www.bonaliving-aegerisee.ch Open in urlscan Pro
2a01:4f8:d0a:4268::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://annamax.ch/
Effective URL:
https://www.bonaliving-aegerisee.ch/cafe
Submission: On June 12 via api (June 12th 2024, 12:47:32 am UTC) from US — Scanned from CH

Summary HTTP 20 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 2a01:4f8:d0a:4268::2, located in Bad Soden-Salmuenster, Germany and belongs to HETZNER-AS, DE. The main domain is www.bonaliving-aegerisee.ch.
TLS certificate: Issued by R3 on May 17th 2024. Valid for: 3 months.

This is the only time www.bonaliving-aegerisee.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a01:ab20:0:4... 2a01:ab20:0:4::129	47302 (CYON) (CYON)
8	2a01:4f8:d0a:... 2a01:4f8:d0a:4268::2	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
20	7

1 2a01:ab20:0:4::129 (Switzerland) 1 redirects

ASN47302 (CYON, CH)

annamax.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a01:4f8:d0a:4268::2 (Bad Soden-Salmuenster, Germany)

ASN24940 (HETZNER-AS, DE)

www.bonaliving-aegerisee.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	bonaliving-aegerisee.ch www.bonaliving-aegerisee.ch	3 MB
3	gstatic.com fonts.gstatic.com	47 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	71 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	179 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2347	262 B
1	annamax.ch 1 redirects annamax.ch	223 B
20	8

	Domain	Requested by
8	www.bonaliving-aegerisee.ch	www.bonaliving-aegerisee.ch
3	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	www.bonaliving-aegerisee.ch
2	connect.facebook.net	www.bonaliving-aegerisee.ch connect.facebook.net
2	www.googletagmanager.com	www.bonaliving-aegerisee.ch www.googletagmanager.com
2	fonts.googleapis.com	www.bonaliving-aegerisee.ch
1	region1.google-analytics.com	www.googletagmanager.com
1	annamax.ch	1 redirects
20	8

This site contains links to these domains. Also see Links.

Domain
www.bonainvest.ch
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
bonaliving-aegerisee.ch R3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-21` - `2024-06-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.bonaliving-aegerisee.ch/cafe
Frame ID: 16DBFE3C8A8D38D01B41FE71344AE46D
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cafe - bonaLiving Ägerisee

Page URL History Show full URLs

https://annamax.ch/ HTTP 301
https://www.bonaliving-aegerisee.ch/cafe Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

3833 kB
Transfer

4923 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bonainvest.ch/
Title: www.bonainvest.ch

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bonacasa-smart-living/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC3v_NWYCBeXv8DOYjNAzZnA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://annamax.ch/ HTTP 301
https://www.bonaliving-aegerisee.ch/cafe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request cafe Show response
www.bonaliving-aegerisee.ch/
Redirect Chain

https://annamax.ch/
https://www.bonaliving-aegerisee.ch/cafe

20 KB
5 KB

395ms
148ms

Document
text/html

2a01:4f8:d0a:4268::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bonaliving-aegerisee.ch/cafe

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a01:4f8:d0a:4268::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

57d31fd944f2ac0191b1b6a0df4bc01621bc79383a017d3a4b41c8643b329d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: none
cache-control: max-age=0
content-encoding: br
content-length: 4851
content-type: text/html; charset=UTF-8
date: Wed, 12 Jun 2024 00:47:28 GMT
expires: Wed, 12 Jun 2024 00:47:28 GMT
link: <https://www.bonaliving-aegerisee.ch/cafe>; rel="canonical"
server: Apache
vary: Accept-Encoding
x-content-type-options: nosniff
x-ua-compatible: IE=edge

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 795
content-type: text/html
date: Wed, 12 Jun 2024 00:47:27 GMT
location: https://www.bonaliving-aegerisee.ch/cafe

GET
H2 200 frontend.css
www.bonaliving-aegerisee.ch/storage/assets/css/themes/default/ 275 KB
36 KB 76ms
76ms Stylesheet
text/css 2a01:4f8:d0a:4268::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bonaliving-aegerisee.ch/storage/assets/css/themes/default/frontend.css

Requested by

Host: www.bonaliving-aegerisee.ch
URL: https://www.bonaliving-aegerisee.ch/cafe

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a01:4f8:d0a:4268::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

ab9734d269707289bb8341b3b0d6043c0fb5e3ea81baedbe2da8b3bf2749840b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/cafe
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 00:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2024 08:10:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: none
content-length: 36364
expires: Thu, 12 Jun 2025 00:47:28 GMT

GET
H2 200 frontend.js Show response
www.bonaliving-aegerisee.ch/storage/assets/js/themes/default/ 406 KB
128 KB 109ms
109ms Script
text/javascript 2a01:4f8:d0a:4268::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bonaliving-aegerisee.ch/storage/assets/js/themes/default/frontend.js

Requested by

Host: www.bonaliving-aegerisee.ch
URL: https://www.bonaliving-aegerisee.ch/cafe

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a01:4f8:d0a:4268::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

aedc5bed0e7e3f1e64216d697b5d0a0cb03b3b8081953e6bbfe2f20537fb51ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/cafe
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 00:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 11 Dec 2022 20:54:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: none
content-length: 130687
expires: Thu, 12 Jun 2025 00:47:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
841 B 84ms
30ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;600;700;900&display=swap

Requested by

Host: www.bonaliving-aegerisee.ch
URL: https://www.bonaliving-aegerisee.ch/storage/assets/css/themes/default/frontend.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

790aaacacc2f691ce114b925d97c4f3335c083c51f4c3b4ba96652e037c50130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Jun 2024 00:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 00:47:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Jun 2024 00:47:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
898 B 83ms
30ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:wght@700;800&display=swap

Requested by

Host: www.bonaliving-aegerisee.ch
URL: https://www.bonaliving-aegerisee.ch/storage/assets/css/themes/default/frontend.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6528d591961599504c27b802f7dad19fad60615ab7e6f1ada8d34fb32198bd3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Jun 2024 00:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 00:47:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Jun 2024 00:47:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
76 KB 89ms
36ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MBLT928

Requested by

Host: www.bonaliving-aegerisee.ch
URL: https://www.bonaliving-aegerisee.ch/cafe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61ac29b3ebc181b54ecb1d7252ec635282b6a9408b8feb8a78b3b7f8eab38c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 00:47:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77048
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jun 2024 00:47:28 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 69ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.bonaliving-aegerisee.ch
URL: https://www.bonaliving-aegerisee.ch/cafe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Jun 2024 00:47:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=13, mss=1208, tbw=2770, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: r7fB/Pa9SdPszjVEy7kPBNUn17rdP1zJuyswHm5lwnAtfL4WBkvF5QRt9/YJDjOJuHJzUhyCBtr4Y7Hl0mIkKQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 navigation-component.706e9499c8d920dea71d.js Show response
www.bonaliving-aegerisee.ch/storage/assets/js/ 1 KB
640 B 266ms
265ms Script
text/javascript 2a01:4f8:d0a:4268::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bonaliving-aegerisee.ch/storage/assets/js/navigation-component.706e9499c8d920dea71d.js

Requested by

Host: www.bonaliving-aegerisee.ch
URL: https://www.bonaliving-aegerisee.ch/storage/assets/js/themes/default/frontend.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a01:4f8:d0a:4268::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

3f028b455a1a815a9e8e17fe9de849decca363e029691f28a1fb76cdf51d2993

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/cafe
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 00:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 13:52:52 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: none
content-length: 582
expires: Thu, 12 Jun 2025 00:47:28 GMT

GET
H2 200 back-to-top-component.714a9b3ea20fdb067d6b.js Show response
www.bonaliving-aegerisee.ch/storage/assets/js/ 1 KB
644 B 266ms
265ms Script
text/javascript 2a01:4f8:d0a:4268::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bonaliving-aegerisee.ch/storage/assets/js/back-to-top-component.714a9b3ea20fdb067d6b.js

Requested by

Host: www.bonaliving-aegerisee.ch
URL: https://www.bonaliving-aegerisee.ch/storage/assets/js/themes/default/frontend.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a01:4f8:d0a:4268::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

5b2c01514d9888e0ffdc96e7c70795fcdbc1a53c2def3db36f65fee44339d207

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/cafe
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 00:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 07 Oct 2022 09:32:38 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: none
content-length: 586
expires: Thu, 12 Jun 2025 00:47:28 GMT

GET
H2 200 bonaLiving_Aegerisee_NEU.png
www.bonaliving-aegerisee.ch/storage/assets/images/themes/default/ 22 KB
23 KB 265ms
264ms Image
image/png 2a01:4f8:d0a:4268::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bonaliving-aegerisee.ch/storage/assets/images/themes/default/bonaLiving_Aegerisee_NEU.png

Requested by

Host: www.bonaliving-aegerisee.ch
URL: https://www.bonaliving-aegerisee.ch/storage/assets/js/themes/default/frontend.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a01:4f8:d0a:4268::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

db602699eb703e7ff832e24883df97926093dabb778863d3364796fe8ba6cab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/cafe
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 00:47:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Nov 2022 09:43:22 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23016
expires: Fri, 12 Jul 2024 00:47:28 GMT

GET
H2 200 cafe-anna-max-unter%C3%A4geri.png
www.bonaliving-aegerisee.ch/storage/media/general/_hero/ 3 MB
3 MB 34ms
33ms Image
image/png 2a01:4f8:d0a:4268::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bonaliving-aegerisee.ch/storage/media/general/_hero/cafe-anna-max-unter%C3%A4geri.png

Requested by

Host: www.bonaliving-aegerisee.ch
URL: https://www.bonaliving-aegerisee.ch/storage/assets/js/themes/default/frontend.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a01:4f8:d0a:4268::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

acff1191c0831954e48fa1589bfdcd1179220bfd2693958483e0777af5ed7c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/cafe
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 00:47:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 May 2024 03:54:26 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3414196
expires: Fri, 12 Jul 2024 00:47:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 90ms
29ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.bonaliving-aegerisee.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:13:21 GMT
x-content-type-options: nosniff
age: 48847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:13:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 88ms
28ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.bonaliving-aegerisee.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:13:57 GMT
x-content-type-options: nosniff
age: 48811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:13:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 115ms
55ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.bonaliving-aegerisee.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 10:13:49 GMT
x-content-type-options: nosniff
age: 52419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 10:13:49 GMT

GET
H2 200 317309687462717 Show response
connect.facebook.net/signals/config/ 57 KB
12 KB 234ms
233ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/317309687462717?v=2.9.157&r=stable&domain=www.bonaliving-aegerisee.ch&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

04279d251d4ad7aa8d8c09d75649f3ae1202d95242d07ab0a440f175b6102b3a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 12 Jun 2024 00:47:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=70, mss=1208, tbw=63499, tp=-1, tpl=-1, uplat=211, ullat=0
pragma: public
x-fb-debug: K8AHEO7pXhmm1nrIvpi7cQIiABJiGiii2ZvFC+/CxbSuF0yZ3k6pw5CY4S7IfiQZ2uPKlb3P0ce1MBBq1UXOuQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 312 KB
104 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5269VSYG68&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBLT928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40682cf2a9a88d045dcec9ba2e6409e270604b0e1c16554f66a9b1bdae1de5d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 00:47:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106024
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Jun 2024 00:47:28 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 114ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5269VSYG68&gtm=45je46a0v9100632909z89100596304za200zb9100596304&_p=1718153248472&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1282596212.1718153249&ul=de-ch&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718153248&sct=1&seg=0&dl=https%3A%2F%2Fwww.bonaliving-aegerisee.ch%2Fcafe&dt=Cafe%20-%20bonaLiving%20%C3%84gerisee&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&tfd=1154
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5269VSYG68&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 00:47:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bonaliving-aegerisee.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 72ms
29ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=317309687462717&ev=PageView&dl=https%3A%2F%2Fwww.bonaliving-aegerisee.ch%2Fcafe&rl=&if=false&ts=1718153248852&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718153248850.276698187470813947&ler=empty&cdl=API_unavailable&it=1718153248601&coo=false&rqm=GET

Requested by

Host: www.bonaliving-aegerisee.ch
URL: https://www.bonaliving-aegerisee.ch/cafe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1208, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 12 Jun 2024 00:47:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 209ms
166ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=317309687462717&ev=PageView&dl=https%3A%2F%2Fwww.bonaliving-aegerisee.ch%2Fcafe&rl=&if=false&ts=1718153248852&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1718153248850.276698187470813947&ler=empty&cdl=API_unavailable&it=1718153248601&coo=false&rqm=FGET

Requested by

Host: www.bonaliving-aegerisee.ch
URL: https://www.bonaliving-aegerisee.ch/cafe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xd79dd4166a602a7c","source_keys":["1","2"]},{"key_piece":"0x8d2a8d1f48793970","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Wed, 12 Jun 2024 00:47:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1208, tbw=3094, tp=-1, tpl=-1, uplat=141, ullat=0
pragma: no-cache
x-fb-debug: L9iqLysVGL/blQxi2lw4lAKNzOpFy1auWk0WDWkkclTEQHsiFSi72BwkBv4c7IHYhih0G0/st3oMagY8zVyt1A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 favicon-32x32.png
www.bonaliving-aegerisee.ch/storage/assets/images/themes/default/favicon/ 1 KB
2 KB 34ms
33ms Other
image/png 2a01:4f8:d0a:4268::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bonaliving-aegerisee.ch/storage/assets/images/themes/default/favicon/favicon-32x32.png

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a01:4f8:d0a:4268::2 Bad Soden-Salmuenster, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

64234250205f8940a8e9f3cc80b79732147bdd2a48690af94703f9f559e54f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.bonaliving-aegerisee.ch/cafe
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 00:47:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 24 Oct 2022 14:41:52 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1436
expires: Fri, 12 Jul 2024 00:47:29 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bonaliving-aegerisee.ch/	1969-12-31 23:59:59	Name: CRAFT_CSRF_TOKEN Value: 5dfb9dfd8811144017292f5b031c0fc56aca41c054b77add53c0b13186c6a8bea%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22lCDCroaA-HkIhcu4PVmQ3JJC4rYQXI92ZfP3175B%22%3B%7D
.bonaliving-aegerisee.ch/	1970-01-21 06:51:53	Name: _ga_5269VSYG68 Value: GS1.1.1718153248.1.0.1718153248.0.0.0
.bonaliving-aegerisee.ch/	1970-01-21 06:51:53	Name: _ga Value: GA1.1.1282596212.1718153249
.bonaliving-aegerisee.ch/	1970-01-20 23:25:29	Name: _fbp Value: fb.1.1718153248850.276698187470813947

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

annamax.ch
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
www.bonaliving-aegerisee.ch
www.facebook.com
www.googletagmanager.com
2001:4860:4802:34::36
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:830::200a
2a01:4f8:d0a:4268::2
2a01:ab20:0:4::129
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
04279d251d4ad7aa8d8c09d75649f3ae1202d95242d07ab0a440f175b6102b3a
3f028b455a1a815a9e8e17fe9de849decca363e029691f28a1fb76cdf51d2993
40682cf2a9a88d045dcec9ba2e6409e270604b0e1c16554f66a9b1bdae1de5d1
57d31fd944f2ac0191b1b6a0df4bc01621bc79383a017d3a4b41c8643b329d4f
5b2c01514d9888e0ffdc96e7c70795fcdbc1a53c2def3db36f65fee44339d207
61ac29b3ebc181b54ecb1d7252ec635282b6a9408b8feb8a78b3b7f8eab38c3c
64234250205f8940a8e9f3cc80b79732147bdd2a48690af94703f9f559e54f93
6528d591961599504c27b802f7dad19fad60615ab7e6f1ada8d34fb32198bd3b
790aaacacc2f691ce114b925d97c4f3335c083c51f4c3b4ba96652e037c50130
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab9734d269707289bb8341b3b0d6043c0fb5e3ea81baedbe2da8b3bf2749840b
acff1191c0831954e48fa1589bfdcd1179220bfd2693958483e0777af5ed7c6e
aedc5bed0e7e3f1e64216d697b5d0a0cb03b3b8081953e6bbfe2f20537fb51ff
db602699eb703e7ff832e24883df97926093dabb778863d3364796fe8ba6cab9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

www.bonaliving-aegerisee.ch Open in urlscan Pro 2a01:4f8:d0a:4268::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

100 %IPv6

8 Domains

8 Subdomains

7 IPs

3 Countries

3833 kBTransfer

4923 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

www.bonaliving-aegerisee.ch Open in urlscan Pro
2a01:4f8:d0a:4268::2 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

100 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

3833 kB
Transfer

4923 kB
Size

4
Cookies

20 HTTP transactions
0 data transactions