URL: https://provisorium.ch/
Submission: On December 18 via api from CH — Scanned from CH

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 43 HTTP transactions. The main IP is 46.232.178.241, located in Switzerland and belongs to NOVATREND-AS NovaTrend Services GmbH, CH. The main domain is provisorium.ch.
TLS certificate: Issued by R11 on November 12th 2024. Valid for: 3 months.
This is the only time provisorium.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 46.232.178.241 35206 (NOVATREND...)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.17.25.14 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
3 5.148.168.208 29691 (NINE Nine...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 142.250.185.196 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
43 14
Apex Domain
Subdomains
Transfer
15 diewaid.ch
diewaid.ch
1 MB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
456 KB
3 lunchgate.ch
plugins.lunchgate.ch
files.lunchgate.ch
27 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
37 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
td.doubleclick.net — Cisco Umbrella Rank: 182
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
87 B
1 google.ch
www.google.ch — Cisco Umbrella Rank: 31394
455 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
1 sibforms.com
dbe73bf0.sibforms.com
1 pxgcdn.com
pxgcdn.com — Cisco Umbrella Rank: 227708
18 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
6 KB
1 provisorium.ch
provisorium.ch
18 KB
43 13
Domain Requested by
15 diewaid.ch provisorium.ch
diewaid.ch
6 www.googletagmanager.com provisorium.ch
www.googletagmanager.com
3 cdnjs.cloudflare.com provisorium.ch
2 www.google.com 1 redirects provisorium.ch
2 plugins.lunchgate.ch provisorium.ch
1 www.google.ch provisorium.ch
1 td.doubleclick.net www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googleadservices.com provisorium.ch
1 files.lunchgate.ch provisorium.ch
1 dbe73bf0.sibforms.com provisorium.ch
1 pxgcdn.com provisorium.ch
1 ajax.googleapis.com provisorium.ch
1 provisorium.ch
43 15
Subject Issuer Validity Valid
diewaid.ch
R11
2024-11-12 -
2025-02-10
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
pxgcdn.com
WE1
2024-11-07 -
2025-02-05
3 months crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.lunchgate.ch
Sectigo RSA Domain Validation Secure Server CA
2024-08-05 -
2025-08-05
a year crt.sh
sibforms.com
WE1
2024-11-25 -
2025-02-23
3 months crt.sh
*.g.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.google.ch
WR2
2024-12-02 -
2025-02-24
3 months crt.sh

This page contains 6 frames:

Primary Page: https://provisorium.ch/
Frame ID: 573511F3720C43E7474DF77584315B76
Requests: 40 HTTP requests in this frame

Frame: https://plugins.lunchgate.ch/feeds/?id=62&css=//plugins.lunchgate.ch/feeds/css/profilefeeds.css&reviewer=true
Frame ID: 4FCB603A0097022F1A6DADD198C106C6
Requests: 1 HTTP requests in this frame

Frame: https://plugins.lunchgate.ch/feeds/?id=14504&css=//plugins.lunchgate.ch/feeds/css/profilefeeds.css
Frame ID: EB635B91E2EA9A2DAC82039631E26607
Requests: 1 HTTP requests in this frame

Frame: https://dbe73bf0.sibforms.com/serve/MUIFANRleyFBODKmUx-uqP1z0x7MgcI_pQ_GEzIh18qM43I6YnkXLQVYEbgLlACOlXrRo44nHdEHLTStiRI81XIZ4hEmG-D7xvHghWpUDzMffbCHq0v0JGNDjd-5EWkqPMCK8vUBcspqNrb7RtSn36FwIzwgV2F41cS1xPfgMRwQNZaI9Mtw57gHPFeRS4Tw_aFR7nC13vImH2Hq
Frame ID: B607B5C24B5C42A01887C55CF9D47EC7
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fprovisorium.ch
Frame ID: D79724409427AD11ED92877C089234C0
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/999094153?random=1734484227927&cv=11&fst=1734484227927&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9187139432za200zb9185170927&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fprovisorium.ch%2F&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Die%20Waid&npa=0&pscdl=noapi&auid=447391998.1734484228&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 280103A3ECCEFD7ACAE823121824F1E2
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Die Waid

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

43
Requests

81 %
HTTPS

54 %
IPv6

13
Domains

15
Subdomains

14
IPs

4
Countries

1834 kB
Transfer

3923 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://www.google.com/ccm/collect?en=page_view&dr=www.google.com&dl=https%3A%2F%2Fprovisorium.ch%2F&scrsrc=www.googletagmanager.com&frm=0&lps=1&rnd=135400142.1734484228&dt=Die%20Waid&auid=447391998.1734484228&navt=n&npa=0&gtm=45He4cc1v9185170927za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734484227834&tfd=1139&apve=1 HTTP 302
  • https://www.googleadservices.com/pagead/set_partitioned_cookie?auid=447391998.1734484228&url=https%3A%2F%2Fprovisorium.ch%2F&ref=www.google.com&tfd=1139&tft=1734484227834&frm=0&gtm=45He4cc1v9185170927za200&tag_exp=101925629~102067555~102067808~102081485~102198178&apve=1&gcd=13l3l3l3l1l1&dma=0&npa=0&navt=n

43 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
provisorium.ch/
76 KB
18 KB
Document
General
Full URL
https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache / PHP/7.4.33
Resource Hash
08317dae4f2e329902ebaa89707e581dd0526f5552f4bf9ee3cbeb19b639ef55

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
18297
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 Dec 2024 01:10:26 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 17 Dec 2024 14:07:39 GMT
Server
Apache
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.33
dya5y.css
diewaid.ch/wp-content/cache/wpfc-minified/mch4mrrq/
94 KB
10 KB
Stylesheet
General
Full URL
https://diewaid.ch/wp-content/cache/wpfc-minified/mch4mrrq/dya5y.css
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
51b1609e0a64e54b2cf8cd889e2830141de73d76fc0a4d446bf644f49133b5c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Content-Encoding
gzip
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
9388
Keep-Alive
timeout=5, max=100
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Fri, 07 Jun 2024 14:14:06 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
text/css
public.css
diewaid.ch/wp-content/plugins/pixlikes/css/
69 B
447 B
Stylesheet
General
Full URL
https://diewaid.ch/wp-content/plugins/pixlikes/css/public.css?ver=1.0.0
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
6127435a62e89f7b5c73dac0df2d39218f6efd66f04981b3e07f9f33682a2132

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Content-Encoding
gzip
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
79
Keep-Alive
timeout=5, max=100
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Fri, 18 Sep 2020 13:33:58 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
text/css
dya5y.css
diewaid.ch/wp-content/cache/wpfc-minified/88igfunc/
275 KB
54 KB
Stylesheet
General
Full URL
https://diewaid.ch/wp-content/cache/wpfc-minified/88igfunc/dya5y.css
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
85a69f34ccd01140e3145a711cab5818a150bdce28d64d41d6066e2d2210e848

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=10368000
Content-Encoding
gzip
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Fri, 07 Jun 2024 14:14:06 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
text/css
dyaer.js
diewaid.ch/wp-content/cache/wpfc-minified/8k5zhfp4/
113 KB
40 KB
Script
General
Full URL
https://diewaid.ch/wp-content/cache/wpfc-minified/8k5zhfp4/dyaer.js
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
f6f0c5227ac15fd10d42c2e7d077ea384c8bd2b2789cb47b4dc9972615087a24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Content-Encoding
gzip
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
40834
Keep-Alive
timeout=5, max=100
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Fri, 07 Jun 2024 14:15:03 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
application/javascript
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.16/
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js?ver=5.5.15
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

content-encoding
gzip
age
64928
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 17 Dec 2025 07:08:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Dec 2024 07:08:19 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5480
x-xss-protection
0
server
sffe
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/
110 KB
33 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/TweenMax.min.js?ver=5.5.15
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e71-1b8f0"
age
1707017
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHDdPpx7tGSYmDdiGEbaGjzY7NToKX%2B64wBkj8j5YtbvxX5aYFm93KS8YREw13KmFMlLBcBvXuCo5vHRmayNsVRwv31QaBahw%2BQJTv1O%2ByheXnGeaLP2HjxUURCGMIBv%2FMZ6ovPV"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 08 Dec 2025 01:10:27 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 01:10:27 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:25 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f3b45f569dad2f3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
32828
server
cloudflare
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/easing/
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/easing/EasePack.min.js?ver=5.5.15
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92bffebef334ab545ab74016130bc66f986762487a827b9fe079d5b706e609dd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e71-155f"
age
1898314
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rrmLovGNeiHvWBXlAG5s%2FzSbBoER0govIsQg9qDOwz5jVDyLjlolSMA%2F5WOeTGMDq%2F4oeni%2BZEt7DE8cjCjxBpLTPDNI53Egpf5Ay31Ap7S95OWrBFM4s4%2Fa3FpfNS6WcWs8DmYl"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 08 Dec 2025 01:10:27 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 01:10:27 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:25 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f3b45f569dbd2f3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1805
server
cloudflare
ScrollToPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/plugins/
3 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.19.1/plugins/ScrollToPlugin.min.js?ver=5.5.15
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f02c88c0a0bb22fa428b9a8ec6f4ef3661a72ea5a1a204938b5e650806ac425
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e71-d47"
age
1622041
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BCA1e%2F6iND4Vlsnx7zSNc8ZcBWoVMULyUa3aQlb4D4zIH8mIyJuxktwIrde0tNVKA6t%2FTwPA2QYWVBXCt%2BGSdHy5j5c%2BiSz0AI3XYyuq2uTjOScLKqEC%2BY48crIbFxELKAHGU%2BLv"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 08 Dec 2025 01:10:27 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 18 Dec 2024 01:10:27 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:25 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f3b45f569dcd2f3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1310
server
cloudflare
index.js
pxgcdn.com/js/rs/9.5.7/
52 KB
18 KB
Script
General
Full URL
https://pxgcdn.com/js/rs/9.5.7/index.js?ver=5.5.15
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c3d346a1fb7acdcbbd9ed83c297fc5dd3674811654cdbadaf96c18a2a5c075

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"57592815-ceb0"
age
1283193
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0yiVCY0EVHh5SprVhBB1%2BNyJnmNKOjK39BkKZUt62J0sg8%2FuGVy%2BkAoFw8H4iUJ51m291wr3IgseqHTRghaMbiiK16NxWcpVJRggogmT1PU17BPxnbz1tENWyfmweCH4QLv7msl8b88%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET,OPTIONS
expires
Fri, 07 Nov 2025 05:58:49 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=24206&min_rtt=24142&rtt_var=5200&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4029&recv_bytes=2219&delivery_rate=159499&cwnd=252&unsent_bytes=0&cid=0c04031ae05ee59e&ts=50&x=0"
date
Wed, 18 Dec 2024 01:10:27 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 09 Jun 2016 08:25:57 GMT
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=31536000, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
cf-ray
8f3b45f5ba703cc5-CDG
access-control-allow-origin
*
server
cloudflare
js
www.googletagmanager.com/gtag/
412 KB
133 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0P72G6TNFM
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11d05318ad87746d77ba4ba3ed80bc813fe17bfeb6097993dc80b1dee1bdb12b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 01:10:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 01:10:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135474
x-xss-protection
0
server
Google Tag Manager
waidgallerie_27.jpg
diewaid.ch/wp-content/uploads/
209 KB
210 KB
Image
General
Full URL
https://diewaid.ch/wp-content/uploads/waidgallerie_27.jpg
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
6cdbe5c1b935d90555143d2b89e349aef5f54daad16b7e81bfd288fa51ffc380

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
214419
Keep-Alive
timeout=5, max=100
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Mon, 06 Mar 2023 11:22:08 GMT
Content-Type
image/jpeg
Server
Apache
carpaccio-2048x1152.jpg
diewaid.ch/wp-content/uploads/2020/08/
273 KB
273 KB
Image
General
Full URL
https://diewaid.ch/wp-content/uploads/2020/08/carpaccio-2048x1152.jpg
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
5303e1305662d62f267f3af19d5fad52986d01d0b07f232fa7024fb2b80b0d10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
279301
Keep-Alive
timeout=5, max=100
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Fri, 18 Sep 2020 13:34:51 GMT
Content-Type
image/jpeg
Server
Apache
waidberger-2048x1152.jpg
diewaid.ch/wp-content/uploads/2020/08/
545 KB
546 KB
Image
General
Full URL
https://diewaid.ch/wp-content/uploads/2020/08/waidberger-2048x1152.jpg
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
09ebe829547e7e47f9009fddd33e16d9e03c018f69a3188a318ff42e1a610129

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
558384
Keep-Alive
timeout=5, max=99
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Fri, 18 Sep 2020 13:34:59 GMT
Content-Type
image/jpeg
Server
Apache
public.js
diewaid.ch/wp-content/plugins/pixlikes/js/
4 KB
2 KB
Script
General
Full URL
https://diewaid.ch/wp-content/plugins/pixlikes/js/public.js?ver=1.0.0
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
01b2e0f4f8a834dd01567bccd4a71c07989040610f84deec15eb7e1a67fdaf30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Content-Encoding
gzip
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
1236
Keep-Alive
timeout=5, max=99
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Fri, 18 Sep 2020 13:33:58 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
application/javascript
plugins.js
diewaid.ch/wp-content/themes/rosa/assets/js/
161 KB
47 KB
Script
General
Full URL
https://diewaid.ch/wp-content/themes/rosa/assets/js/plugins.js?ver=2.9.0
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
56597e21249fa685e3649281001e2aea8831c1410d84a1c31f8956050c6c072a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Content-Encoding
gzip
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
47372
Keep-Alive
timeout=5, max=99
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Sat, 17 Apr 2021 08:40:43 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
application/javascript
main.js
diewaid.ch/wp-content/themes/rosa/assets/js/
67 KB
20 KB
Script
General
Full URL
https://diewaid.ch/wp-content/themes/rosa/assets/js/main.js?ver=2.9.0
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
2d94d3151dfa02d7a4ef519e933253245956e0293e96b211fc882592be279a7b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Content-Encoding
gzip
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
20034
Keep-Alive
timeout=5, max=99
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Sat, 17 Apr 2021 08:40:43 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
application/javascript
complianz.min.js
diewaid.ch/wp-content/plugins/complianz-gdpr/cookiebanner/js/
40 KB
11 KB
Script
General
Full URL
https://diewaid.ch/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.5.6
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
cdbe380b70423863a1d46b2cb49d1627a28efd29f2d7d7052e8a90ad61d1569a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Content-Encoding
gzip
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
10728
Keep-Alive
timeout=5, max=98
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Wed, 13 Dec 2023 12:53:36 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
application/javascript
wp-embed.min.js
diewaid.ch/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://diewaid.ch/wp-includes/js/wp-embed.min.js?ver=5.5.15
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Content-Encoding
gzip
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
804
Keep-Alive
timeout=5, max=98
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Tue, 16 May 2023 19:12:05 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
application/javascript
cabin--v26-normal-400.woff2
diewaid.ch/wp-content/uploads/fonts/4fe87f308f25b8e670a162a6cf83e75a/
0
0

js
www.googletagmanager.com/gtag/
412 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0P72G6TNFM
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11d05318ad87746d77ba4ba3ed80bc813fe17bfeb6097993dc80b1dee1bdb12b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 01:10:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 01:10:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135474
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/
260 KB
93 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSV4TGCW
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9bc6af8f3adaad417cc8c6ac82d3376db2380903e7b256c61ce38c45c20f03a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 18 Dec 2024 01:10:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 01:10:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
94662
x-xss-protection
0
server
Google Tag Manager
/
plugins.lunchgate.ch/feeds/ Frame 4FCB
0
0
Document
General
Full URL
https://plugins.lunchgate.ch/feeds/?id=62&css=//plugins.lunchgate.ch/feeds/css/profilefeeds.css&reviewer=true
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.168.208 Zurich, Switzerland, ASN29691 (NINE Nine Internet Solutions AG, CH),
Reverse DNS
lunchgate09.nine.ch
Software
Apache /
Resource Hash

Request headers

Referer
https://provisorium.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
none
access-control-allow-origin
*
cache-control
max-age=0
content-encoding
gzip
content-length
2997
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 01:10:27 GMT
expires
Wed, 18 Dec 2024 01:10:27 GMT
server
Apache
vary
Accept-Encoding
x-ua-compatible
IE=Edge,chrome=1
/
plugins.lunchgate.ch/feeds/ Frame EB63
0
0
Document
General
Full URL
https://plugins.lunchgate.ch/feeds/?id=14504&css=//plugins.lunchgate.ch/feeds/css/profilefeeds.css
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.168.208 Zurich, Switzerland, ASN29691 (NINE Nine Internet Solutions AG, CH),
Reverse DNS
lunchgate09.nine.ch
Software
Apache /
Resource Hash

Request headers

Referer
https://provisorium.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
none
access-control-allow-origin
*
cache-control
max-age=0
content-encoding
gzip
content-length
2940
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 01:10:27 GMT
expires
Wed, 18 Dec 2024 01:10:27 GMT
server
Apache
vary
Accept-Encoding
x-ua-compatible
IE=Edge,chrome=1
MUIFANRleyFBODKmUx-uqP1z0x7MgcI_pQ_GEzIh18qM43I6YnkXLQVYEbgLlACOlXrRo44nHdEHLTStiRI81XIZ4hEmG-D7xvHghWpUDzMffbCHq0v0JGNDjd-5EWkqPMCK8vUBcspqNrb7RtSn36FwIzwgV2F41cS1xPfgMRwQNZaI9Mtw57gHPFeRS4Tw_aFR7...
dbe73bf0.sibforms.com/serve/ Frame B607
0
0
Document
General
Full URL
https://dbe73bf0.sibforms.com/serve/MUIFANRleyFBODKmUx-uqP1z0x7MgcI_pQ_GEzIh18qM43I6YnkXLQVYEbgLlACOlXrRo44nHdEHLTStiRI81XIZ4hEmG-D7xvHghWpUDzMffbCHq0v0JGNDjd-5EWkqPMCK8vUBcspqNrb7RtSn36FwIzwgV2F41cS1xPfgMRwQNZaI9Mtw57gHPFeRS4Tw_aFR7nC13vImH2Hq
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f96d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://provisorium.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
public, s-maxage=300
cf-cache-status
EXPIRED
cf-ray
8f3b45f7be3b783b-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 18 Dec 2024 01:10:27 GMT
last-modified
Wed, 18 Dec 2024 01:10:27 GMT
server
cloudflare
vary
Origin, Accept-Encoding
truncated
/
167 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6073bb02383f44288b22db12d4bcec13cb66c38d7d8b66214082991bdec728e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
394 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0258a377207160921b4def95e08bde2b05f202a1d441850d49502f768e72307d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
source-sans-pro--v22-normal-400.woff2
diewaid.ch/wp-content/uploads/fonts/4fe87f308f25b8e670a162a6cf83e75a/
0
0

fontawesome-webfont.woff2
diewaid.ch/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/
0
0

source-sans-pro--v22-normal-900.woff2
diewaid.ch/wp-content/uploads/fonts/4fe87f308f25b8e670a162a6cf83e75a/
0
0

award24-47.svg
files.lunchgate.ch/award/
27 KB
27 KB
Image
General
Full URL
https://files.lunchgate.ch/award/award24-47.svg
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.168.208 Zurich, Switzerland, ASN29691 (NINE Nine Internet Solutions AG, CH),
Reverse DNS
lunchgate09.nine.ch
Software
Apache /
Resource Hash
ae0ce1497a2f07f61c1425415544e9cc18e86889c6b4b12118527e04902877b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

cache-control
max-age=31536000, public
etag
"6bb5-6165b14cbcec0"
expires
Thu, 6 Dec 2018 20:00:00 GMT
accept-ranges
bytes
content-length
27573
date
Wed, 18 Dec 2024 01:10:27 GMT
last-modified
Thu, 18 Apr 2024 08:51:47 GMT
content-type
image/svg+xml
server
Apache
winner-batch-de.png
diewaid.ch/wp-content/uploads/
36 KB
37 KB
Image
General
Full URL
https://diewaid.ch/wp-content/uploads/winner-batch-de.png
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
8374e9107114a620f826859838be5cdb4c20d4fffbc08275b417fa2b5160de82

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
37285
Keep-Alive
timeout=5, max=97
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Sat, 22 Jun 2024 14:49:42 GMT
Content-Type
image/png
Server
Apache
fontawesome-webfont.woff
diewaid.ch/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/
0
0

set_partitioned_cookie
www.googleadservices.com/pagead/
Redirect Chain
  • https://www.google.com/ccm/collect?en=page_view&dr=www.google.com&dl=https%3A%2F%2Fprovisorium.ch%2F&scrsrc=www.googletagmanager.com&frm=0&lps=1&rnd=135400142.1734484228&dt=Die%20Waid&auid=44739199...
  • https://www.googleadservices.com/pagead/set_partitioned_cookie?auid=447391998.1734484228&url=https%3A%2F%2Fprovisorium.ch%2F&ref=www.google.com&tfd=1139&tft=1734484227834&frm=0&gtm=45He4cc1v9185170...
0
0
Ping
General
Full URL
https://www.googleadservices.com/pagead/set_partitioned_cookie?auid=447391998.1734484228&url=https%3A%2F%2Fprovisorium.ch%2F&ref=www.google.com&tfd=1139&tft=1734484227834&frm=0&gtm=45He4cc1v9185170927za200&tag_exp=101925629~102067555~102067808~102081485~102198178&apve=1&gcd=13l3l3l3l1l1&dma=0&npa=0&navt=n
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://www.googleadservices.com/pagead/set_partitioned_cookie?auid=447391998.1734484228&url=https%3A%2F%2Fprovisorium.ch%2F&ref=www.google.com&tfd=1139&tft=1734484227834&frm=0&gtm=45He4cc1v9185170927za200&tag_exp=101925629~102067555~102067808~102081485~102198178&apve=1&gcd=13l3l3l3l1l1&dma=0&npa=0&navt=n
access-control-expose-headers
date,location,vary,vary,vary,server,content-length
pragma
no-cache
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://provisorium.ch
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Dec 2024 01:10:27 GMT
x-xss-protection
0
content-type
text/plain
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/
412 KB
132 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0P72G6TNFM&l=dataLayer&cx=c&gtm=45He4cc1v9185170927za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSV4TGCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
976584429271be838c02294b7e1eb008fba186ad3b72324a4fea3db36819ce47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 01:10:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 01:10:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135531
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
284 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-999094153&l=dataLayer&cx=c&gtm=45He4cc1v9185170927za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSV4TGCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7fc10043ef41f9bc1fff695c82c0e274e0546829fab0ecf972155f495d8fb9ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 18 Dec 2024 01:10:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 01:10:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100283
x-xss-protection
0
server
Google Tag Manager
banner-1-optin.css
diewaid.ch/wp-content/uploads/complianz/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://diewaid.ch/wp-content/uploads/complianz/css/banner-1-optin.css?v=37
Requested by
Host: diewaid.ch
URL: https://diewaid.ch/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.5.6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
9246e8275384b19503ef0e6b425b32559373806ab32a6bab2c1dad8a19cbf04e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Content-Encoding
gzip
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
3322
Keep-Alive
timeout=5, max=96
Date
Wed, 18 Dec 2024 01:10:27 GMT
Last-Modified
Wed, 13 Nov 2024 09:21:21 GMT
Vary
Accept-Encoding
Server
Apache
Content-Type
text/css
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame D797
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fprovisorium.ch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSV4TGCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 01:10:27 GMT
expires
Thu, 18 Dec 2025 01:10:27 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0P72G6TNFM&gtm=45je4cc1v899796913za200zb9185170927&_p=1734484227656&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=204884002.1734484228&ul=de-ch&sr=1600x1200&lps=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734484227&sct=1&seg=0&dl=https%3A%2F%2Fprovisorium.ch%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Die%20Waid&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1203
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0P72G6TNFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://provisorium.ch
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Dec 2024 01:10:27 GMT
content-type
text/plain
server
Golfe2
fontawesome-webfont.ttf
diewaid.ch/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/
0
0

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/999094153/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/999094153/?random=1734484227927&cv=11&fst=1734484227927&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9187139432za200zb9185170927&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fprovisorium.ch%2F&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Die%20Waid&npa=0&pscdl=noapi&auid=447391998.1734484228&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-999094153&l=dataLayer&cx=c&gtm=45He4cc1v9185170927za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
743e289f07d7b27a7a3a918612a59d1f03b582db94b8d9bc51b3e0c04d3fc0c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2256
date
Wed, 18 Dec 2024 01:10:27 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
999094153
td.doubleclick.net/td/rul/ Frame 2801
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/999094153?random=1734484227927&cv=11&fst=1734484227927&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9187139432za200zb9185170927&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fprovisorium.ch%2F&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Die%20Waid&npa=0&pscdl=noapi&auid=447391998.1734484228&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-999094153&l=dataLayer&cx=c&gtm=45He4cc1v9185170927za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://provisorium.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Dec 2024 01:10:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/999094153/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/999094153/?random=1734484227927&cv=11&fst=1734483600000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9187139432za200zb9185170927&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fprovisorium.ch%2F&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Die%20Waid&npa=0&pscdl=noapi&auid=447391998.1734484228&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7daMsMffdaU7GENa8QG9AHD6MH5WWr5w&random=3595442928&rmt_tld=0&ipr=y
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 01:10:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ch/pagead/1p-user-list/999094153/
42 B
455 B
Image
General
Full URL
https://www.google.ch/pagead/1p-user-list/999094153/?random=1734484227927&cv=11&fst=1734483600000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v9187139432za200zb9185170927&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fprovisorium.ch%2F&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Die%20Waid&npa=0&pscdl=noapi&auid=447391998.1734484228&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7daMsMffdaU7GENa8QG9AHD6MH5WWr5w&random=3595442928&rmt_tld=1&ipr=y
Requested by
Host: provisorium.ch
URL: https://provisorium.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 18 Dec 2024 01:10:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
waidlogo_rund-150x150.png
diewaid.ch/wp-content/uploads/2020/07/
16 KB
16 KB
Other
General
Full URL
https://diewaid.ch/wp-content/uploads/2020/07/waidlogo_rund-150x150.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
46.232.178.241 , Switzerland, ASN35206 (NOVATREND-AS NovaTrend Services GmbH, CH),
Reverse DNS
server1.adwork.ch
Software
Apache /
Resource Hash
bb307eaf56222691e567e76cb075b3574942669c7d33d2f1e66492e8795ad550

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://provisorium.ch/

Response headers

Cache-Control
max-age=10368000
Connection
keep-alive, Keep-Alive
Expires
max-age=A10368000, public
Accept-Ranges
bytes
Content-Length
15980
Keep-Alive
timeout=5, max=95
Date
Wed, 18 Dec 2024 01:10:28 GMT
Last-Modified
Fri, 18 Sep 2020 13:34:49 GMT
Content-Type
image/png
Server
Apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
diewaid.ch
URL
https://diewaid.ch/wp-content/uploads/fonts/4fe87f308f25b8e670a162a6cf83e75a/cabin--v26-normal-400.woff2?c=1692717200
Domain
diewaid.ch
URL
https://diewaid.ch/wp-content/uploads/fonts/4fe87f308f25b8e670a162a6cf83e75a/source-sans-pro--v22-normal-400.woff2?c=1692717217
Domain
diewaid.ch
URL
https://diewaid.ch/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0
Domain
diewaid.ch
URL
https://diewaid.ch/wp-content/uploads/fonts/4fe87f308f25b8e670a162a6cf83e75a/source-sans-pro--v22-normal-900.woff2?c=1692717222
Domain
diewaid.ch
URL
https://diewaid.ch/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/fontawesome-webfont.woff?v=4.7.0
Domain
diewaid.ch
URL
https://diewaid.ch/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/fontawesome-webfont.ttf?v=4.7.0

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| jQuery object| Gridable object| jQuery11240396275917006933 object| html5 object| Modernizr object| WebFont object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| ScrollToPlugin function| gtag object| dataLayer object| locals function| EventEmitter object| eventie function| imagesLoaded function| moment function| Pikaday object| respond object| rosaStrings object| complianz object| wp object| google_tag_manager object| google_tag_data function| cmplz_create_element function| cmplz_add_event function| cmplz_is_hidden function| cmplz_html_decode function| cmplzLoadConsentAreaContent function| cmplz_set_category_as_body_class function| cmplz_append_css function| cmplz_load_css function| cmplz_run_script function| cmplz_maybe_run_waiting_scripts function| cmplz_set_blocked_content_container function| cmplz_insert_placeholder_text function| cmplz_set_blocked_content_container_aspect_ratio function| cmplz_has_blocked_scripts function| cmplz_enable_category function| cmplz_remove_placeholder function| cmplz_get_waiting_script function| cmplz_array_is_empty function| cmplz_is_waiting_script function| cmplz_run_after_all_scripts function| cmplz_run_tm_event function| cmplz_legacy function| cmplz_do_not_track function| cmplz_get_services_on_page function| cmplz_is_bot function| cmplz_is_speedbot function| cmplz_exists_service_consent function| cmplz_set_service_consent function| cmplz_clear_all_service_consents function| cmplz_get_all_service_consents function| cmplz_get_cookie_path function| cmplz_get_cookie_domain function| cmplz_reload_browser_compatible object| cmplz_user_data function| cmplz_track_status_end function| cmplz_set_up_auto_dismiss function| cmplz_fire_categories_event function| cmplz_track_status function| cmplz_accepted_categories function| cmplz_sync_category_checkboxes function| cmplz_merge_object function| cmplz_check_cookie_policy_id function| cmplz_clear_cookies function| cmplz_set_accepted_cookie_policy_id function| cmplz_integrations_init function| cmplz_integrations_revoke function| cmplz_set_integrations_cookies function| cmplz_get_url_parameter function| cmplz_maybe_auto_redirect function| cmplz_wp_set_consent object| cmplz_cookie_data function| cmplz_start_clean function| cmplz_do_cleanup function| cmplz_setup_clean_interval function| cmplz_clear_storage function| cmplz_load_manage_consent_container function| cmplz_equals function| cmplzCopyAttributes function| cmplz_get_cookie function| cmplz_set_cookie function| cmplz_in_array function| cmplz_highest_accepted_category function| cmplz_accept_all function| conditionally_show_banner function| show_cookie_banner function| cmplz_get_banner_status function| cmplz_set_banner_status function| cmplz_has_consent function| cmplz_is_service_denied function| cmplz_has_service_consent function| cmplz_set_consent string| wp_consent_type function| cmplz_deny_all number| wh number| ww function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO string| separator

6 Cookies

Domain/Path Name / Value
provisorium.ch/ Name: pll_language
Value: de
.provisorium.ch/ Name: _gcl_au
Value: 1.1.447391998.1734484228
.provisorium.ch/ Name: _ga_0P72G6TNFM
Value: GS1.1.1734484227.1.0.1734484227.0.0.0
.provisorium.ch/ Name: _ga
Value: GA1.1.204884002.1734484228
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.sibforms.com/ Name: __cfruid
Value: 1945d2d2fa9f24e24720aa00053260b280fe75a0-1734484228

12 Console Messages

Source Level URL
Text
javascript error URL: https://provisorium.ch/
Message:
Access to font at 'https://diewaid.ch/wp-content/uploads/fonts/4fe87f308f25b8e670a162a6cf83e75a/cabin--v26-normal-400.woff2?c=1692717200' from origin 'https://provisorium.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://diewaid.ch/wp-content/uploads/fonts/4fe87f308f25b8e670a162a6cf83e75a/cabin--v26-normal-400.woff2?c=1692717200
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://provisorium.ch/(Line 1171)
Message:
Access to font at 'https://diewaid.ch/wp-content/uploads/fonts/4fe87f308f25b8e670a162a6cf83e75a/source-sans-pro--v22-normal-400.woff2?c=1692717217' from origin 'https://provisorium.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://diewaid.ch/wp-content/uploads/fonts/4fe87f308f25b8e670a162a6cf83e75a/source-sans-pro--v22-normal-400.woff2?c=1692717217
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://provisorium.ch/
Message:
Access to font at 'https://diewaid.ch/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://provisorium.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://diewaid.ch/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/fontawesome-webfont.woff2?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://provisorium.ch/
Message:
Access to font at 'https://diewaid.ch/wp-content/uploads/fonts/4fe87f308f25b8e670a162a6cf83e75a/source-sans-pro--v22-normal-900.woff2?c=1692717222' from origin 'https://provisorium.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://diewaid.ch/wp-content/uploads/fonts/4fe87f308f25b8e670a162a6cf83e75a/source-sans-pro--v22-normal-900.woff2?c=1692717222
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://provisorium.ch/
Message:
Access to font at 'https://diewaid.ch/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/fontawesome-webfont.woff?v=4.7.0' from origin 'https://provisorium.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://diewaid.ch/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/fontawesome-webfont.woff?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://provisorium.ch/
Message:
Access to font at 'https://diewaid.ch/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://provisorium.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://diewaid.ch/wp-content/themes/rosa/assets/fonts/icon-fonts/fontawesome/fontawesome-webfont.ttf?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
dbe73bf0.sibforms.com
diewaid.ch
files.lunchgate.ch
googleads.g.doubleclick.net
plugins.lunchgate.ch
provisorium.ch
pxgcdn.com
region1.google-analytics.com
td.doubleclick.net
www.google.ch
www.google.com
www.googleadservices.com
www.googletagmanager.com
diewaid.ch
104.17.25.14
142.250.181.226
142.250.185.196
142.250.185.226
2001:4860:4802:34::36
2606:4700:20::681a:8df
2606:4700::6810:f96d
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2003
2a00:1450:4001:830::2002
46.232.178.241
5.148.168.208
01b2e0f4f8a834dd01567bccd4a71c07989040610f84deec15eb7e1a67fdaf30
0258a377207160921b4def95e08bde2b05f202a1d441850d49502f768e72307d
08317dae4f2e329902ebaa89707e581dd0526f5552f4bf9ee3cbeb19b639ef55
09ebe829547e7e47f9009fddd33e16d9e03c018f69a3188a318ff42e1a610129
11d05318ad87746d77ba4ba3ed80bc813fe17bfeb6097993dc80b1dee1bdb12b
2d94d3151dfa02d7a4ef519e933253245956e0293e96b211fc882592be279a7b
51b1609e0a64e54b2cf8cd889e2830141de73d76fc0a4d446bf644f49133b5c3
5303e1305662d62f267f3af19d5fad52986d01d0b07f232fa7024fb2b80b0d10
56597e21249fa685e3649281001e2aea8831c1410d84a1c31f8956050c6c072a
6127435a62e89f7b5c73dac0df2d39218f6efd66f04981b3e07f9f33682a2132
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6cdbe5c1b935d90555143d2b89e349aef5f54daad16b7e81bfd288fa51ffc380
743e289f07d7b27a7a3a918612a59d1f03b582db94b8d9bc51b3e0c04d3fc0c8
7f02c88c0a0bb22fa428b9a8ec6f4ef3661a72ea5a1a204938b5e650806ac425
7fc10043ef41f9bc1fff695c82c0e274e0546829fab0ecf972155f495d8fb9ef
8374e9107114a620f826859838be5cdb4c20d4fffbc08275b417fa2b5160de82
85a69f34ccd01140e3145a711cab5818a150bdce28d64d41d6066e2d2210e848
9246e8275384b19503ef0e6b425b32559373806ab32a6bab2c1dad8a19cbf04e
92bffebef334ab545ab74016130bc66f986762487a827b9fe079d5b706e609dd
976584429271be838c02294b7e1eb008fba186ad3b72324a4fea3db36819ce47
9bc6af8f3adaad417cc8c6ac82d3376db2380903e7b256c61ce38c45c20f03a9
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
ae0ce1497a2f07f61c1425415544e9cc18e86889c6b4b12118527e04902877b5
b6073bb02383f44288b22db12d4bcec13cb66c38d7d8b66214082991bdec728e
bb307eaf56222691e567e76cb075b3574942669c7d33d2f1e66492e8795ad550
cdbe380b70423863a1d46b2cb49d1627a28efd29f2d7d7052e8a90ad61d1569a
e2c3d346a1fb7acdcbbd9ed83c297fc5dd3674811654cdbadaf96c18a2a5c075
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6f0c5227ac15fd10d42c2e7d077ea384c8bd2b2789cb47b4dc9972615087a24