2024 21:04:20 GMT
cache-control: public, max-age=31536000
x-ms-request-id: fa2f9261-101e-0072-3b7d-3bab72000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 269
x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202w
x-ms-blob-type: BlockBlob

GET
H2 200 1.97808a4f43f64c6b1c58.js Show response
static.cognitoforms.com/form/modern/ 12 KB
5 KB 117ms
116ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/1.97808a4f43f64c6b1c58.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 86a39273b3e9a40b9c31ece0712e703501efe121a860ddb6621999556e0e82a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d000000000202x
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 7e271f95-e01e-0004-32f8-3c213a000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 15:39:58 GMT

GET
H2 200 2.742873f5a1b0404d3649.js Show response
static.cognitoforms.com/form/modern/ 6 KB
2 KB 192ms
191ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/2.742873f5a1b0404d3649.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c0fe10880b3c913fceb3c873715c64a9b03bb0789e7bc687ee4944e755cc20d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000002033
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 76635488
x-ms-request-id: 7ef72d5a-801e-002d-5588-3b1f4e000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:56 GMT

GET
H2 200 5.b560bda8b8d5959e1fbf.js Show response
static.cognitoforms.com/form/modern/ 4 KB
2 KB 195ms
194ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/5.b560bda8b8d5959e1fbf.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 343c1cc9e89310c9d1b6f1045338a81106f4cfa166f7f4e63fe4da0de043f394

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000002034
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: 260f6db0-601e-0047-1494-3bc766000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:55 GMT

GET
H2 200 19.26cadde62a25ffe824da.js Show response
static.cognitoforms.com/form/modern/ 24 KB
9 KB 188ms
187ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/19.26cadde62a25ffe824da.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 85664da690bf7a49ad04e47bf059af7c51664118320b582ba6a4d9ee7d5464ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000002035
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: ae7c3ed7-601e-000a-1694-3b088a000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 20 Nov 2024 19:49:56 GMT

GET
H2 200 125.893313ebad259d3861ab.js Show response
static.cognitoforms.com/form/modern/ 56 KB
18 KB 278ms
278ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/125.893313ebad259d3861ab.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/script/seamless.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d54382bf4acda9c28cbb3167c673143ee8c71c16f309fe72aef1f4c6cb79ef15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

x-azure-ref: 20241123T190916Z-17cc777866cjb9tthC1ZRHdsf000000004d0000000002036
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-ms-request-id: b605a032-101e-0062-26f8-3c6e1a000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 23 Nov 2024 19:09:16 GMT
x-ms-blob-type: BlockBlob
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 15:39:58 GMT

GET
H2 200 opensanscondensed-latin-700.woff2
www.cognitoforms.com/content/fonts/opensanscondensed/ 16 KB
17 KB 957ms
957ms Font
application/font-woff2 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/content/fonts/opensanscondensed/opensanscondensed-latin-700.woff2

Requested by

Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/content/fonts/opensanscondensed/opensanscondensed.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://; connect-src 'self' https:// wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
Strict-Transport-Security	max-age=35136000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://www.cognitoforms.com/content/fonts/opensanscondensed/opensanscondensed.css

Response headers

access-control-expose-headers: X-SessionToken,X-Server-Time, Request-Context
x-request-time: 0ms
etag: "003f4ef43cdb1:0"
x-content-type-options: nosniff
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: application/font-woff2
last-modified: Fri, 22 Nov 2024 15:36:32 GMT
strict-transport-security: max-age=35136000; includeSubDomains
content-security-policy: default-src 'self' https://*; connect-src 'self' https://* wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
x-role-instance: cogwprdb0003AQ
referrer-policy: origin-when-cross-origin
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16324
x-server-time: 2024-11-23T19:09:16.731Z

GET
H2 200 opensanscondensed-latin-300.woff2
www.cognitoforms.com/content/fonts/opensanscondensed/ 15 KB
15 KB 1173ms
1173ms Font
application/font-woff2 20.246.218.104
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/content/fonts/opensanscondensed/opensanscondensed-latin-300.woff2

Requested by

Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/content/fonts/opensanscondensed/opensanscondensed.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.246.218.104 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://; connect-src 'self' https:// wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
Strict-Transport-Security	max-age=35136000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.helpinghand.ch
Referer: https://www.cognitoforms.com/content/fonts/opensanscondensed/opensanscondensed.css

Response headers

access-control-expose-headers: X-SessionToken,X-Server-Time, Request-Context
x-request-time: 0ms
etag: "003f4ef43cdb1:0"
x-content-type-options: nosniff
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: application/font-woff2
last-modified: Fri, 22 Nov 2024 15:36:32 GMT
strict-transport-security: max-age=35136000; includeSubDomains
content-security-policy: default-src 'self' https://*; connect-src 'self' https://* wss:; media-src 'self' https://* blob:; font-src 'self' https://* data:; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:; worker-src blob:;
x-role-instance: cogwprdb0003AT
referrer-policy: origin-when-cross-origin
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14964
x-server-time: 2024-11-23T19:09:16.732Z

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 442 KB
137 KB 150ms
149ms Script
application/javascript 142.250.185.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9D6Y845RS7

Requested by

Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/110.29b486be44df173ab6bf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c5fcda552707e6006ddd49ff35be1517ef89be19428e3d6fccaca46c65241eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 23 Nov 2024 19:09:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 140063
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 130ms
126ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9D6Y845RS7&gtm=45je4bk0v886857335za200zb812234447&_p=1732388932292&gcs=G100&gcd=13p3p3V3p5l1&npa=1&dma_cps=-&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1683747288.1732388935&ecid=370655292&ul=de-ch&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=EA&_s=2&dl=%2F%23HelpingHandGratisOffertenanfrage%23Page%201&sid=1732388935&sct=1&seg=1&dt=Home%20-%20Helping%20Hand%20Moving%20%26%20Services&en=page_view&_c=1&_ee=1&_et=21348&tfd=24783
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9D6Y845RS7&l=dataLayer&cx=c&gtm=45He4bk0v812234447za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.helpinghand.ch/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.helpinghand.ch
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 19:09:16 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.helpinghand.ch/	1970-01-21 03:22:44	Name: _fbp Value: fb.1.1732388935179.904969299205509899
www.helpinghand.ch/	1969-12-31 23:59:59	Name: twk_idm_key Value: K17ERHt-tWSL0biMW1h0V
www.helpinghand.ch/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
connect.facebook.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
helpinghand.ch
pagead2.googlesyndication.com
region1.google-analytics.com
services.cognitoforms.com
static.cognitoforms.com
va.tawk.to
www.cognitoforms.com
www.facebook.com
www.googletagmanager.com
www.helpinghand.ch
www.kundenversprechen.ch
142.250.185.162
142.250.185.72
151.101.193.229
157.240.0.35
157.240.251.9
168.119.44.214
172.217.18.3
172.67.15.14
20.246.218.104
2001:4860:4802:32::36
2620:1ec:bdf::45
2a00:1450:4001:800::200a
2a00:1450:4001:80f::2008
2a04:4e42::485
46.4.250.97
032d44de0fcd539a39626b0c6aa91cb2c18cd07711b5bf69e3e152d42e49b57b
05d055c4cb935414f1cc2eb7ffec3f85f541991a10899c53baf31a1e630a78fd
061148d21151e8d4e029850266d14213945409723193e807293c8587fe357098
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0b4ca4f5eb8e603848043715371d934f3dd0ea67474a74fca5109cc217c21e05
0fd8b460196e608469911def62fb205410138e07a57fd704642f2b2ee50c3345
1267fd33fcf3ab4043a7cc62cc9259a2c66f839f695216f7737ed37b7b3e62e6
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
1aa4a8d09a2271ee07dd6cc28f932809d85c6b82b7dc46859ae29d1b915d2815
1d100c1876b63595fd3e95c01592429bf8432722ed5600063f217c5cd17e61ac
1d18993469cea82b18024c6834565d58cda868f4283a753d3d2b36d90773c571
1fb642d5602a312717ffd1ddc938f0b279b3861fc810c83025afbfea0de4bf63
2041f5c5779b09be2765cfc98e6f1fdbe76d25b437261a42ba0dcd684555e7a1
265ba0828fe5222f289924f2c7bd1ae2238d98afe7c4ed119a9c447250e58c34
2a91fe5cebcfc1242a75cb12702bd547903f2e10fd59f0e4a80a5729eb3e6e51
2ab71d12b24e5ade0280071d749fdec1684c256d397a258f78176f2d4f5b524f
2da5b205cde84ee5cd7e5ffa132d9b8b1cb4cf0c9f03ed3334dd3ffc0f5c6edf
343c1cc9e89310c9d1b6f1045338a81106f4cfa166f7f4e63fe4da0de043f394
357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81
36ce5793622f53fdea0da07e2aad17fbb995f29e32373561c49ecdab9640033e
38d28e8d380a897e2e9af020901efcef16e6e06ed1a30d71aa64c398dbb12c80
3f1adc0ae0651643d594fb06c4dcede7d5b710a60e1fbf73faffedabdb854b63
41c6e86ff4eff6723f15faa7650734836876f67fd98e91d08908115271eac6e5
45b4082b87474e2c206fa66a24d028f1449118bc95ef9393fe1fa19d68581ef8
49cd56c9e3dfb926dc0542b8bf5b8934ea8aeedb41d43f2d4c7a6a513331508f
4decde1fd4af3ee8c5952646190f4c638de918ceb129cc4e87e2e2edc67dc87d
4e617eb84bff1e6dd6cf5da959006376f36f00a91c8002aa4685a35c2b649897
4e61bbdda25e99cbde738641c0362d00875468cf0967e2da08c7d831c79cc66d
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5470d8ba3d52e47b7719c9d91ff8bd76d2c502e8c93d05738a0c23956dd4d491
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
54a8d974a353eb027b506652b28f38f9ef7adbbf29ab0bd5a3301e67b2bf88e4
57ada345dc677b0b614d9f39e775fedde2d2ec49f29660654cbba52b1b5a2220
5a3b88dad614f85ad7268d39c1a580c576fbd6aec5811ddb41d7aa4058329077
5a67b7eb828aa59da76df63181a6f65a03a565dd4c9190435a27bd6605d23ada
5d14e1355f6dc3fae99dda64bd1b376867196c66c2eb3dd07ffb18f8dd0d242b
5eaef8ae27227263b3ad4c15d087e6e0b1b9519465a09b8c413aab86a9cf79ae
63582851836dff82728f8856ebb49d5201bc670eab37902b08a3f8f54af4af2c
69fb03e8827d27e64583979ae09fe2242047e15c953e7aa3a85b9af66a031cbd
6a8a08d9057f97e33172e7d0502385a5de10e4aca1d79e799c1d171ff0345cc6
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6bf72c2a60763aeb8bdb34d79103531e49b39ddfd763be8b76017e27a92bea0b
6de7acc40f47ea3830940af44818f2f13eed1a58b921f53571be854e301b4637
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
74ec7aa456249a38fb4826bd398c5ceb4fc82469ca304492a70af2b8500db605
7c794b77e334506d36bd79580f6d33ccedc6d13b5c05b2b701123399d3d49947
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7f74951573f7d0c81a859d19ecba755b4d8cb8b82d880b64f2e16a4db1b135f6
80703151c084c7bd9ede7edf72ced94da55ee016efde74f7bf45820aaa750215
80712f2f3be98d4f775454e0bb99b202099cfb42350b307361ed1885327cbaa2
80e2dba80fdae6f3671ebef401a125cf1107b1d836f1fa8f5221abb8874b8537
85664da690bf7a49ad04e47bf059af7c51664118320b582ba6a4d9ee7d5464ee
86a39273b3e9a40b9c31ece0712e703501efe121a860ddb6621999556e0e82a5
879c9c6440e6cf00f5c9ce12c552146d96978e4f98420215531d77848965f3ab
8b35638ab1e248890e75acf51458f03a42272911ef096cb40ddb3f2a91002e56
8bec0b406aac0001b783fb1f55bfa909661261ddf17f59f57af90a864bf06f44
97fb4f21d6be818dd69b452d459366c4f357e027b865898f973361e0ba7579a9
9876182161e88094727991be7443f4c9f83999f8ef3a8bee7ecbdc7b8b1e452c
a0f0b1a16a4248c76b01b41d9a3896820ef161cc49e87462c0e120f7a35c28f4
a17d57754fa3cfa41c4feda5318d89723eaafc86b1636419762894ba25cb10e9
a7b24be039d81d334a5b082bd6c883988e026ca276debc7bea3b4941d4146abd
a879b4a29ad03a09b29af34fc8d62ad844c80a845d874a3972308302988434f7
a8da0eca82a747f98da93aea04e8d343b1892741cd374386858ba20c218e3689
a91f4ab764c39a720ef3a5fe0d590a62029ca02a6b3cf940bd70c5fbb726d711
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab11b26b8cb1b8ca8750bbcc7f9b15ac89f95237715cefa876cd15adc236ae15
af266fd571cdc1216e721f2d20d7cbfc162e755e790b455095311aa8702310d0
b17f212fc06e1cde0574bdd1ee89d507461f5777e3039c725dbb40b5ebb3f192
bb6c2d338fe27c66180e8a3a04ac75c949a525f4bdd49b575d7fd520e33d0b41
bdfde08a34842ed6e4b098a1ecc72dc10f2d12f3aeaf949e5220cbd07df55040
c0fe10880b3c913fceb3c873715c64a9b03bb0789e7bc687ee4944e755cc20d8
c142081494bca392cb1b07a80f65c71e06007b81262e73a0d0be3f062445e43e
c2ff1f572aa56db9c494b01c0951ca8aa34def963aff09ec2bf89235461887df
c3e24c6486aaebd7397266feec4133d7ece6c169444a438e5ccd93d7aa89246d
c4ebe81ec01c33bd339149314130d65c8a716890fe6c9edb50300c0965c759b8
c5fcda552707e6006ddd49ff35be1517ef89be19428e3d6fccaca46c65241eb5
ca046b8b1b1094107205988e7096a687b241c8ef5f3fefe5e543ed28d26646c1
cabfcc9c90adb992b0888e5a7de8aa3969faece1ae2a01fe09993782d4cdecfd
ce41ef95e80be8f3b424bb5740da2d4a842a16981cf00fe23806c5e56d529233
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
d54382bf4acda9c28cbb3167c673143ee8c71c16f309fe72aef1f4c6cb79ef15
d6a49ac01aa5c4175c35c4574d76a10aebda7a7626fc89d99b3d9da14f0e7fe2
dad3626bfdd6df8df3ef134a0792f5f33facd3748ed90e10c5c2f5e61baa0aa8
dba97f9a9c67e3e3b8bc5ef29ee553ed65509de7ed685937b505cab79d1ceeea
e04a8ce859afa6764035daa4ee9853b6af187d6be7448719181eee46f1f37fc0
e342c686ca7f80dba6133afd17f537f6d734f921e6435c07d3cdd5bc9151b5aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42428b7cf745a93ba7853cdb58324b7e0121fbbeb5f61be5479d73e384be104
e435d9836691d05d9191e0ef08e2a9ddf6ac65a24d35f6cc09ed453bd32b954b
e48d6154edd50d50f89e872905008649b26846145f381974d43c6bc95f434619
e809bbf3532cb8a36f7769c71e5c797e5158946c5ea722be317a6ec3b5aed3d7
e9f4dd05b30595d6273309278be2171bcb7b5cd8a8f2c9957e9fae9876f277f1
f3fdc0e9751d1e12ab731f07e23ba7d3922b91b2bf66bb3e17c0712adfc60ae4
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fb4d72e4e2a01c6eb415c6645a0e9da33f5e85afe211230132f59341e1f1a23e
fcf69b85a1931d9f9117128815196ec3f9ebe925d293c4cb6fe61d9054815203

www.helpinghand.ch Open in urlscan Pro 46.4.250.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

100 %HTTPS

33 %IPv6

12 Domains

16 Subdomains

16 IPs

2 Countries

3229 kBTransfer

6912 kBSize

3 Cookies

7 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.helpinghand.ch Open in urlscan Pro
46.4.250.97 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

100 %
HTTPS

33 %
IPv6

12
Domains

16
Subdomains

16
IPs

2
Countries

3229 kB
Transfer

6912 kB
Size

3
Cookies

103 HTTP transactions
2 data transactions