urlscan.io logo urlscan.io
SecurityTrails logo

www.thurbo.ch Open in urlscan Pro
46.30.61.182  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://familienspass.ch/
Effective URL: https://www.thurbo.ch/
Submission: On December 13 via api from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 54 HTTP transactions. The main IP is 46.30.61.182, located in Germany and belongs to MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE. The main domain is www.thurbo.ch.
TLS certificate: Issued by R10 on November 28th 2024. Valid for: 3 months.
This is the only time www.thurbo.ch was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Schweizerische Bundesbahnen (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 1 2a03:2a00:120... 15817 (MITTWALD-...)
29 46.30.61.182 15817 (MITTWALD-...)
1 2a02:26f0:480... 20940 (AKAMAI-AS...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 142.250.185.100 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
2 3.122.173.24 16509 (AMAZON-02)
4 157.240.0.35 32934 (FACEBOOK)
54 10
1    2a03:2a00:1200:0:1::3887 (Germany)

ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE)
familienspass.ch
29    46.30.61.182 (Germany)

ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE)
www.thurbo.ch
1    2a02:26f0:480:980::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
assets.adobedtm.com
11    2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
2    3.122.173.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-173-24.eu-central-1.compute.amazonaws.com
cdn.app.sbb.ch
4    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
29 thurbo.ch
www.thurbo.ch
1 MB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 329
167 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
423 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
206 KB
2 sbb.ch
cdn.app.sbb.ch — Cisco Umbrella Rank: 433694
29 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
75 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 514
295 B
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 458
39 KB
1 familienspass.ch
familienspass.ch
367 B
54 10
Domain Requested by
29 www.thurbo.ch www.thurbo.ch
11 cdn.cookielaw.org www.thurbo.ch
cdn.cookielaw.org
4 www.facebook.com www.thurbo.ch
3 www.googletagmanager.com www.thurbo.ch
www.googletagmanager.com
2 cdn.app.sbb.ch www.thurbo.ch
2 connect.facebook.net www.thurbo.ch
connect.facebook.net
1 www.google.com www.googletagmanager.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 assets.adobedtm.com www.thurbo.ch
1 familienspass.ch 1 redirects
54 10
Subject Issuer Validity Valid
www.thurbo.ch
R10		 2024-11-28 -
2025-02-26		 3 months crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-09 -
2025-08-09		 a year crt.sh
cookielaw.org
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
geolocation.onetrust.com
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-22 -
2024-12-21		 3 months crt.sh
*.app.sbb.ch
Amazon RSA 2048 M02		 2024-07-16 -
2025-08-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.thurbo.ch/
Frame ID: 22CD1294AAEBA4DBE466D9243D281B8F
Requests: 56 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.thurbo.ch
Frame ID: 678B6CC55FAE2E1246130E99ADFFBFBD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Thurbo | Thurbo

Page URL History Show full URLs

  1. https://familienspass.ch/ HTTP 301
    https://www.thurbo.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+ href="/?typo3(?:conf|temp)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

54
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

1823 kB
Transfer

3526 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://familienspass.ch/ HTTP 301
    https://www.thurbo.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thurbo.ch/
Redirect Chain
  • https://familienspass.ch/
  • https://www.thurbo.ch/
69 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
09a7e2711e42e1bf8ffb8f98d96a608ac87d0f7de62f204d5c9b42d2a80a2c36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=81047
content-encoding
gzip
content-language
de
content-type
text/html; charset=utf-8
date
Fri, 13 Dec 2024 06:29:21 GMT
expires
Sat, 14 Dec 2024 05:00:08 GMT
pragma
public
referrer-policy
strict-origin-when-cross-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff nosniff
x-frame-options
deny
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0
content-length
230
content-type
text/html; charset=iso-8859-1
date
Fri, 13 Dec 2024 06:29:21 GMT
expires
Fri, 13 Dec 2024 06:29:21 GMT
location
https://www.thurbo.ch/
server
Apache
merged-1feacedec50774b67d8e9b9d5cd95016-1f1659b6f431151f96e1c66f6a4c48c3.css.1718269793.gzip
www.thurbo.ch/typo3temp/assets/compressed/ 		156 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thurbo.ch/typo3temp/assets/compressed/merged-1feacedec50774b67d8e9b9d5cd95016-1f1659b6f431151f96e1c66f6a4c48c3.css.1718269793.gzip
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
bf0a66b79aa3e94accf56f5f96e4626d7dfc8062c1d86d552f685da65eceeb96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 06:29:21 GMT
accept-ranges
bytes
content-length
25494
x-ua-compatible
IE=edge
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Thu, 13 Jun 2024 09:09:53 GMT
vary
User-Agent
server
Apache
content-type
text/css; charset=utf-8
launch-19b595bf8d0d.min.js
assets.adobedtm.com/15ff638fdec4/75038ed8b92d/ 		129 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/15ff638fdec4/75038ed8b92d/launch-19b595bf8d0d.min.js
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:980::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
eb79c7c18c742b234710e76fa5e68ead45304110b1e4389fdd61ee0cd2d2af4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

cache-control
max-age=3600
timing-allow-origin
*
content-encoding
gzip
etag
"1fc60fc3699b0a2aa2e167be90ae8fa8:1714998661.388429"
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 07:29:21 GMT
accept-ranges
bytes
access-control-allow-origin
https://www.thurbo.ch
content-length
39890
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/x-javascript
last-modified
Mon, 06 May 2024 12:31:01 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
sbb-internet-tracking-main.min.js
www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Javascript/vendor/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Javascript/vendor/sbb-internet-tracking-main.min.js
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
3904307dbf363ccd7c957eafaa6a9469e92bbe0ebdc67f9e95e63e50b22e4512
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 06:29:21 GMT
accept-ranges
bytes
content-length
11177
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Thu, 23 Feb 2023 09:11:45 GMT
vary
User-Agent,Accept-Encoding
server
Apache
content-type
application/javascript; charset=utf-8
OtAutoBlock.js
cdn.cookielaw.org/consent/c08a6004-c25d-4b42-94b5-97c2795907b6/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/c08a6004-c25d-4b42-94b5-97c2795907b6/OtAutoBlock.js
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab425544fb9f1c43d553c5cb309e577bc9360a557d3a48abaa2ddba9c6b45bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-md5
10JkTygUcxnop1G/x2iDZA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC7B37C2922DAC
age
51539
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sat, 14 Dec 2024 06:29:21 GMT
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/javascript
last-modified
Thu, 23 May 2024 14:50:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
a011c5d4-301e-0040-574d-26ba64000000
cf-ray
8f13e6389b10d2db-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2033
x-ms-blob-type
BlockBlob
server
cloudflare
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-md5
UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD1A2106D903F4
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
86097
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/javascript
last-modified
Wed, 11 Dec 2024 20:18:50 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
cf91a70e-c01e-0092-0347-4c043c000000
cf-ray
8f13e6389b11d2db-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
7211
x-ms-blob-type
BlockBlob
server
cloudflare
Suche.svg
www.thurbo.ch/fileadmin/user_upload/Icons/ 		591 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/user_upload/Icons/Suche.svg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
3af581eea783ce7c0aed494a26775cbd2082107e9c3b7c35d018f808b0b9cb89
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
317
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 21 Jul 2021 08:06:25 GMT
vary
User-Agent,Accept-Encoding
server
Apache
content-type
image/svg+xml
logo.svg
www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Images/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Images/logo.svg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
3d963795dec8b898809c85fdcc11d95408cd6e55ca4c4bf296677a8c42d5ca2d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

cache-control
max-age=2592000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
3603
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 24 Feb 2021 13:04:27 GMT
vary
User-Agent,Accept-Encoding
server
Apache
content-type
image/svg+xml
Fahrplan.svg
www.thurbo.ch/fileadmin/user_upload/Icons/ 		483 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/user_upload/Icons/Fahrplan.svg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
c4ae602409ba23c5f1de3a001362817b806148ec9f261ff54127b9c86290145e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
325
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 21 Jul 2021 08:06:25 GMT
vary
User-Agent,Accept-Encoding
server
Apache
content-type
image/svg+xml
Kundenservice.svg
www.thurbo.ch/fileadmin/user_upload/Icons/ 		486 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/user_upload/Icons/Kundenservice.svg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
bdbf850b13501eb8e28c88e629b9c306b4afada7f5bb7aac0135c0ad168e33da
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
292
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 21 Jul 2021 08:06:25 GMT
vary
User-Agent,Accept-Encoding
server
Apache
content-type
image/svg+xml
Streckenunterbru%CC%88che.svg
www.thurbo.ch/fileadmin/user_upload/Icons/ 		621 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/user_upload/Icons/Streckenunterbru%CC%88che.svg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
8a82408c4c4e01b7e49e03f1060279c9d67b6cc051299ebf036b52e0851e1516
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
396
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 21 Jul 2021 08:06:25 GMT
vary
User-Agent,Accept-Encoding
server
Apache
content-type
image/svg+xml
Jobs.svg
www.thurbo.ch/fileadmin/user_upload/Icons/ 		2 KB
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/user_upload/Icons/Jobs.svg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
71a55b2094df2dbb82a4aa820155caf6a6c44492e2f3c2d75cc2fccb9922e8d6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
834
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 21 Jul 2021 08:06:25 GMT
vary
User-Agent,Accept-Encoding
server
Apache
content-type
image/svg+xml
csm_thurbo-fahrplanwechsel_2025_956bcfe316.jpg
www.thurbo.ch/fileadmin/_processed_/5/d/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/_processed_/5/d/csm_thurbo-fahrplanwechsel_2025_956bcfe316.jpg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
e17b91b3d98bd89affa390fc64a918deaa961632a988b129573c5a5c137d2221
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
27541
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 27 Nov 2024 09:00:07 GMT
vary
User-Agent
server
Apache
content-type
image/jpeg
csm_thurbo_hafenweihnacht_lindau-insel_%C3%B6bb_1000x1270_freundinnen_03f3094e3e.jpg
www.thurbo.ch/fileadmin/_processed_/d/9/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/_processed_/d/9/csm_thurbo_hafenweihnacht_lindau-insel_%C3%B6bb_1000x1270_freundinnen_03f3094e3e.jpg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
a456a0f1b19b903543b671b75e35d2b86eaeeef5d3a0db942b2b83da15ef8176
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
97597
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Mon, 25 Nov 2024 07:14:02 GMT
vary
User-Agent
server
Apache
content-type
image/jpeg
csm_thurbo_teaser_flirt_evo_erstpr%C3%A4sentation_1000x1270_7645f80a4e.jpg
www.thurbo.ch/fileadmin/_processed_/3/5/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/_processed_/3/5/csm_thurbo_teaser_flirt_evo_erstpr%C3%A4sentation_1000x1270_7645f80a4e.jpg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
0a6bfeb9900af11fca1354343418f1f0f46af9357186e3baed09b34f82a24e2d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
33893
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Thu, 14 Nov 2024 14:04:58 GMT
vary
User-Agent
server
Apache
content-type
image/jpeg
csm_thurbo-ausblick-titelseite-1000x1270_dcc95f9f51.jpg
www.thurbo.ch/fileadmin/_processed_/a/3/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/_processed_/a/3/csm_thurbo-ausblick-titelseite-1000x1270_dcc95f9f51.jpg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
52b3b048efda53344036b06b8de4953e482ab265b4ca36031992160c7569f6e3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
70103
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Fri, 18 Oct 2024 06:47:26 GMT
vary
User-Agent
server
Apache
content-type
image/jpeg
csm_thurbo-highlight-ausblick-abo-1000x1270_d1cc43545d.jpg
www.thurbo.ch/fileadmin/_processed_/6/5/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/_processed_/6/5/csm_thurbo-highlight-ausblick-abo-1000x1270_d1cc43545d.jpg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
c4b2e2cb2db5ea851a2cda8c5d2e43aa4c8e4b6f40803f1a1e985a09600ec12b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
60501
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Mon, 04 Nov 2024 06:28:26 GMT
vary
User-Agent
server
Apache
content-type
image/jpeg
csm_thurbo-teaser-postauto-hc_thurgau-1000x1270_72b5bed57d.jpg
www.thurbo.ch/fileadmin/_processed_/5/7/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/_processed_/5/7/csm_thurbo-teaser-postauto-hc_thurgau-1000x1270_72b5bed57d.jpg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
35a0e609c943d9618e435715436a9044489d828210aa877c32053d94c3664deb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
74086
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Mon, 09 Sep 2024 14:40:41 GMT
vary
User-Agent
server
Apache
content-type
image/jpeg
csm_SpenglerCup_Teaser_b09a256eea.jpg
www.thurbo.ch/fileadmin/_processed_/d/7/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/_processed_/d/7/csm_SpenglerCup_Teaser_b09a256eea.jpg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
e4f82b9032661b6ab6438df4d446d16e834cf36221a0a18171a46c63855c9370
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
30749
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Tue, 10 Dec 2024 16:44:25 GMT
vary
User-Agent
server
Apache
content-type
image/jpeg
csm_thurbo-home-teaser-erlebnislinien-1400x1214_69596e4e20.jpg
www.thurbo.ch/fileadmin/_processed_/6/3/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/_processed_/6/3/csm_thurbo-home-teaser-erlebnislinien-1400x1214_69596e4e20.jpg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
267160703c2a11508fa7f15fc7245eb186e2cfbf29cda214d8e6d26276752412
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
36492
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 13 Jul 2022 09:15:13 GMT
vary
User-Agent
server
Apache
content-type
image/jpeg
csm_thurbo-statement-umwelt_ce77f82545.jpg
www.thurbo.ch/fileadmin/_processed_/f/e/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/_processed_/f/e/csm_thurbo-statement-umwelt_ce77f82545.jpg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
85f8f5d003439b867c230734aa0004f905a26727bfe130f89343f48ebebaf908
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
146569
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Fri, 23 Apr 2021 13:18:42 GMT
vary
User-Agent
server
Apache
content-type
image/jpeg
logo-swisspass.svg
www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Images/ 		18 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Images/logo-swisspass.svg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
88306978dd87b928cfd6c82e5112acba786397acdcc00d90f0df7553b7a86770
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

cache-control
max-age=2592000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
4625
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Mon, 01 Mar 2021 13:56:07 GMT
vary
User-Agent,Accept-Encoding
server
Apache
content-type
image/svg+xml
logo-swisspass-grayscale.svg
www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Images/ 		9 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Images/logo-swisspass-grayscale.svg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
0e2a8644a6f099051ef838727e09f2d4f1026df3777c78ffb7cf3e91c9deb012
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

cache-control
max-age=2592000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
2336
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Mon, 01 Mar 2021 13:56:07 GMT
vary
User-Agent,Accept-Encoding
server
Apache
content-type
image/svg+xml
logo-sbb.svg
www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Images/logo-sbb.svg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
5898dc45d8c689cfa5cc8c203c2549455aa8927063d1fd74b57f65ce92dc77f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

cache-control
max-age=2592000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
1194
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 24 Feb 2021 13:04:27 GMT
vary
User-Agent,Accept-Encoding
server
Apache
content-type
image/svg+xml
merged-3e78fd812a15807b8835345ab9eabee7-3c0f9a437938e1bbde8ba4f12e0c45a6.js.1674489151.gzip
www.thurbo.ch/typo3temp/assets/compressed/ 		2 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thurbo.ch/typo3temp/assets/compressed/merged-3e78fd812a15807b8835345ab9eabee7-3c0f9a437938e1bbde8ba4f12e0c45a6.js.1674489151.gzip
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
b09215223b9ccc04fa5a0de654eb869ca38b30250923924bba004e88c5e8aa76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 06:29:21 GMT
accept-ranges
bytes
content-length
704
x-ua-compatible
IE=edge
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Mon, 23 Jan 2023 15:52:31 GMT
vary
User-Agent
server
Apache
content-type
text/javascript; charset=utf-8
merged-028436a9569c2f4f0fdc8cc226ba2cb7-761805c4d4038f3d357bd694cbebbf9e.js.1618331560.gzip
www.thurbo.ch/typo3temp/assets/compressed/ 		948 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thurbo.ch/typo3temp/assets/compressed/merged-028436a9569c2f4f0fdc8cc226ba2cb7-761805c4d4038f3d357bd694cbebbf9e.js.1618331560.gzip
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
77d491d17867e925a725081185f1826c500c4c9dcac8540161f7d359da71f407
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 06:29:21 GMT
accept-ranges
bytes
content-length
409
x-ua-compatible
IE=edge
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Tue, 13 Apr 2021 16:32:40 GMT
vary
User-Agent
server
Apache
content-type
text/javascript; charset=utf-8
merged-51dc879fd7da4b0a6bb59f7f4149cfe7-6862122fc35f3c6df4866bf80794fe32.js.1693898895.gzip
www.thurbo.ch/typo3temp/assets/compressed/ 		196 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thurbo.ch/typo3temp/assets/compressed/merged-51dc879fd7da4b0a6bb59f7f4149cfe7-6862122fc35f3c6df4866bf80794fe32.js.1693898895.gzip
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
4bd659732a41aa6c839e4f8dd6b62be36d93763a87a8b04c313a07cc8f1a7563
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

cache-control
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 06:29:21 GMT
accept-ranges
bytes
content-length
67149
x-ua-compatible
IE=edge
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Tue, 05 Sep 2023 07:28:15 GMT
vary
User-Agent
server
Apache
content-type
text/javascript; charset=utf-8
gtm.js
www.googletagmanager.com/ 		330 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MFLC4B8
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2b15ccc64110aed4664328077543b168e2bbe7c0367f637cd5d32487c459a01e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 13 Dec 2024 06:29:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 13 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109426
x-xss-protection
0
server
Google Tag Manager
c08a6004-c25d-4b42-94b5-97c2795907b6.json
cdn.cookielaw.org/consent/c08a6004-c25d-4b42-94b5-97c2795907b6/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/c08a6004-c25d-4b42-94b5-97c2795907b6/c08a6004-c25d-4b42-94b5-97c2795907b6.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59fdf89673c073401a4b2247679245315c3886e45c9902d3ce4bfdf12d8c935d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-md5
BszvjViU58AR690TMGP2IA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC7B37C2A71213
age
28816
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sat, 14 Dec 2024 06:29:21 GMT
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/json
last-modified
Thu, 23 May 2024 14:50:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
b8c66262-c01e-00dd-034d-26c024000000
cf-ray
8f13e6395b57d37a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1591
x-ms-blob-type
BlockBlob
server
cloudflare
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e526106583d7684522f130fc0d27282f123e9d3e1827e1a9d8f985065c428fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		383 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b547900316b5d7ec33a6a668c0268f0fcaf5f8f7e99c334dfc3ddd2de0be5038

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07fda71ff2d62c3a6aba40a65e7375ac32281f3d99e3ab9902fd0e5b9951e740

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf8
SBBWeb-Light.woff2
www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Fonts/SBBWeb-Light.woff2
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/typo3temp/assets/compressed/merged-1feacedec50774b67d8e9b9d5cd95016-1f1659b6f431151f96e1c66f6a4c48c3.css.1718269793.gzip
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
de48fe7cfbd2082df946a69799cd1dd63caa7683edff423bb7cd4824d2152125
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thurbo.ch
Referer
https://www.thurbo.ch/typo3temp/assets/compressed/merged-1feacedec50774b67d8e9b9d5cd95016-1f1659b6f431151f96e1c66f6a4c48c3.css.1718269793.gzip

Response headers

cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
49272
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 24 Feb 2021 13:04:24 GMT
vary
User-Agent
server
Apache
content-type
application/font-woff2
SBBWeb-Bold.woff2
www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Fonts/SBBWeb-Bold.woff2
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/typo3temp/assets/compressed/merged-1feacedec50774b67d8e9b9d5cd95016-1f1659b6f431151f96e1c66f6a4c48c3.css.1718269793.gzip
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
386b4bfb46595604c98491a460b623b86f818063dfd7678a5db497bd78623cd0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thurbo.ch
Referer
https://www.thurbo.ch/typo3temp/assets/compressed/merged-1feacedec50774b67d8e9b9d5cd95016-1f1659b6f431151f96e1c66f6a4c48c3.css.1718269793.gzip

Response headers

cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
48684
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 24 Feb 2021 13:04:22 GMT
vary
User-Agent
server
Apache
content-type
application/font-woff2
SBBWeb-Roman.woff2
www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thurbo.ch/typo3conf/ext/koch_theme/Resources/Public/Fonts/SBBWeb-Roman.woff2
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/typo3temp/assets/compressed/merged-1feacedec50774b67d8e9b9d5cd95016-1f1659b6f431151f96e1c66f6a4c48c3.css.1718269793.gzip
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
c9ba3228b57bc4adc5a98c122dda7c0d179e4bcbe7985ec52f8afadab1a0c3ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thurbo.ch
Referer
https://www.thurbo.ch/typo3temp/assets/compressed/merged-1feacedec50774b67d8e9b9d5cd95016-1f1659b6f431151f96e1c66f6a4c48c3.css.1718269793.gzip

Response headers

cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
49920
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 24 Feb 2021 13:04:24 GMT
vary
User-Agent
server
Apache
content-type
application/font-woff2
csm_hero_startseite_desktop_winter01_0d3f3c33f9.jpg
www.thurbo.ch/fileadmin/_processed_/3/e/ 		469 KB
470 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thurbo.ch/fileadmin/_processed_/3/e/csm_hero_startseite_desktop_winter01_0d3f3c33f9.jpg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
18c3e71ce7ae0f73c18ae50d0befc67c9502c6485612767c93ea58ca92030425
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
cache-control
max-age=2592000
x-content-type-options
nosniff
expires
Sun, 12 Jan 2025 06:29:21 GMT
accept-ranges
bytes
content-length
480456
date
Fri, 13 Dec 2024 06:29:21 GMT
last-modified
Wed, 14 Apr 2021 05:55:12 GMT
vary
User-Agent
server
Apache
content-type
image/jpeg
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Referer
https://www.thurbo.ch/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8f13e63a0f4592b1-FRA
access-control-allow-origin
*
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.thurbo.ch%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1929177603.1734071362&auid=1471906409.1734071362&navt=n&npa=1&gtm=45He4cc0v811816354za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734071361636&tfd=736&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFLC4B8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers
destination
www.googletagmanager.com/gtag/ 		284 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-953195232&l=dataLayer&cx=c&gtm=45He4cc0v811816354za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFLC4B8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2daf62cd8b27fefdae7d3fc9bc615ede4ba04e3c5065dc9c032a1fd34c57d510
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 13 Dec 2024 06:29:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 13 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100252
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-hcIdmCSg' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-hcIdmCSg' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4488, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
/ow6Sx4ZTQ5Ffcp2fC9BlDkYaCT8FjPb2g9L/2x5/39fMc+4Lp/KooXWEBiv1IX/HrFWiBN5XqWFdlexye2otw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62212
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 678B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.thurbo.ch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MFLC4B8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
47170
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 17:23:11 GMT
expires
Fri, 12 Dec 2025 17:23:11 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202405.1.0/ 		450 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc750f921cf29a7897435f868856c4c63e22f7fd66ac456a72ced5f6eca584e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-md5
FvJhOHkAv4E9FRANYIql4g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E2E4131AEC
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
59434
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 22:01:48 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
6a308df6-b01e-005a-73f9-2c950b000000
cf-ray
8f13e63a6da0d2db-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
111551
x-ms-blob-type
BlockBlob
server
cloudflare
de-ch.json
cdn.cookielaw.org/consent/c08a6004-c25d-4b42-94b5-97c2795907b6/3a904879-b677-416e-8f67-6b29b10f1e22/ 		173 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/c08a6004-c25d-4b42-94b5-97c2795907b6/3a904879-b677-416e-8f67-6b29b10f1e22/de-ch.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a5a413df40a1059dcfc9fc8828d26f2bf9b7a99547cffda31c9657da5079a37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-md5
jT2u556cGqJfqasdZWt1hQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC7B37C3B12D93
age
47484
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sat, 14 Dec 2024 06:29:21 GMT
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/json
last-modified
Thu, 23 May 2024 14:51:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
f5b83722-801e-00b7-164e-269c8f000000
cf-ray
8f13e63aee0ed37a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
18837
x-ms-blob-type
BlockBlob
server
cloudflare
1101169763309046
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1101169763309046?v=2.9.178&r=stable&domain=www.thurbo.ch&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
43302d1444697f92d141e57658f01ba2e14ab5e196ad66f8b4f4328103bc9577
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-1C6Y0quo' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-1C6Y0quo' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=77, mss=1232, tbw=70472, tp=65, tpl=0, uplat=159, ullat=0
pragma
public
x-fb-debug
l8Tf7bUrhengnn+h7hLiCiihlcBKGh2KYESzfXtMDqMLXf4xHj4LAtQ9kwwgQefvFOO/r99M17SzaKrVCA4uLg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
otFlat.json
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-md5
6UG/zXBA1N2ENale+jpn7g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E2DF2F81FC
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
45720
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:01:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
56d96c42-f01e-0019-454e-d8bfe2000000
cf-ray
8f13e63b3ea1d37a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3041
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3acd5c9271c2cd33f5135df43ae4c574e4d524282e5322137b77cdb4a5524bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-md5
sFyn85RvJWbaUwJMwGnYqQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E2E091CEF2
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
28816
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:01:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
4f1d22b6-a01e-0082-272f-d832da000000
cf-ray
8f13e63b3ea2d37a-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
12755
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e43deb49489c81e3aed5e348d4997f062660ba00fe61305cd464359c06216d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-md5
9eusssrwoAzVOVsIadvhfQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
cf-bgj
minify
cf-cache-status
HIT
x-ms-version
2009-09-19
age
28816
content-encoding
gzip
x-content-type-options
nosniff
cf-polished
origSize=24822
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 22:01:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
e12b9c82-801e-003f-0545-d82456000000
cf-ray
8f13e63b3ea4d37a-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
SBBWeb-Bold.woff2
cdn.app.sbb.ch/fonts/v1_6_subset/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Bold.woff2
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.122.173.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-173-24.eu-central-1.compute.amazonaws.com
Software
nginx/1.27.3 /
Resource Hash
f069a80a8f0838dc76f55359c8599ee04d3c66004c6513de7cbf382df4bb59e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thurbo.ch
Referer
https://www.thurbo.ch/

Response headers

access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-control
max-age=31536000, public, private
content-encoding
br
etag
W/"6745a85c-37c0"
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
expires
Sat, 13 Dec 2025 06:29:21 GMT
access-control-allow-origin
*
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/font-woff2
last-modified
Tue, 26 Nov 2024 10:52:12 GMT
server
nginx/1.27.3
vary
Accept-Encoding
SBBWeb-Roman.woff2
cdn.app.sbb.ch/fonts/v1_6_subset/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Roman.woff2
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.122.173.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-173-24.eu-central-1.compute.amazonaws.com
Software
nginx/1.27.3 /
Resource Hash
966a89b8080879ba41c6b9f15c5efb58182c33a0d2d1e08748beb554b28b4997

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thurbo.ch
Referer
https://www.thurbo.ch/

Response headers

access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-control
max-age=31536000, public, private
content-encoding
br
etag
W/"6745a85c-3748"
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
expires
Sat, 13 Dec 2025 06:29:21 GMT
access-control-allow-origin
*
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
application/font-woff2
last-modified
Tue, 26 Nov 2024 10:52:12 GMT
server
nginx/1.27.3
vary
Accept-Encoding
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
490 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
47484
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
image/svg+xml
last-modified
Wed, 11 Dec 2024 20:18:52 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
44b4cfdf-101e-0031-615f-4cc85d000000
cf-ray
8f13e63bbf36d37a-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
logo-thurbo.png
cdn.cookielaw.org/logos/d8f340ef-178f-4257-9ea8-01744cfc5459/60294e24-ae87-4609-940e-a78a11ae9db8/60086234-832c-49c3-97f0-ac7c6d39cb1d/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/d8f340ef-178f-4257-9ea8-01744cfc5459/60294e24-ae87-4609-940e-a78a11ae9db8/60086234-832c-49c3-97f0-ac7c6d39cb1d/logo-thurbo.png
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f8b052f5fda0b490729bfb401097b6df0a85618e3df53124aeb5d9001092d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-md5
C1ES3MCU+FcBZsTA6W7tZg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DB553AE14DC58E
age
37030
cf-cache-status
HIT
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
image/png
last-modified
Mon, 15 May 2023 11:52:37 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
c191ccc8-e01e-00ca-1e94-cd0047000000
cf-ray
8f13e63bbfdbd2db-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3659
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
4295
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
image/svg+xml
last-modified
Wed, 11 Dec 2024 20:18:53 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
f025a4cd-c01e-00b0-7792-4c6a0a000000
cf-ray
8f13e63bbfdfd2db-FRA
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1101169763309046&ev=PageView&dl=https%3A%2F%2Fwww.thurbo.ch%2F&rl=&if=false&ts=1734071361952&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=12318&fbp=fb.1.1734071361951.261316566776270068&ler=empty&cdl=API_unavailable&it=1734071361748&coo=false&rqm=GET
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4533, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 13 Dec 2024 06:29:21 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1101169763309046&ev=PageView&dl=https%3A%2F%2Fwww.thurbo.ch%2F&rl=&if=false&ts=1734071361952&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=12318&fbp=fb.1.1734071361951.261316566776270068&ler=empty&cdl=API_unavailable&it=1734071361748&coo=false&rqm=FGET
Requested by
Host: www.thurbo.ch
URL: https://www.thurbo.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447779789276716761"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 13 Dec 2024 06:29:22 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
f1R94Z3y/iZFwYUTj94Dc1Oq9EuHoxAZTaRbddkDYxU+W1yqqXvmmCrl1STlsxPuBWmGjDbt7vd01vV3hYHtbA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447779789276716761", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4901, tp=13, tpl=0, uplat=167, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1101169763309046&ev=ThurboScrolldepth&dl=https%3A%2F%2Fwww.thurbo.ch%2F&rl=&if=false&ts=1734071362187&cd[type]=percent&cd[percent]=25&sw=1600&sh=1200&v=2.9.178&r=stable&ec=1&o=12318&fbp=fb.1.1734071361951.261316566776270068&ler=empty&cdl=API_unavailable&it=1734071361748&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=26, mss=1232, tbw=8213, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 13 Dec 2024 06:29:22 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1101169763309046&ev=ThurboScrolldepth&dl=https%3A%2F%2Fwww.thurbo.ch%2F&rl=&if=false&ts=1734071362187&cd[type]=percent&cd[percent]=25&sw=1600&sh=1200&v=2.9.178&r=stable&ec=1&o=12318&fbp=fb.1.1734071361951.261316566776270068&ler=empty&cdl=API_unavailable&it=1734071361748&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7447779790148771593"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5f66bd37dd2e4c7d","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["4742939409151515"]},"debug_reporting":true,"debug_key":"73926256231906839"}
date
Fri, 13 Dec 2024 06:29:22 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7447779790148771593", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
r6S4rAs41DPa4oQFLfuQv9OogLxeR9qIVMh7SnV8eHRQArpW1GA16fm2cWTVs9dNYQWUKhCjed3XeHATAKdTbg==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=26, mss=1232, tbw=8453, tp=21, tpl=0, uplat=68, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
favicon.ico
www.thurbo.ch/ 		1 KB
378 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.thurbo.ch/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.30.61.182 , Germany, ASN15817 (MITTWALD-AS Robert Meyer trading as "Mittwald CM Service GmbH & Co. KG", DE),
Reverse DNS
Software
Apache /
Resource Hash
6f9360411321531847e699dc4a81b00eff41b340e7f0f537a82c4b5a8c4b4053
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thurbo.ch/

Response headers

cache-control
max-age=604800
content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 06:29:22 GMT
accept-ranges
bytes
content-length
253
date
Fri, 13 Dec 2024 06:29:22 GMT
last-modified
Tue, 13 Apr 2021 09:20:26 GMT
vary
User-Agent,Accept-Encoding
server
Apache
content-type
image/x-icon

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Schweizerische Bundesbahnen (Transportation)

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer object| regeneratorRuntime object| digitalDataLayer object| sbbInternetTracking object| dataLayerEvent function| OptanonWrapper object| _satellite boolean| __satelliteLoaded function| decryptCharcode function| decryptString function| linkTo_UnCryptMailto function| tns object| Cookienotice object| GlobalEventThrottle object| VimeoLoader function| onYouTubeIframeAPIReady object| Infobanner function| scrollEvent function| resizeEvent function| loadEvent function| readyEvent function| MotionPathPlugin object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin function| Pusha function| ScrollTrigger function| SmoothScroll number| tnsId object| OtTrustedType object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust

3 Cookies

Domain/Path Name / Value
.thurbo.ch/ Name: _gcl_au
Value: 1.1.1471906409.1734071362
.www.thurbo.ch/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Dec+13+2024+07%3A29%3A21+GMT%2B0100+(Mitteleurop%C3%A4ische+Normalzeit)&version=202405.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.thurbo.ch%2F&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0
.thurbo.ch/ Name: _fbp
Value: fb.1.1734071361951.261316566776270068

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.app.sbb.ch
cdn.cookielaw.org
connect.facebook.net
familienspass.ch
geolocation.onetrust.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.thurbo.ch
142.250.185.100
157.240.0.35
157.240.0.6
2606:4700:4400::ac40:9b77
2606:4700::6812:572a
2a00:1450:4001:80f::2008
2a02:26f0:480:980::1e80
2a03:2a00:1200:0:1::3887
3.122.173.24
46.30.61.182
07fda71ff2d62c3a6aba40a65e7375ac32281f3d99e3ab9902fd0e5b9951e740
09a7e2711e42e1bf8ffb8f98d96a608ac87d0f7de62f204d5c9b42d2a80a2c36
0a6bfeb9900af11fca1354343418f1f0f46af9357186e3baed09b34f82a24e2d
0e2a8644a6f099051ef838727e09f2d4f1026df3777c78ffb7cf3e91c9deb012
0e526106583d7684522f130fc0d27282f123e9d3e1827e1a9d8f985065c428fc
18c3e71ce7ae0f73c18ae50d0befc67c9502c6485612767c93ea58ca92030425
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
267160703c2a11508fa7f15fc7245eb186e2cfbf29cda214d8e6d26276752412
2b15ccc64110aed4664328077543b168e2bbe7c0367f637cd5d32487c459a01e
2daf62cd8b27fefdae7d3fc9bc615ede4ba04e3c5065dc9c032a1fd34c57d510
35a0e609c943d9618e435715436a9044489d828210aa877c32053d94c3664deb
386b4bfb46595604c98491a460b623b86f818063dfd7678a5db497bd78623cd0
3904307dbf363ccd7c957eafaa6a9469e92bbe0ebdc67f9e95e63e50b22e4512
3acd5c9271c2cd33f5135df43ae4c574e4d524282e5322137b77cdb4a5524bb4
3af581eea783ce7c0aed494a26775cbd2082107e9c3b7c35d018f808b0b9cb89
3d963795dec8b898809c85fdcc11d95408cd6e55ca4c4bf296677a8c42d5ca2d
43302d1444697f92d141e57658f01ba2e14ab5e196ad66f8b4f4328103bc9577
4bd659732a41aa6c839e4f8dd6b62be36d93763a87a8b04c313a07cc8f1a7563
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
52b3b048efda53344036b06b8de4953e482ab265b4ca36031992160c7569f6e3
5898dc45d8c689cfa5cc8c203c2549455aa8927063d1fd74b57f65ce92dc77f0
59fdf89673c073401a4b2247679245315c3886e45c9902d3ce4bfdf12d8c935d
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a5a413df40a1059dcfc9fc8828d26f2bf9b7a99547cffda31c9657da5079a37
6f9360411321531847e699dc4a81b00eff41b340e7f0f537a82c4b5a8c4b4053
71a55b2094df2dbb82a4aa820155caf6a6c44492e2f3c2d75cc2fccb9922e8d6
77d491d17867e925a725081185f1826c500c4c9dcac8540161f7d359da71f407
83e43deb49489c81e3aed5e348d4997f062660ba00fe61305cd464359c06216d
85f8f5d003439b867c230734aa0004f905a26727bfe130f89343f48ebebaf908
88306978dd87b928cfd6c82e5112acba786397acdcc00d90f0df7553b7a86770
8a82408c4c4e01b7e49e03f1060279c9d67b6cc051299ebf036b52e0851e1516
966a89b8080879ba41c6b9f15c5efb58182c33a0d2d1e08748beb554b28b4997
a456a0f1b19b903543b671b75e35d2b86eaeeef5d3a0db942b2b83da15ef8176
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b09215223b9ccc04fa5a0de654eb869ca38b30250923924bba004e88c5e8aa76
b547900316b5d7ec33a6a668c0268f0fcaf5f8f7e99c334dfc3ddd2de0be5038
bdbf850b13501eb8e28c88e629b9c306b4afada7f5bb7aac0135c0ad168e33da
bf0a66b79aa3e94accf56f5f96e4626d7dfc8062c1d86d552f685da65eceeb96
c4ae602409ba23c5f1de3a001362817b806148ec9f261ff54127b9c86290145e
c4b2e2cb2db5ea851a2cda8c5d2e43aa4c8e4b6f40803f1a1e985a09600ec12b
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c9ba3228b57bc4adc5a98c122dda7c0d179e4bcbe7985ec52f8afadab1a0c3ad
dc750f921cf29a7897435f868856c4c63e22f7fd66ac456a72ced5f6eca584e7
de48fe7cfbd2082df946a69799cd1dd63caa7683edff423bb7cd4824d2152125
e17b91b3d98bd89affa390fc64a918deaa961632a988b129573c5a5c137d2221
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f82b9032661b6ab6438df4d446d16e834cf36221a0a18171a46c63855c9370
eab425544fb9f1c43d553c5cb309e577bc9360a557d3a48abaa2ddba9c6b45bc
eb79c7c18c742b234710e76fa5e68ead45304110b1e4389fdd61ee0cd2d2af4d
f069a80a8f0838dc76f55359c8599ee04d3c66004c6513de7cbf382df4bb59e2
f1f8b052f5fda0b490729bfb401097b6df0a85618e3df53124aeb5d9001092d4
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112