URL: https://roethlisbergerag.ch/
Submission: On December 10 via api from CH — Scanned from CH

Summary

This website contacted 19 IPs in 3 countries across 15 domains to perform 37 HTTP transactions. The main IP is 2a01:ab20:0:4::109, located in Switzerland and belongs to CYON cyon GmbH, CH. The main domain is roethlisbergerag.ch.
TLS certificate: Issued by R11 on November 15th 2024. Valid for: 3 months.
This is the only time roethlisbergerag.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2a01:ab20:0:4... 47302 (CYON cyon...)
1 172.65.208.22 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 149.126.4.109 47302 (CYON cyon...)
1 1 172.217.18.4 15169 (GOOGLE)
1 216.58.206.66 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-AS...)
1 172.65.236.181 13335 (CLOUDFLAR...)
2 172.65.192.122 13335 (CLOUDFLAR...)
1 172.65.202.201 13335 (CLOUDFLAR...)
1 172.65.238.60 13335 (CLOUDFLAR...)
1 2 142.250.186.134 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.166 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 172.65.198.159 13335 (CLOUDFLAR...)
1 172.65.240.166 13335 (CLOUDFLAR...)
1 172.65.232.43 13335 (CLOUDFLAR...)
37 19
Apex Domain
Subdomains
Transfer
12 roethlisbergerag.ch
roethlisbergerag.ch
694 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
px4.ads.linkedin.com — Cisco Umbrella Rank: 7032
2 KB
4 doubleclick.net
5308632.fls.doubleclick.net
td.doubleclick.net — Cisco Umbrella Rank: 182
ad.doubleclick.net — Cisco Umbrella Rank: 145
774 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
296 KB
3 hubspot.com
js-eu1.hubspot.com — Cisco Umbrella Rank: 20435
cta-eu1.hubspot.com — Cisco Umbrella Rank: 20388
track-eu1.hubspot.com — Cisco Umbrella Rank: 15690
27 KB
2 hscollectedforms.net
js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 25928
forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 26357
25 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
15 KB
2 balmer-etienne.ch
balmer-etienne.ch
2 MB
1 hsforms.com
perf-eu1.hsforms.com — Cisco Umbrella Rank: 21170
1 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 15492
25 KB
1 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 15263
28 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
1 google.com
www.google.com — Cisco Umbrella Rank: 3
23 B
1 hs-scripts.com
js-eu1.hs-scripts.com — Cisco Umbrella Rank: 14917
983 B
37 15
Domain Requested by
12 roethlisbergerag.ch roethlisbergerag.ch
4 www.googletagmanager.com roethlisbergerag.ch
www.googletagmanager.com
3 px.ads.linkedin.com 1 redirects snap.licdn.com
2 5308632.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 balmer-etienne.ch roethlisbergerag.ch
1 perf-eu1.hsforms.com
1 track-eu1.hubspot.com
1 cta-eu1.hubspot.com js-eu1.hubspot.com
1 forms-eu1.hscollectedforms.net js-eu1.hscollectedforms.net
1 px4.ads.linkedin.com roethlisbergerag.ch
1 region1.google-analytics.com www.googletagmanager.com
1 ad.doubleclick.net roethlisbergerag.ch
1 td.doubleclick.net www.googletagmanager.com
1 js-eu1.hs-analytics.net js-eu1.hs-scripts.com
1 js-eu1.hs-banner.com js-eu1.hs-scripts.com
1 js-eu1.hscollectedforms.net js-eu1.hs-scripts.com
1 js-eu1.hubspot.com js-eu1.hs-scripts.com
1 www.googleadservices.com roethlisbergerag.ch
1 www.google.com 1 redirects
1 js-eu1.hs-scripts.com roethlisbergerag.ch
37 21

This site contains links to these domains. Also see Links.

Domain
balmer-etienne.ch
get.teamviewer.com
www.linkedin.com
Subject Issuer Validity Valid
balmer-etienne.ch
R11
2024-11-15 -
2025-02-13
3 months crt.sh
hs-scripts.com
WE1
2024-11-24 -
2025-02-22
3 months crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2024-12-02 -
2025-12-01
a year crt.sh
hubspot.com
WE1
2024-12-01 -
2025-03-01
3 months crt.sh
hscollectedforms.net
WE1
2024-11-20 -
2025-02-18
3 months crt.sh
hs-banner.com
WE1
2024-11-22 -
2025-02-20
3 months crt.sh
hs-analytics.net
WE1
2024-12-05 -
2025-03-05
3 months crt.sh
*.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
hsforms.com
WE1
2024-12-08 -
2025-03-08
3 months crt.sh

This page contains 4 frames:

Primary Page: https://roethlisbergerag.ch/
Frame ID: A9E2D70B5F99025BB7A1599CE2512C07
Requests: 34 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Froethlisbergerag.ch
Frame ID: 771313CA79EB48BC379BF1DF27CDE1EB
Requests: 1 HTTP requests in this frame

Frame: https://5308632.fls.doubleclick.net/activityi;dc_pre=CJPd2uGcnIoDFVj0EQgdFi4ZQw;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4c90z8810937680za201zb810937680;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Froethlisbergerag.ch%2F
Frame ID: 74689196A4C0B5F43D582FF4E62D17C2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4c90z8810937680za201zb810937680;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Froethlisbergerag.ch%2F
Frame ID: A7853ED7F4CBCFB2A1E8DC751301FC2E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

TREUHAND • PRÜFUNG • BERATUNG

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

37
Requests

62 %
HTTPS

30 %
IPv6

15
Domains

21
Subdomains

19
IPs

3
Countries

3454 kB
Transfer

5305 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://www.google.com/ccm/collect?en=page_view&dr=www.google.com&dl=https%3A%2F%2Froethlisbergerag.ch%2F&scrsrc=www.googletagmanager.com&frm=0&lps=1&rnd=601743132.1733800119&auid=1722091511.1733800119&npa=0&gtm=45He4c90v810937680za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&tft=1733800118974&tfd=446&apve=1 HTTP 302
  • https://www.googleadservices.com/pagead/set_partitioned_cookie?auid=1722091511.1733800119&url=https%3A%2F%2Froethlisbergerag.ch%2F&ref=www.google.com&tfd=446&tft=1733800118974&frm=0&gtm=45He4c90v810937680za200&tag_exp=101925629~102067555~102067808~102081485&apve=1&gcs=G111&gcd=13t3t3t3t5l1&dma=0&npa=0
Request Chain 23
  • https://5308632.fls.doubleclick.net/activityi;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4c90z8810937680za201zb810937680;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Froethlisbergerag.ch%2F HTTP 302
  • https://5308632.fls.doubleclick.net/activityi;dc_pre=CJPd2uGcnIoDFVj0EQgdFi4ZQw;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4c90z8810937680za201zb810937680;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Froethlisbergerag.ch%2F
Request Chain 29
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3509697&time=1733800119142&url=https%3A%2F%2Froethlisbergerag.ch%2F HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3509697&time=1733800119142&url=https%3A%2F%2Froethlisbergerag.ch%2F&e_ipv6=AQIlJTfPUmFxyAAAAZOuikvh49gvM7k5y3YvXa0fdOQ-46wxiqzs6VoWO_J3bDT-ME6F

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
roethlisbergerag.ch/
184 KB
62 KB
Document
General
Full URL
https://roethlisbergerag.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:4::109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software
/ Craft CMS,Blitz
Resource Hash
2947fbc477d4e2dcc67f3562cab55472144256a795225124f2d6c4582ff843d6

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
public, s-maxage=31536000, max-age=0
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 10 Dec 2024 03:08:38 GMT
expires
0
pragma
no-cache
vary
Accept-Encoding
x-powered-by
Craft CMS,Blitz
app.css
roethlisbergerag.ch/dist/css/
109 KB
18 KB
Stylesheet
General
Full URL
https://roethlisbergerag.ch/dist/css/app.css?v=1730205378
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:4::109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software
/
Resource Hash
84bd35010d92f12f90e766dba1cac13556e07ed820b6f938cfe73c97d993d8e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"1b412-6720d6c2-a56d4ca909fc1832;br"
expires
Tue, 17 Dec 2024 03:08:38 GMT
accept-ranges
bytes
content-length
17867
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
text/css
last-modified
Tue, 29 Oct 2024 12:36:18 GMT
vary
Accept-Encoding
cookiesBanner.js
roethlisbergerag.ch/dist/js/
5 KB
2 KB
Script
General
Full URL
https://roethlisbergerag.ch/dist/js/cookiesBanner.js?v=1725287587
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:4::109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software
/
Resource Hash
10d8e0e380054add90e162cb24091bb4c6dab2f3f467497ba112e862df6c9d6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"1576-66d5cca3-8709bfebcc371a43;br"
expires
Tue, 17 Dec 2024 03:08:38 GMT
accept-ranges
bytes
content-length
2250
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
application/javascript
last-modified
Mon, 02 Sep 2024 14:33:07 GMT
vary
Accept-Encoding
143998028.js
js-eu1.hs-scripts.com/
2 KB
983 B
Script
General
Full URL
https://js-eu1.hs-scripts.com/143998028.js
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f0cc21992676bf5e0c2367d1599134947e7adca5b18fedcddc5be033f072321
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
EXPIRED
access-control-allow-credentials
true
x-content-type-options
nosniff
cf-ray
8efa081738d235fa-FRA
accept-ranges
bytes
access-control-allow-origin
https://roethlisbergerag.ch
content-length
649
date
Tue, 10 Dec 2024 03:08:38 GMT
x-hubspot-correlation-id
83bdcd27-a3c0-4eb3-888b-b0df4e5633ab
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
server
cloudflare
last-modified
Tue, 10 Dec 2024 03:08:38 GMT
gtm.js
www.googletagmanager.com/
319 KB
110 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P82Z98V
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a6a267ec6633db3bb2b652b8e44d3fe9af224463f3428649c591aa8db2a516d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 10 Dec 2024 03:08:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
111655
x-xss-protection
0
server
Google Tag Manager
app.js
roethlisbergerag.ch/dist/js/
4 KB
2 KB
Script
General
Full URL
https://roethlisbergerag.ch/dist/js/app.js?v=1686832577
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:4::109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software
/
Resource Hash
82dca81cff6869f0330afcf0548d8235a60c477dd0a6dc892a47107ca0fee67f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"1180-648b05c1-d23b59453b765cf8;br"
expires
Tue, 17 Dec 2024 03:08:38 GMT
accept-ranges
bytes
content-length
2199
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
application/javascript
last-modified
Thu, 15 Jun 2023 12:36:17 GMT
vary
Accept-Encoding
ux.js
roethlisbergerag.ch/dist/js/
1 MB
238 KB
Script
General
Full URL
https://roethlisbergerag.ch/dist/js/ux.js?v=1718781550
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:4::109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software
/
Resource Hash
f88db524318a25aae2f13f4caa93c89e70cb459dd1281e2663ca4407e2cded00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

cache-control
public, max-age=604800
content-encoding
br
etag
"111617-6672866e-9f5798252c75f63f;br"
expires
Tue, 17 Dec 2024 03:08:38 GMT
accept-ranges
bytes
content-length
243091
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
application/javascript
last-modified
Wed, 19 Jun 2024 07:19:10 GMT
vary
Accept-Encoding
Cabin-Regular.woff2
roethlisbergerag.ch/dist/webfonts/
30 KB
30 KB
Font
General
Full URL
https://roethlisbergerag.ch/dist/webfonts/Cabin-Regular.woff2
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/dist/css/app.css?v=1730205378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:4::109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software
/
Resource Hash
e11123603b9c089edc5826411904937bd2ac3fed8f8d7a8a2c4068f9e0c1074a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://roethlisbergerag.ch
Referer
https://roethlisbergerag.ch/dist/css/app.css?v=1730205378

Response headers

accept-ranges
bytes
content-length
30464
etag
"7700-648b05c1-b9ab4d3ab9a15cc1;;;"
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
font/woff2
last-modified
Thu, 15 Jun 2023 12:36:17 GMT
Ubuntu-Regular.woff2
roethlisbergerag.ch/dist/webfonts/
97 KB
97 KB
Font
General
Full URL
https://roethlisbergerag.ch/dist/webfonts/Ubuntu-Regular.woff2
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/dist/css/app.css?v=1730205378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:4::109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software
/
Resource Hash
0c7dfece551f74e4368bc01ed4a8eaeebc6fbe3f77982cfc7c3c2fc652cbf59e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://roethlisbergerag.ch
Referer
https://roethlisbergerag.ch/dist/css/app.css?v=1730205378

Response headers

accept-ranges
bytes
content-length
99256
etag
"183b8-648b05c1-e0de84574ac1c930;;;"
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
font/woff2
last-modified
Thu, 15 Jun 2023 12:36:17 GMT
Ubuntu-Bold.woff2
roethlisbergerag.ch/dist/webfonts/
82 KB
82 KB
Font
General
Full URL
https://roethlisbergerag.ch/dist/webfonts/Ubuntu-Bold.woff2
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/dist/css/app.css?v=1730205378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:4::109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software
/
Resource Hash
af2f7500f906f1905ee2763ced51bfbbe211f8bfb33ec0e5b4cf6eb93525bed3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://roethlisbergerag.ch
Referer
https://roethlisbergerag.ch/dist/css/app.css?v=1730205378

Response headers

accept-ranges
bytes
content-length
84300
etag
"1494c-648b05c1-f152d00b86f8b6c9;;;"
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
font/woff2
last-modified
Thu, 15 Jun 2023 12:36:17 GMT
Ubuntu-Medium.woff2
roethlisbergerag.ch/dist/webfonts/
88 KB
88 KB
Font
General
Full URL
https://roethlisbergerag.ch/dist/webfonts/Ubuntu-Medium.woff2
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/dist/css/app.css?v=1730205378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:4::109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software
/
Resource Hash
c64b5535f5192bf4555825028f7112ae4423d4f8ffcd0c37050d4dbf02955cc5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://roethlisbergerag.ch
Referer
https://roethlisbergerag.ch/dist/css/app.css?v=1730205378

Response headers

accept-ranges
bytes
content-length
90156
etag
"1602c-648b05c1-d4f200ef387f4579;;;"
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
font/woff2
last-modified
Thu, 15 Jun 2023 12:36:17 GMT
MG_3018-Bearbeitet_web_03e99a4c81725b141ad84ff8ef4ca8ee.webp
roethlisbergerag.ch/imager/uploads/BE-Bildwelt_Web/10293/
19 KB
19 KB
Image
General
Full URL
https://roethlisbergerag.ch/imager/uploads/BE-Bildwelt_Web/10293/MG_3018-Bearbeitet_web_03e99a4c81725b141ad84ff8ef4ca8ee.webp
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:4::109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software
/
Resource Hash
bd053132ffbcb72341457c3e1286a607bb3271dbf2f90463327367fd29232ac7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

cache-control
public, max-age=604800
etag
"4a62-6672863d-98fa3900ca6cde88;;;"
expires
Tue, 17 Dec 2024 03:08:38 GMT
accept-ranges
bytes
content-length
19042
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
image/webp
last-modified
Wed, 19 Jun 2024 07:18:21 GMT
MG_3188-Bearbeitet_web_0a84c87bada1479d571d9c9ec8ab0c91.webp
roethlisbergerag.ch/imager/uploads/BE-Bildwelt_Web/10300/
36 KB
36 KB
Image
General
Full URL
https://roethlisbergerag.ch/imager/uploads/BE-Bildwelt_Web/10300/MG_3188-Bearbeitet_web_0a84c87bada1479d571d9c9ec8ab0c91.webp
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:4::109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software
/
Resource Hash
13571f4e1432c531b869154eb6af5dc7de35a7515f4e152af2733aba23c6b976

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

cache-control
public, max-age=604800
etag
"9062-6672863f-18265b0344161ac9;;;"
expires
Tue, 17 Dec 2024 03:08:38 GMT
accept-ranges
bytes
content-length
36962
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
image/webp
last-modified
Wed, 19 Jun 2024 07:18:23 GMT
MG_3004-Bearbeitet_web_bearbeitet_f23aeac7bf50db41fecdd07b4a0cf011.webp
roethlisbergerag.ch/imager/uploads/BE-Bildwelt_Web/10292/
20 KB
20 KB
Image
General
Full URL
https://roethlisbergerag.ch/imager/uploads/BE-Bildwelt_Web/10292/MG_3004-Bearbeitet_web_bearbeitet_f23aeac7bf50db41fecdd07b4a0cf011.webp
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:4::109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software
/
Resource Hash
34f28f0bd90975c16c22fa959c1fdee1b9bc9079c003d3629583dababacac6c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

cache-control
public, max-age=604800
etag
"5032-6672863d-166fd2f65be64d73;;;"
expires
Tue, 17 Dec 2024 03:08:38 GMT
accept-ranges
bytes
content-length
20530
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
image/webp
last-modified
Wed, 19 Jun 2024 07:18:21 GMT
230804_BE-Employer-Branding-KV-V3-SEO_A.mp4
balmer-etienne.ch/media/uploads/Dokumente/
2 MB
2 MB
Media
General
Full URL
https://balmer-etienne.ch/media/uploads/Dokumente/230804_BE-Employer-Branding-KV-V3-SEO_A.mp4
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.4.109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
s100.cyon.net
Software
/
Resource Hash
d5413b928750fa34f07acc3c0f69b4e6f98428d3a590a994e4d45ca04b3d3c4d

Request headers

Referer
https://roethlisbergerag.ch/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
public, max-age=31536000
etag
"247ff9-64cd021d-2dfc4e0b54ef9d09;;;"
Content-Range
bytes 0-2392056/2392057
expires
Wed, 10 Dec 2025 03:08:38 GMT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
Content-Length
2392057
date
Tue, 10 Dec 2024 03:08:38 GMT
content-type
video/mp4
last-modified
Fri, 04 Aug 2023 13:50:21 GMT
set_partitioned_cookie
www.googleadservices.com/pagead/
Redirect Chain
  • https://www.google.com/ccm/collect?en=page_view&dr=www.google.com&dl=https%3A%2F%2Froethlisbergerag.ch%2F&scrsrc=www.googletagmanager.com&frm=0&lps=1&rnd=601743132.1733800119&auid=1722091511.173380...
  • https://www.googleadservices.com/pagead/set_partitioned_cookie?auid=1722091511.1733800119&url=https%3A%2F%2Froethlisbergerag.ch%2F&ref=www.google.com&tfd=446&tft=1733800118974&frm=0&gtm=45He4c90v81...
0
0
Ping
General
Full URL
https://www.googleadservices.com/pagead/set_partitioned_cookie?auid=1722091511.1733800119&url=https%3A%2F%2Froethlisbergerag.ch%2F&ref=www.google.com&tfd=446&tft=1733800118974&frm=0&gtm=45He4c90v810937680za200&tag_exp=101925629~102067555~102067808~102081485&apve=1&gcs=G111&gcd=13t3t3t3t5l1&dma=0&npa=0
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H3
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://www.googleadservices.com/pagead/set_partitioned_cookie?auid=1722091511.1733800119&url=https%3A%2F%2Froethlisbergerag.ch%2F&ref=www.google.com&tfd=446&tft=1733800118974&frm=0&gtm=45He4c90v810937680za200&tag_exp=101925629~102067555~102067808~102081485&apve=1&gcs=G111&gcd=13t3t3t3t5l1&dma=0&npa=0
access-control-expose-headers
date,location,vary,vary,vary,server,content-length
pragma
no-cache
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://roethlisbergerag.ch
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 10 Dec 2024 03:08:39 GMT
x-xss-protection
0
content-type
text/plain
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
js
www.googletagmanager.com/gtag/
317 KB
106 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J55PVMQYQB&l=dataLayer&cx=c&gtm=45He4c90v810937680za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P82Z98V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3949e92d3c8085d2ef97ccd7924f55b6a7fea38c4c6c6d57c802cd4524ccfcfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 10 Dec 2024 03:08:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 03:08:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108222
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/
222 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-5308632&l=dataLayer&cx=c&gtm=45He4c90v810937680za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P82Z98V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ca18f5b1fdab8459925a0d6a62e792b56c2d025f89eeaefa02efc1cfca3b637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 10 Dec 2024 03:08:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 03:08:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
82064
x-xss-protection
0
server
Google Tag Manager
insight.min.js
snap.licdn.com/li.lms-analytics/
2 KB
1006 B
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P82Z98V
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

cache-control
max-age=29068
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
796
date
Tue, 10 Dec 2024 03:08:39 GMT
last-modified
Mon, 02 Dec 2024 19:28:43 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 7713
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Froethlisbergerag.ch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P82Z98V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Dec 2024 03:08:39 GMT
expires
Wed, 10 Dec 2025 03:08:39 GMT
last-modified
Tue, 03 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
web-interactives-embed.js
js-eu1.hubspot.com/
84 KB
25 KB
Script
General
Full URL
https://js-eu1.hubspot.com/web-interactives-embed.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/143998028.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f514ddc18e496f04ad9fad4afcec13d365dfa49efa5dac94d6fff64b95a623
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://roethlisbergerag.ch
Referer
https://roethlisbergerag.ch/

Response headers

x-request-id
4080f422-a9f7-41cb-aed8-4cd18bc58d04
content-encoding
gzip
cf-cache-status
MISS
x-amz-version-id
mNXUuIIWhVdVPzPqyp_sjRXwZmR0sDd4
etag
W/"224467cc4ce3a08f302186b8a1ce03c9"
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F8Zia3yAnwMBgA1eSwOGgx%2BkGa3hfiNrUnWvnmn3uP6CzRmE0bmXq94Fhr9bCq1m8cT%2F5qv%2BRhR075t5Q7YA7Xx%2BHQc%2BK9ooDvmFIAVtBVAmlRTkHKGeTpG9CecR5HOrSM7NTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-cache
RefreshHit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
1RJ_wF2u1OrfJ_4MjmOwCtxb6T7ed4qZgYpTbPkh2YD9-XCaTM82TA==
x-hubspot-correlation-id
4080f422-a9f7-41cb-aed8-4cd18bc58d04
content-type
application/javascript; charset=utf-8
last-modified
Mon, 02 Dec 2024 10:47:31 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-df5c94fff-7wbz9
x-envoy-upstream-service-time
215
x-hs-target-asset
web-interactives-embed/static-2.1869/bundles/project.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Tue, 10 Dec 2024 03:08:39 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1869/bundles/project.js&cfRay=8efa08186a929b22-FRA
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
cf-ray
8efa08186a929b22-FRA
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
FRA56-P8
collectedforms.js
js-eu1.hscollectedforms.net/
70 KB
25 KB
Script
General
Full URL
https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/143998028.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1764bc84ea6abe91f1634b73a5a6c0ebff400461dfea6a4040bd0c03d86caa8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://roethlisbergerag.ch
Referer
https://roethlisbergerag.ch/

Response headers

x-evy-trace-virtual-host
all
x-request-id
687ce9c6-459c-4f0e-b8ad-748ebcc4f781
content-encoding
gzip
cf-cache-status
MISS
etag
W/"ceb8bcb73e5536d8416735a3977d227a"
x-amz-version-id
8IiNiFnnn0n9avBP.k8Mr32sZxpD8Dx_
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
HIT
x-amz-cf-id
qSSbrYnZcAjykJkr-HPpkHK6dYaUocTQMiV6MVa0aJOB1xKHsaZtXg==
date
Tue, 10 Dec 2024 03:08:39 GMT
x-hubspot-correlation-id
687ce9c6-459c-4f0e-b8ad-748ebcc4f781
content-type
application/javascript; charset=utf-8
last-modified
Mon, 09 Dec 2024 13:03:17 UTC
vary
accept-encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-df5c94fff-56wbv
x-envoy-upstream-service-time
2
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.1112/bundles/project.js&cfRay=8efa0818680edca6-FRA
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
cf-ray
8efa0818680edca6-FRA
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
collected-forms-embed-js/static-1.1112/bundles/project.js
x-amz-cf-pop
FRA56-P8
server
cloudflare
x-amz-server-side-encryption
AES256
banner.js
js-eu1.hs-banner.com/v2/143998028/
76 KB
28 KB
Script
General
Full URL
https://js-eu1.hs-banner.com/v2/143998028/banner.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/143998028.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b958c661ccb9ba52ec8b4d3dbc2d9b93864aba60bc8c8f6e3956df4a80ee072a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
71c72bec-386e-42a6-ae12-2ba43017793d
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"b3672eff93e6010dc88149f378c49e5c"
x-amz-version-id
uzn_OxPZjAhGyQCQ1LXHIgVPVMaki.XD
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Tue, 10 Dec 2024 03:13:39 GMT
x-evy-trace-listener
listener_https
date
Tue, 10 Dec 2024 03:08:39 GMT
x-hubspot-correlation-id
71c72bec-386e-42a6-ae12-2ba43017793d
content-type
text/javascript; charset=UTF-8
last-modified
Thu, 24 Oct 2024 19:45:48 GMT
vary
origin, Accept-Encoding
x-amz-id-2
1fmLE8CdUR5jMx9d1eBvIEhjQGBr42HaHu3rL+UUNdx4SG8CZ3rDO/TLnwrMAGYxNgjNaYZwDldjIAR3+LlQu6mNEGLDK/1y
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-7c7578766c-nt2ff
x-envoy-upstream-service-time
64
access-control-allow-credentials
true
x-amz-request-id
WQ9FXXSN3GRC0013
cf-ray
8efa08186c9ad354-FRA
access-control-allow-origin
https://balmer-etienne.ch
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
143998028.js
js-eu1.hs-analytics.net/analytics/1733799900000/
68 KB
25 KB
Script
General
Full URL
https://js-eu1.hs-analytics.net/analytics/1733799900000/143998028.js
Requested by
Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/143998028.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7a60184cb6841f4f3c86285cfe4d081df61cb0c36abed4f3df99abb6477a90b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
c8966e83-91ca-4ccb-99b1-54626bc1fca6
content-encoding
gzip
cf-cache-status
HIT
etag
W/"f175ddff5ad6a7ce1901e226202cd31b"
age
22
expires
Tue, 10 Dec 2024 03:13:17 GMT
x-evy-trace-listener
listener_https
date
Tue, 10 Dec 2024 03:08:39 GMT
x-hubspot-correlation-id
c8966e83-91ca-4ccb-99b1-54626bc1fca6
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 14:53:07 GMT
vary
origin, Accept-Encoding
x-amz-id-2
4b4uSi2txNW3MBm7FzQp6O2a6EA5A+FE0fnzfaZcn72GxfwikpOKvGTsGTzXjMdvbx2xtPAiiNvU3GbGtueY8Kr0Qfy/ogKx
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-74cc458cc9-2dzsw
x-envoy-upstream-service-time
33
access-control-allow-credentials
false
x-amz-request-id
F0V91JTFS33TB5PA
cf-ray
8efa08186b7dbbe3-FRA
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
activityi;dc_pre=CJPd2uGcnIoDFVj0EQgdFi4ZQw;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;u...
5308632.fls.doubleclick.net/ Frame 7468
Redirect Chain
  • https://5308632.fls.doubleclick.net/activityi;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
  • https://5308632.fls.doubleclick.net/activityi;dc_pre=CJPd2uGcnIoDFVj0EQgdFi4ZQw;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;...
0
0
Document
General
Full URL
https://5308632.fls.doubleclick.net/activityi;dc_pre=CJPd2uGcnIoDFVj0EQgdFi4ZQw;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4c90z8810937680za201zb810937680;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Froethlisbergerag.ch%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-5308632&l=dataLayer&cx=c&gtm=45He4c90v810937680za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://roethlisbergerag.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
361
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Dec 2024 03:08:39 GMT
expires
Tue, 10 Dec 2024 03:08:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Dec 2024 03:08:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5308632.fls.doubleclick.net/activityi;dc_pre=CJPd2uGcnIoDFVj0EQgdFi4ZQw;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4c90z8810937680za201zb810937680;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Froethlisbergerag.ch%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gt...
td.doubleclick.net/td/fls/rul/ Frame A785
0
0
Document
General
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4c90z8810937680za201zb810937680;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Froethlisbergerag.ch%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-5308632&l=dataLayer&cx=c&gtm=45He4c90v810937680za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://roethlisbergerag.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Dec 2024 03:08:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=no...
ad.doubleclick.net/
0
23 B
Image
General
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=5308632;type=landing;cat=be01lpfl;ord=6487140200100;npa=0;auiddc=1722091511.1733800119;ps=1;pcor=1497780942;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4c90z8810937680za201zb810937680;gcs=G111;gcd=13t3t3t3t5l1;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Froethlisbergerag.ch%2F?
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Tue, 10 Dec 2024 03:08:39 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"6889399782472501500"}],"aggregatable_trigger_data":[{"filters":[{"14":["8127744"]}],"key_piece":"0xcb4935ead16dd738","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xbd6ddc29eb592b30","not_filters":{"14":["8127744"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"2840234088660737626","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"6889399782472501500","filters":[{"14":["8127744"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"6889399782472501500","filters":[{"14":["8127744"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"6889399782472501500","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"6889399782472501500","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["5308632"]}}
content-type
image/png
x-xss-protection
0
server
cafe
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-J55PVMQYQB&gtm=45je4c90v9104826672z8810937680za200zb810937680&_p=1733800118823&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1462304568.1733800119&ul=de-ch&sr=1600x1200&lps=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733800119&sct=1&seg=0&dl=https%3A%2F%2Froethlisbergerag.ch%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=TREUHAND%20%E2%80%A2%20PR%C3%9CFUNG%20%E2%80%A2%20BERATUNG&en=page_view&_fv=1&_nsi=1&_ss=1&ep.time_of_day=04&ep.content_language=DE&tfd=545
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J55PVMQYQB&l=dataLayer&cx=c&gtm=45He4c90v810937680za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://roethlisbergerag.ch
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 03:08:39 GMT
content-type
text/plain
server
Golfe2
insight.old.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

cache-control
max-age=14908
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14628
date
Tue, 10 Dec 2024 03:08:39 GMT
last-modified
Mon, 02 Dec 2024 10:13:56 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
attribution_trigger
px.ads.linkedin.com/
2 B
815 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=3509697&time=1733800119142&url=https%3A%2F%2Froethlisbergerag.ch%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://roethlisbergerag.ch/

Response headers

x-li-pop
afd-prod-lva1-x
content-encoding
gzip
x-fs-uuid
000628e1cc38465e4c8177d682e5b40e
x-msedge-ref
Ref A: 6D4DE16064444BF28DD02FAFD3342A5C Ref B: ZRHEDGE1715 Ref C: 2024-12-10T03:08:39Z
x-li-fabric
prod-lva1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYo4cw4Rl5MgXfWguW0Dg==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Tue, 10 Dec 2024 03:08:39 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3509697&time=1733800119142&url=https%3A%2F%2Froethlisbergerag.ch%2F
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3509697&time=1733800119142&url=https%3A%2F%2Froethlisbergerag.ch%2F&e_ipv6=AQIlJTfPUmFxyAAAAZOuikvh49gvM7k5y3YvXa0fdOQ-46wxiqzs6VoWO_J3bDT-ME6F
0
482 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3509697&time=1733800119142&url=https%3A%2F%2Froethlisbergerag.ch%2F&e_ipv6=AQIlJTfPUmFxyAAAAZOuikvh49gvM7k5y3YvXa0fdOQ-46wxiqzs6VoWO_J3bDT-ME6F
Requested by
Host: roethlisbergerag.ch
URL: https://roethlisbergerag.ch/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref
Ref A: A36A6AE5BB924983A7AF47FD0FB7FC46 Ref B: ZRHEDGE1217 Ref C: 2024-12-10T03:08:39Z
x-li-fabric
prod-lva1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
AAYo4cw6wHi6SFPIuuIRvw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 10 Dec 2024 03:08:39 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3509697&time=1733800119142&url=https%3A%2F%2Froethlisbergerag.ch%2F&e_ipv6=AQIlJTfPUmFxyAAAAZOuikvh49gvM7k5y3YvXa0fdOQ-46wxiqzs6VoWO_J3bDT-ME6F
x-msedge-ref
Ref A: C9414192DF2442E38DDC1F1B89A9EE80 Ref B: ZRHEDGE1817 Ref C: 2024-12-10T03:08:39Z
x-li-fabric
prod-lva1
x-li-uuid
AAYo4cw4R87vwxRmlPqJDg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Tue, 10 Dec 2024 03:08:38 GMT
json
forms-eu1.hscollectedforms.net/collected-forms/v1/config/
135 B
467 B
XHR
General
Full URL
https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=143998028&utk=
Requested by
Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c2a61c636dd25fc413c1fb4636d61527a574dfa70ae62894762696e2174369
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://roethlisbergerag.ch/

Response headers

x-robots-tag
none
access-control-max-age
180
x-request-id
d5df126e-846b-41e0-bdf1-007d33737605
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
date
Tue, 10 Dec 2024 03:08:39 GMT
x-hubspot-correlation-id
d5df126e-846b-41e0-bdf1-007d33737605
content-type
application/json;charset=utf-8
vary
Accept-Encoding
access-control-allow-headers
*
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-df5c94fff-sml2g
x-envoy-upstream-service-time
3
cf-ray
8efa081918eddca6-FRA
access-control-allow-origin
https://roethlisbergerag.ch
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
combinedConfigs
cta-eu1.hubspot.com/web-interactives/public/v1/embed/
61 B
1 KB
Fetch
General
Full URL
https://cta-eu1.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=143998028&currentUrl=https%3A%2F%2Froethlisbergerag.ch%2F&referrer=https%3A%2F%2Fwww.google.com%2F
Requested by
Host: js-eu1.hubspot.com
URL: https://js-eu1.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.198.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

x-robots-tag
noindex, follow
access-control-max-age
180
x-request-id
7675755e-2b92-43ec-b188-7fe2c5ca94dd
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hG8knRDGRZxJnzwf0TaZafAubVz%2BFE1%2B00%2BUX1hHjFXFncrurRYVBsOAeaveJFFmpVC4zLRZ%2FIALIvE6CEy2eWiJUMY6LdhJAAC4XytL9Wg6nxxQO%2FFYnRHHrL5Ikap06y%2BlhfA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
OPTIONS, GET
x-evy-trace-listener
listener_https
date
Tue, 10 Dec 2024 03:08:39 GMT
x-hubspot-correlation-id
7675755e-2b92-43ec-b188-7fe2c5ca94dd
content-type
application/json;charset=utf-8
vary
origin
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-74fb9b7c66-zsk5s
x-envoy-upstream-service-time
13
access-control-allow-credentials
true
cf-ray
8efa081a9be6d3a8-FRA
access-control-allow-origin
https://roethlisbergerag.ch
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
/
px.ads.linkedin.com/wa/
0
412 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://roethlisbergerag.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref
Ref A: 12F9871CC59F4A35BFE30A76F0004374 Ref B: ZRHEDGE1817 Ref C: 2024-12-10T03:08:39Z
x-li-fabric
prod-lva1
access-control-allow-credentials
true
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
AAYo4cw8pVwV8K7cTLeowg==
x-li-proto
http/2
access-control-allow-origin
https://roethlisbergerag.ch
x-cache
CONFIG_NOCACHE
date
Tue, 10 Dec 2024 03:08:39 GMT
vary
Origin
__ptq.gif
track-eu1.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-ch&bfp=3944714822&v=1.1&a=143998028&rcu=https%3A%2F%2Fbalmer-etienne.ch%2F&r=https%3A%2F%2Fwww.google.com%2F&pu=https%3A%2F%2Froethlisbergerag.ch%2F&t=TREUHAND+%E2%80%A2+PR%C3%9CFUNG+%E2%80%A2+BERATUNG&cts=1733800119488&vi=c52c3eb6d04f4dc5c7d549220b3a80d2&nc=true&u=17788582.c52c3eb6d04f4dc5c7d549220b3a80d2.1733800119486.1733800119486.1733800119486.1&b=17788582.1.1733800119486&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

x-robots-tag
none
x-request-id
df72ef3f-3c90-42f4-b62b-47fcdee54ff0
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJCLtQ%2Fvem0Xx6mVgyw4BF2vVxAVKrvwk1f%2B6pZYB5klOGrHhrcrUbxSzE4Tw0o2qGopW7no00qH7IjReoSIAOqX9DNP043JodijPTRbFBMw%2FA1rinOf4BsaVAH0NOpdHRWnQ25bmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Tue, 10 Dec 2024 03:08:39 GMT
x-hubspot-correlation-id
df72ef3f-3c90-42f4-b62b-47fcdee54ff0
content-type
image/gif
last-modified
Tue, 10 Dec 2024 03:08:39 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-594546558b-5dclw
x-envoy-upstream-service-time
2
access-control-allow-credentials
false
cf-ray
8efa081b6cdfdc74-FRA
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
favicon-32x32.png
balmer-etienne.ch//assets/favicons/
808 B
966 B
Other
General
Full URL
https://balmer-etienne.ch//assets/favicons/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.4.109 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
s100.cyon.net
Software
/
Resource Hash
bc9558dcfb31af0089f04b64815218fe56d3429ab07477052a911df5cfa20a72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

cache-control
public, max-age=604800
etag
"328-648b05c1-3ee638c94d0d96f8;;;"
expires
Tue, 17 Dec 2024 03:08:39 GMT
accept-ranges
bytes
content-length
808
date
Tue, 10 Dec 2024 03:08:39 GMT
content-type
image/png
last-modified
Thu, 15 Jun 2023 12:36:17 GMT
counters.gif
perf-eu1.hsforms.com/embed/v3/
35 B
1 KB
Image
General
Full URL
https://perf-eu1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://roethlisbergerag.ch/

Response headers

x-robots-tag
none
x-request-id
9554ea86-9f98-4f80-b4df-73b4b76e39d4
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Tue, 10 Dec 2024 03:08:39 GMT
x-hubspot-correlation-id
9554ea86-9f98-4f80-b4df-73b4b76e39d4
Content-Type
image/gif
vary
origin, Accept-Encoding
Last-Modified
Tue, 10 Dec 2024 03:08:39 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-74fb9b7c66-f4ffz
x-envoy-upstream-service-time
2
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8efa081b6f209128-FRA
Accept-Ranges
bytes
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| gtag object| dataLayer boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id function| hideBanner function| shouldCheckReConsent object| btnAcceptAll string| lutPrivacyUrlPath string| urlPath function| setConsent object| _hsp function| onYouTubeIframeAPIReady object| gaGlobal function| lintrk boolean| _already_called_lintrk object| __hsCollectedFormsDebug object| _hsq function| sanitizeKey boolean| _hstc_loaded object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| hsConversationsOnReady object| HubSpotCallsToActions boolean| hubspot_web_interactives_running object| ORIBILI boolean| _hstc_ran string| __hsUserToken number| expireDateTime

17 Cookies

Domain/Path Name / Value
.roethlisbergerag.ch/ Name: _gcl_au
Value: 1.1.1722091511.1733800119
.roethlisbergerag.ch/ Name: _ga_J55PVMQYQB
Value: GS1.1.1733800119.1.0.1733800119.0.0.0
.roethlisbergerag.ch/ Name: _ga
Value: GA1.1.1462304568.1733800119
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmSTnB5fWPA5tR-OvOnCSODC-Kco8fgPVKH01hdj06gxSx_OEbiywUMjSicSRc
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&216277fd-3ad7-4697-86dd-d6fe6e49618d"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MzM4MDAxMTk7MjswMjHFShHEhNyAx46Ttb90jYzpvHpH3Zx9jNJvabmMxlbosw==
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3407:u=1:x=1:i=1733800119:t=1733886519:v=2:sig=AQFpYffk6JRYVZDEVERTNqcxNVJB2V21"
roethlisbergerag.ch/ Name: __hstc
Value: 17788582.c52c3eb6d04f4dc5c7d549220b3a80d2.1733800119486.1733800119486.1733800119486.1
roethlisbergerag.ch/ Name: hubspotutk
Value: c52c3eb6d04f4dc5c7d549220b3a80d2
roethlisbergerag.ch/ Name: __hssrc
Value: 1
roethlisbergerag.ch/ Name: __hssc
Value: 17788582.1.1733800119486
.hsforms.com/ Name: __cf_bm
Value: MqobLFBFwgQt8Kn6DR0GvUUiINEnvDPp6HyuHFPfOfM-1733800119-1.0.1.1-wWpKO3wBhrDjhvrhg1hYxM7UzI6.GrH0jpOGwa4GeH9cbVaqYIlb0TR8zTLfZmjVF0SxJNIr2KqQZ9Sbh_qCtw
.hsforms.com/ Name: _cfuvid
Value: 1qmMwIZRdfFsew2TfotmT_ZDvFS6EkiPnltVj780fdo-1733800119604-0.0.1.1-604800000
.hubspot.com/ Name: __cf_bm
Value: YtUks9ZiY2cZNeOKmBR.QhA0BeiY_RnfM9dX1ILqLXc-1733800119-1.0.1.1-8IZ314u6kGrAj4kCathft9W3vznyXZLaqmPa3XzFuYzcCwV5h1XhOBm1xcmIBjCIdaqhtU7xX32FsMpUNpfdkQ
.hubspot.com/ Name: _cfuvid
Value: 3TzHoLbuhh6lGG8WWpIg9nT.j9aZ_LziU8PvbYuro4k-1733800119610-0.0.1.1-604800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5308632.fls.doubleclick.net
ad.doubleclick.net
balmer-etienne.ch
cta-eu1.hubspot.com
forms-eu1.hscollectedforms.net
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
js-eu1.hubspot.com
perf-eu1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
roethlisbergerag.ch
snap.licdn.com
td.doubleclick.net
track-eu1.hubspot.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
13.107.42.14
142.250.186.134
142.250.186.166
149.126.4.109
172.217.18.4
172.65.192.122
172.65.198.159
172.65.202.201
172.65.208.22
172.65.232.43
172.65.236.181
172.65.238.60
172.65.240.166
2001:4860:4802:32::36
216.58.206.66
2620:1ec:21::14
2a00:1450:4001:803::2008
2a00:1450:4001:82a::2002
2a01:ab20:0:4::109
2a02:26f0:3500:10::210:a99
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
0c7dfece551f74e4368bc01ed4a8eaeebc6fbe3f77982cfc7c3c2fc652cbf59e
0ca18f5b1fdab8459925a0d6a62e792b56c2d025f89eeaefa02efc1cfca3b637
10d8e0e380054add90e162cb24091bb4c6dab2f3f467497ba112e862df6c9d6d
13571f4e1432c531b869154eb6af5dc7de35a7515f4e152af2733aba23c6b976
1764bc84ea6abe91f1634b73a5a6c0ebff400461dfea6a4040bd0c03d86caa8b
2947fbc477d4e2dcc67f3562cab55472144256a795225124f2d6c4582ff843d6
34f28f0bd90975c16c22fa959c1fdee1b9bc9079c003d3629583dababacac6c4
3949e92d3c8085d2ef97ccd7924f55b6a7fea38c4c6c6d57c802cd4524ccfcfb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5a6a267ec6633db3bb2b652b8e44d3fe9af224463f3428649c591aa8db2a516d
5f0cc21992676bf5e0c2367d1599134947e7adca5b18fedcddc5be033f072321
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74c2a61c636dd25fc413c1fb4636d61527a574dfa70ae62894762696e2174369
82dca81cff6869f0330afcf0548d8235a60c477dd0a6dc892a47107ca0fee67f
84bd35010d92f12f90e766dba1cac13556e07ed820b6f938cfe73c97d993d8e7
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
af2f7500f906f1905ee2763ced51bfbbe211f8bfb33ec0e5b4cf6eb93525bed3
b958c661ccb9ba52ec8b4d3dbc2d9b93864aba60bc8c8f6e3956df4a80ee072a
bc9558dcfb31af0089f04b64815218fe56d3429ab07477052a911df5cfa20a72
bd053132ffbcb72341457c3e1286a607bb3271dbf2f90463327367fd29232ac7
c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc
c64b5535f5192bf4555825028f7112ae4423d4f8ffcd0c37050d4dbf02955cc5
d5413b928750fa34f07acc3c0f69b4e6f98428d3a590a994e4d45ca04b3d3c4d
d6f514ddc18e496f04ad9fad4afcec13d365dfa49efa5dac94d6fff64b95a623
d7a60184cb6841f4f3c86285cfe4d081df61cb0c36abed4f3df99abb6477a90b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e11123603b9c089edc5826411904937bd2ac3fed8f8d7a8a2c4068f9e0c1074a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f88db524318a25aae2f13f4caa93c89e70cb459dd1281e2663ca4407e2cded00