www.mhboeden.ch Open in urlscan Pro
2a01:ab20:0:4::97 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mhboeden.ch/
Effective URL:
https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Submission: On December 26 via api (December 26th 2024, 6:16:50 am UTC) from CH — Scanned from CH

Summary HTTP 36 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 36 HTTP transactions. The main IP is 2a01:ab20:0:4::97, located in Switzerland and belongs to CYON cyon GmbH, CH. The main domain is www.mhboeden.ch.
TLS certificate: Issued by R11 on December 22nd 2024. Valid for: 3 months.

This is the only time www.mhboeden.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 27	2a01:ab20:0:4... 2a01:ab20:0:4::97	47302 (CYON cyon...) (CYON cyon GmbH)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	172.66.40.140 172.66.40.140	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:443c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
36	5

27 2a01:ab20:0:4::97 (Switzerland) 2 redirects

ASN47302 (CYON cyon GmbH, CH)

mhboeden.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mhboeden.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.66.40.140 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ofri.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:443c (United States)

ASN13335 (CLOUDFLARENET, US)

widgetlogic.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	mhboeden.ch 2 redirects mhboeden.ch www.mhboeden.ch	1 MB
5	gstatic.com fonts.gstatic.com	80 KB
4	ofri.ch www.ofri.ch	17 KB
1	widgetlogic.org widgetlogic.org — Cisco Umbrella Rank: 25765	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
36	5

	Domain	Requested by
25	www.mhboeden.ch	www.mhboeden.ch
5	fonts.gstatic.com	fonts.googleapis.com
4	www.ofri.ch	www.mhboeden.ch www.ofri.ch
2	mhboeden.ch	2 redirects
1	widgetlogic.org	www.mhboeden.ch
1	fonts.googleapis.com	www.mhboeden.ch
36	6

This site contains links to these domains. Also see Links.

Domain
www.ofri.ch

Subject Issuer	Validity	Valid
mhboeden.ch R11	`2024-12-22` - `2025-03-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
ofri.ch WE1	`2024-12-11` - `2025-03-11`	3 months	crt.sh
widgetlogic.org WE1	`2024-11-30` - `2025-02-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Frame ID: 43E5E8568E363AD6F04E256A8D051AA7
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MH Böden | Parkett & mehr…

Page URL History Show full URLs

https://mhboeden.ch/ HTTP 302
https://mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750 HTTP 301
https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

36
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

1462 kB
Transfer

1829 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ofri.ch/MHBoedenHuberMarco?utm_campaign=profile_widget&utm_source=www.mhboeden.ch

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mhboeden.ch/ HTTP 302
https://mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750 HTTP 301
https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.mhboeden.ch/
Redirect Chain

https://mhboeden.ch/
https://mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

41 KB
12 KB

352ms
254ms

Document
text/html

2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: a889210286c7ad91b87d1fcf3a98c4dc6ee674872c6b62b648fb8e7ee378dffc

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=0
content-encoding: br
content-length: 11880
content-type: text/html; charset=UTF-8
date: Thu, 26 Dec 2024 06:16:46 GMT
expires: Thu, 26 Dec 2024 06:16:45 GMT
link: <https://www.mhboeden.ch/wp-json/>; rel="https://api.w.org/" <https://www.mhboeden.ch/wp-json/wp/v2/pages/18>; rel="alternate"; title="JSON"; type="application/json" <https://www.mhboeden.ch/>; rel=shortlink
vary: Accept-Encoding,Accept-Encoding
x-ua-compatible: IE=edge

Redirect headers

cache-control: public, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 26 Dec 2024 06:16:45 GMT
expires: Thu, 26 Dec 2024 06:16:45 GMT
location: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
vary: Accept-Encoding
x-redirect-by: WordPress
x-ua-compatible: IE=edge

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 86ms
31ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700|Work+Sans:100,200,300,regular,500,600,700,800,900

Requested by

Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

742d9b54e7f694a7ed0e177cbe5671559408dc15c12bf54218d6c08197b83fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 06:16:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 26 Dec 2024 06:16:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 dashicons.min.css
www.mhboeden.ch/site/wp-includes/css/ 58 KB
34 KB 46ms
45ms Stylesheet
text/css 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-includes/css/dashicons.min.css?ver=6.6.2
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 35110
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 25 Jan 2024 15:47:35 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 extra.min.css
www.mhboeden.ch/site/wp-content/plugins/menu-icons/css/ 815 B
325 B 63ms
62ms Stylesheet
text/css 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/plugins/menu-icons/css/extra.min.css?ver=0.13.15
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 271
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 13 Sep 2024 15:00:38 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 style.min.css
www.mhboeden.ch/site/wp-includes/css/dist/block-library/ 110 KB
14 KB 63ms
62ms Stylesheet
text/css 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 13903
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 13 Sep 2024 15:04:52 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 widget.css
www.mhboeden.ch/site/wp-content/plugins/widget-logic/block_widget/css/ 119 B
172 B 61ms
60ms Stylesheet
text/css 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/plugins/widget-logic/block_widget/css/widget.css?ver=1726239645
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: aa4dc37c957954867c8db50509090c678a7e13fcc899edfb119466d3b29d4477

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 119
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 13 Sep 2024 15:00:45 GMT
vary: Accept-Encoding,Accept-Encoding

GET
H2 200 all.min.css
www.mhboeden.ch/site/wp-content/themes/generatepress/assets/css/ 31 KB
6 KB 46ms
45ms Stylesheet
text/css 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/themes/generatepress/assets/css/all.min.css?ver=3.5.1
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 055ef475667e372a72837c36d14d128c9a6ab95201042f8766516597e1c55174

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 6460
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 13 Sep 2024 15:04:05 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 font-icons.min.css
www.mhboeden.ch/site/wp-content/themes/generatepress/assets/css/components/ 3 KB
712 B 63ms
62ms Stylesheet
text/css 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.5.1
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 584b10df5af4716257aae636285c55f27e9a970412fa831dd66023efabb84b48

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 680
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 13 Sep 2024 15:04:05 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 style.css
www.mhboeden.ch/site/wp-content/themes/generatepress_child/ 1 KB
475 B 71ms
70ms Stylesheet
text/css 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/themes/generatepress_child/style.css?ver=1567425047
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 4397669abae0a85b96d9e878631b1a71260cfdcc3354a98947ba71498173b15f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 421
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: text/css; charset=UTF-8
last-modified: Mon, 02 Sep 2019 11:50:47 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 wp-featherlight.min.css
www.mhboeden.ch/site/wp-content/plugins/wp-featherlight/css/ 5 KB
1 KB 62ms
62ms Stylesheet
text/css 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.4
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 1233
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: text/css; charset=UTF-8
last-modified: Sat, 08 Jan 2022 11:32:54 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 sticky.min.css
www.mhboeden.ch/site/wp-content/plugins/gp-premium/menu-plus/functions/css/ 2 KB
472 B 71ms
70ms Stylesheet
text/css 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/plugins/gp-premium/menu-plus/functions/css/sticky.min.css?ver=2.5.0
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 2e858a3bf02390ad4f8a5db4f1b4b979d96db387f48f1c6069557bc369ee6662

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 421
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 13 Sep 2024 15:00:31 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 navigation-branding.min.css
www.mhboeden.ch/site/wp-content/plugins/gp-premium/menu-plus/functions/css/ 3 KB
615 B 72ms
71ms Stylesheet
text/css 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/plugins/gp-premium/menu-plus/functions/css/navigation-branding.min.css?ver=2.5.0
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 583
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: text/css; charset=UTF-8
last-modified: Fri, 13 Sep 2024 15:00:31 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 jquery.min.js Show response
www.mhboeden.ch/site/wp-includes/js/jquery/ 86 KB
29 KB 76ms
75ms Script
application/javascript 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 29744
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 25 Jan 2024 15:47:35 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 jquery-migrate.min.js Show response
www.mhboeden.ch/site/wp-includes/js/jquery/ 13 KB
5 KB 76ms
75ms Script
application/javascript 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 4678
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 25 Jan 2024 15:47:35 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 mh-boeden-logo-1@1x.png
www.mhboeden.ch/site/wp-content/uploads/2019/08/ 5 KB
5 KB 25ms
24ms Image
image/png 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mhboeden.ch/site/wp-content/uploads/2019/08/mh-boeden-logo-1@1x.png
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 098443881c72ac25e2e141812954124ead57e135d05afe089cd51d65be9a77ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=10368000,public,public
expires: Fri, 25 Apr 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 5567
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: image/png
last-modified: Mon, 02 Sep 2019 11:50:47 GMT
vary: Accept-Encoding,Accept-Encoding

GET
H2 200 mh-boeden-logo-1@2x.png
www.mhboeden.ch/site/wp-content/uploads/2019/08/ 10 KB
10 KB 22ms
20ms Image
image/png 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mhboeden.ch/site/wp-content/uploads/2019/08/mh-boeden-logo-1@2x.png
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 80bc4dfbda6c7088a4649b41d83f8635ff61f576199b83b4840a5e8dd7d868b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=10368000,public,public
expires: Fri, 25 Apr 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 10230
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: image/png
last-modified: Mon, 02 Sep 2019 11:50:47 GMT
vary: Accept-Encoding,Accept-Encoding

GET
H3 200 profile_widget.js Show response
www.ofri.ch/widgets/ 878 B
3 KB 74ms
32ms Script
application/javascript 172.66.40.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofri.ch/widgets/profile_widget.js

Requested by

Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca070d6203c5764371c0501c5e042b8ec1953937caeab1a0e21cd785fa4e409

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: ws: vimeo.com rebound.postmarkapp.com .ofri.ch ofri.matomo.cloud gist-queue-consumer-api.cloud.gist.build .posthog.com .sentry.io sentry.ofri.dev; font-src 'self' data: .ofri.ch fonts.gstatic.com fonts.googleapis.com; form-action 'self' ofri.us1.list-manage.com ofri-forms.typeform.com; frame-ancestors 'none'; frame-src 'self' player.vimeo.com ofri.payrexx.com .widget.cluster.groovehq.com renderer.gist.build code.gist.build dispatcher.payrexx.com .postfinance.ch www.youtube.com; img-src 'self' blob: data: .vimeocdn.com .cloudinary.com .openstreetmap.org .ofri.ch ofri.matomo.cloud track-eu.customer.io ofri-files-production.s3.eu-central-1.amazonaws.com s3-eu-central-1.amazonaws.com/ofri-files-production/ s3-eu-west-1.amazonaws.com/file-bucket-prod/; manifest-src 'self' ofri.cloudflareaccess.com .ofri.ch; media-src 'self' data: .widget.cluster.groovehq.com ofri-files-production.s3.eu-central-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' ajax.cloudflare.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' blob: .ofri.ch ofri.cloudflareaccess.com code.gist.build .cloudflare.com .cluster.groovehq.com .customer.io .matomo.cloud .posthog.com .postmarkapp.com www.youtube.com; style-src 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css .ofri.ch fonts.googleapis.com ofri.cloudflareaccess.com; worker-src 'self' blob:; report-uri /csp/violation
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/

Response headers

x-request-id: 8764da62-31c4-427c-b431-6e9882eb91ca
content-encoding: br
cf-cache-status: HIT
etag: W/"2ca070d6203c5764371c0501c5e042b8"
age: 57920
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3R5uFGrC1KnLYTb8%2BGjx%2FVjxEnZBYo3k%2BZ9IrfvdOmz34nX94ga1K%2BZqPY9Xu4JMMFjmXxmWBNMIh5FRUjOS0lXkCyWeT%2FSnuAJI5jV%2FC1LrPvl0nKPEz6Q%2BT%2Byp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 14:11:26 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14194&min_rtt=13964&rtt_var=3071&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4232&recv_bytes=4353&delivery_rate=44293&cwnd=12000&unsent_bytes=0&cid=a93531be0c2d8058&ts=35&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: application/javascript
content-disposition: attachment
vary: Origin, Accept-Encoding
x-runtime: 0.005099
x-frame-options: DENY
strict-transport-security: max-age=604800
content-security-policy: default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: ws: vimeo.com rebound.postmarkapp.com *.ofri.ch ofri.matomo.cloud gist-queue-consumer-api.cloud.gist.build *.posthog.com *.sentry.io sentry.ofri.dev; font-src 'self' data: *.ofri.ch fonts.gstatic.com fonts.googleapis.com; form-action 'self' ofri.us1.list-manage.com ofri-forms.typeform.com; frame-ancestors 'none'; frame-src 'self' player.vimeo.com ofri.payrexx.com *.widget.cluster.groovehq.com renderer.gist.build code.gist.build dispatcher.payrexx.com *.postfinance.ch www.youtube.com; img-src 'self' blob: data: *.vimeocdn.com *.cloudinary.com *.openstreetmap.org *.ofri.ch ofri.matomo.cloud track-eu.customer.io ofri-files-production.s3.eu-central-1.amazonaws.com s3-eu-central-1.amazonaws.com/ofri-files-production/ s3-eu-west-1.amazonaws.com/file-bucket-prod/; manifest-src 'self' ofri.cloudflareaccess.com *.ofri.ch; media-src 'self' data: *.widget.cluster.groovehq.com ofri-files-production.s3.eu-central-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' ajax.cloudflare.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' blob: *.ofri.ch ofri.cloudflareaccess.com code.gist.build *.cloudflare.com *.cluster.groovehq.com *.customer.io *.matomo.cloud *.posthog.com *.postmarkapp.com www.youtube.com; style-src 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css *.ofri.ch fonts.googleapis.com ofri.cloudflareaccess.com; worker-src 'self' blob:; report-uri /csp/violation
cache-control: public, max-age=86400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=2,i=?0
content-transfer-encoding: binary
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8f7ef1a8190d24c4-ZRH
document-policy: js-profiling
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 Marco-Huber.jpg
www.mhboeden.ch/site/wp-content/uploads/2019/08/ 110 KB
110 KB 78ms
77ms Image
image/jpeg 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mhboeden.ch/site/wp-content/uploads/2019/08/Marco-Huber.jpg
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 09b9a371dd9a8ebd648a4cd274f264db76270b8b10e8211833557d1393107ad7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=10368000,public,public
expires: Fri, 25 Apr 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 112589
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: image/jpeg
last-modified: Mon, 02 Sep 2019 11:50:47 GMT
vary: Accept-Encoding,Accept-Encoding

GET
H2 200 sticky.min.js Show response
www.mhboeden.ch/site/wp-content/plugins/gp-premium/menu-plus/functions/js/ 8 KB
3 KB 22ms
21ms Script
application/javascript 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.5.0
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 57d35f39158ef6990a75261c466b5c93e3f441b5b05426a35975fc3f31c19c45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 2668
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 13 Sep 2024 15:00:31 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 data.js Show response
widgetlogic.org/v2/js/ 142 KB
48 KB 88ms
22ms Script
application/javascript 2606:4700:20::ac43:443c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetlogic.org/v2/js/data.js?t=1735171200&ver=6.0.0
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:443c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d776c63d493ac317851168f69d80cf10c45fee96f53db1e0a18d59c1cf77f28

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/

Response headers

cache-control: public, max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
pragma: public
age: 11209
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vqaHEeIjBN6zLnKUfnGhkY19oTlmzXh0cuCvgA7tiWmFZoEQzbkjQn1qM5wqYMKcDC5amFnQtn6DnGTFGgf%2FGNzFh9uGWvaB7JeOx6IVTtbUBEoTf843P2VlonlRkay%2BZ3u%2FGx9UeRBg%2BWHq3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f7ef1a8dca2bc68-ZRH
expires: Thu, 26 Dec 2024 15:09:57 GMT
server-timing: cfL4;desc="?proto=TCP&rtt=16268&min_rtt=13699&rtt_var=6754&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3987&recv_bytes=2262&delivery_rate=184194&cwnd=252&unsent_bytes=0&cid=037061a7cb025c6b&ts=34&x=0"
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Thu, 26 Dec 2024 03:09:57 GMT

GET
H2 200 menu.min.js Show response
www.mhboeden.ch/site/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 26ms
26ms Script
application/javascript 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.5.1
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 1678
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 13 Sep 2024 15:04:05 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 back-to-top.min.js Show response
www.mhboeden.ch/site/wp-content/themes/generatepress/assets/js/ 737 B
369 B 27ms
26ms Script
application/javascript 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.5.1
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 3310986e26439bd35318188bd35b0c326bd3334e6699ca0469fd4f0b7d497098

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 337
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 13 Sep 2024 15:04:05 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 wpFeatherlight.pkgd.min.js Show response
www.mhboeden.ch/site/wp-content/plugins/wp-featherlight/js/ 14 KB
5 KB 26ms
26ms Script
application/javascript 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.4
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=31536000,public,public
content-encoding: br
expires: Fri, 26 Dec 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 4839
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 08 Jan 2022 11:32:54 GMT
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding

GET
H2 200 mh-boeden-bg-1-e1613433603107.png
www.mhboeden.ch/site/wp-content/uploads/2018/08/ 999 KB
1000 KB 22ms
22ms Image
image/png 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mhboeden.ch/site/wp-content/uploads/2018/08/mh-boeden-bg-1-e1613433603107.png
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: c2b82927ac9c25a19d64969bd98afb259171eb02a9f587887a083da8de11e114

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=10368000,public,public
expires: Fri, 25 Apr 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 1023058
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: image/png
last-modified: Tue, 16 Feb 2021 00:00:04 GMT
vary: Accept-Encoding,Accept-Encoding

GET
H3 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 71ms
35ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700|Work+Sans:100,200,300,regular,500,600,700,800,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.mhboeden.ch
Referer: https://fonts.googleapis.com/

Response headers

age: 162029
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Dec 2025 09:16:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 09:16:17 GMT
last-modified: Wed, 04 Dec 2024 06:53:49 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7840
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 59ms
24ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700|Work+Sans:100,200,300,regular,500,600,700,800,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.mhboeden.ch
Referer: https://fonts.googleapis.com/

Response headers

age: 163024
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Dec 2025 08:59:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 08:59:42 GMT
last-modified: Wed, 04 Dec 2024 06:54:05 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H3 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 49 KB
50 KB 71ms
36ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700|Work+Sans:100,200,300,regular,500,600,700,800,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.mhboeden.ch
Referer: https://fonts.googleapis.com/

Response headers

age: 169436
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Dec 2025 07:12:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 07:12:50 GMT
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50668
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 64ms
28ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700|Work+Sans:100,200,300,regular,500,600,700,800,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.mhboeden.ch
Referer: https://fonts.googleapis.com/

Response headers

age: 162445
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Dec 2025 09:09:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 09:09:21 GMT
last-modified: Wed, 04 Dec 2024 06:53:31 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 78ms
43ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,regular,500,600,700|Work+Sans:100,200,300,regular,500,600,700,800,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.mhboeden.ch
Referer: https://fonts.googleapis.com/

Response headers

age: 163004
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 24 Dec 2025 09:00:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 09:00:02 GMT
last-modified: Wed, 04 Dec 2024 06:53:03 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H2 200 generatepress.woff2
www.mhboeden.ch/site/wp-content/themes/generatepress/assets/fonts/ 1 KB
1 KB 22ms
21ms Font
font/woff2 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/themes/generatepress/assets/fonts/generatepress.woff2
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/site/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.mhboeden.ch
Referer: https://www.mhboeden.ch/site/wp-content/themes/generatepress/assets/css/components/font-icons.min.css?ver=3.5.1

Response headers

cache-control: public, max-age=10368000
expires: Fri, 25 Apr 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 1264
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: font/woff2
last-modified: Fri, 13 Sep 2024 15:04:05 GMT
vary: Accept-Encoding,Accept-Encoding

GET
H2 200 mh-boeden-impressionen.jpg
www.mhboeden.ch/site/wp-content/uploads/2019/08/ 49 KB
49 KB 23ms
22ms Image
image/jpeg 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mhboeden.ch/site/wp-content/uploads/2019/08/mh-boeden-impressionen.jpg
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: bc82eb04ca9fd03c9a2a4268ea9bb087f222eef52426df995a0423d25f96262b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=10368000,public,public
expires: Fri, 25 Apr 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 50514
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: image/jpeg
last-modified: Mon, 02 Sep 2019 11:50:47 GMT
vary: Accept-Encoding,Accept-Encoding

GET
H2 200 mh-boeden-logo-600.png
www.mhboeden.ch/site/wp-content/uploads/2019/08/ 25 KB
25 KB 41ms
38ms Image
image/png 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mhboeden.ch/site/wp-content/uploads/2019/08/mh-boeden-logo-600.png
Requested by: Host: www.mhboeden.ch
URL: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: fe9ad90f945dc941dcb91ec916a5a997a5babc38178379c72ada4c2072ebaf79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=10368000,public,public
expires: Fri, 25 Apr 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 25284
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: image/png
last-modified: Mon, 02 Sep 2019 11:50:47 GMT
vary: Accept-Encoding,Accept-Encoding

GET
H3 200 rating.json Show response
www.ofri.ch/api/users/ 68 B
2 KB 102ms
102ms Fetch
application/json 172.66.40.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofri.ch/api/users/rating.json?token=0fcbb7e06140e43d709774884b3e1ff8bae75b86

Requested by

Host: www.ofri.ch
URL: https://www.ofri.ch/widgets/profile_widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

364b9644eb69e756673d68a2d745f8186a7f81a26bbee4b9b70058e6bfcf084f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: ws: vimeo.com rebound.postmarkapp.com .ofri.ch ofri.matomo.cloud gist-queue-consumer-api.cloud.gist.build .posthog.com .sentry.io sentry.ofri.dev; font-src 'self' data: .ofri.ch fonts.gstatic.com fonts.googleapis.com; form-action 'self' ofri.us1.list-manage.com ofri-forms.typeform.com; frame-ancestors 'none'; frame-src 'self' player.vimeo.com ofri.payrexx.com .widget.cluster.groovehq.com renderer.gist.build code.gist.build dispatcher.payrexx.com .postfinance.ch www.youtube.com; img-src 'self' blob: data: .vimeocdn.com .cloudinary.com .openstreetmap.org .ofri.ch ofri.matomo.cloud track-eu.customer.io ofri-files-production.s3.eu-central-1.amazonaws.com s3-eu-central-1.amazonaws.com/ofri-files-production/ s3-eu-west-1.amazonaws.com/file-bucket-prod/; manifest-src 'self' ofri.cloudflareaccess.com .ofri.ch; media-src 'self' data: .widget.cluster.groovehq.com ofri-files-production.s3.eu-central-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' ajax.cloudflare.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' blob: .ofri.ch ofri.cloudflareaccess.com code.gist.build .cloudflare.com .cluster.groovehq.com .customer.io .matomo.cloud .posthog.com .postmarkapp.com www.youtube.com; style-src 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css .ofri.ch fonts.googleapis.com ofri.cloudflareaccess.com; worker-src 'self' blob:; report-uri /csp/violation
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/

Response headers

access-control-max-age: 7200
x-request-id: 998a0c19-65e0-4b53-8982-8274ecd43d23
access-control-expose-headers
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"364b9644eb69e756673d68a2d745f818"
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K2odDbYGn2TjUxCPH85SGciL7KJ%2BbyEfqKnCCrId0Ia9d0cNkpYeZE37zW%2B58cQzI40mqxbkt97SVIkWk2QikWjnAjB6nzn6RpvPlkyBSS%2Btoe6ESZsRO5g3rrYT"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14230&min_rtt=13944&rtt_var=1875&sent=11&recv=10&lost=0&retrans=0&sent_bytes=2678&recv_bytes=4351&delivery_rate=707&cwnd=12000&unsent_bytes=0&cid=09df73ed47ac972e&ts=87&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-runtime: 0.011741
priority: u=1,i
x-frame-options: DENY
strict-transport-security: max-age=604800
content-security-policy: default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: ws: vimeo.com rebound.postmarkapp.com *.ofri.ch ofri.matomo.cloud gist-queue-consumer-api.cloud.gist.build *.posthog.com *.sentry.io sentry.ofri.dev; font-src 'self' data: *.ofri.ch fonts.gstatic.com fonts.googleapis.com; form-action 'self' ofri.us1.list-manage.com ofri-forms.typeform.com; frame-ancestors 'none'; frame-src 'self' player.vimeo.com ofri.payrexx.com *.widget.cluster.groovehq.com renderer.gist.build code.gist.build dispatcher.payrexx.com *.postfinance.ch www.youtube.com; img-src 'self' blob: data: *.vimeocdn.com *.cloudinary.com *.openstreetmap.org *.ofri.ch ofri.matomo.cloud track-eu.customer.io ofri-files-production.s3.eu-central-1.amazonaws.com s3-eu-central-1.amazonaws.com/ofri-files-production/ s3-eu-west-1.amazonaws.com/file-bucket-prod/; manifest-src 'self' ofri.cloudflareaccess.com *.ofri.ch; media-src 'self' data: *.widget.cluster.groovehq.com ofri-files-production.s3.eu-central-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' ajax.cloudflare.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' blob: *.ofri.ch ofri.cloudflareaccess.com code.gist.build *.cloudflare.com *.cluster.groovehq.com *.customer.io *.matomo.cloud *.posthog.com *.postmarkapp.com www.youtube.com; style-src 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css *.ofri.ch fonts.googleapis.com ofri.cloudflareaccess.com; worker-src 'self' blob:; report-uri /csp/violation
cache-control: max-age=0, private, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8f7ef1a9389901db-ZRH
document-policy: js-profiling
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 cropped-mh-boeden-favicon-32x32.png
www.mhboeden.ch/site/wp-content/uploads/2019/09/ 1 KB
2 KB 20ms
20ms Other
image/png 2a01:ab20:0:4::97
CYON cyon GmbH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mhboeden.ch/site/wp-content/uploads/2019/09/cropped-mh-boeden-favicon-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:4::97 , Switzerland, ASN47302 (CYON cyon GmbH, CH),
Reverse DNS
Software: /
Resource Hash: 008a1187f81d35916eceeb03d93d86463fcc229e306e9f78f0f0063f3c6d4b8c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/?doing_wp_cron=1735193805.4928278923034667968750

Response headers

cache-control: public, max-age=10368000,public,public
expires: Fri, 25 Apr 2025 06:16:46 GMT
accept-ranges: bytes
content-length: 1529
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: image/png
last-modified: Mon, 02 Sep 2019 13:50:16 GMT
vary: Accept-Encoding,Accept-Encoding

GET
H3 200 profile_widget.html Show response
www.ofri.ch/widgets/ 270 B
2 KB 55ms
55ms Fetch
text/html 172.66.40.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ofri.ch/widgets/profile_widget.html?token=0fcbb7e06140e43d709774884b3e1ff8bae75b86&rating=5

Requested by

Host: www.ofri.ch
URL: https://www.ofri.ch/widgets/profile_widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d704da2e55cd22e762710cff947d957a80c8f2e29397c81fc25041c249c23ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: ws: vimeo.com rebound.postmarkapp.com .ofri.ch ofri.matomo.cloud gist-queue-consumer-api.cloud.gist.build .posthog.com .sentry.io sentry.ofri.dev; font-src 'self' data: .ofri.ch fonts.gstatic.com fonts.googleapis.com; form-action 'self' ofri.us1.list-manage.com ofri-forms.typeform.com; frame-ancestors 'none'; frame-src 'self' player.vimeo.com ofri.payrexx.com .widget.cluster.groovehq.com renderer.gist.build code.gist.build dispatcher.payrexx.com .postfinance.ch www.youtube.com; img-src 'self' blob: data: .vimeocdn.com .cloudinary.com .openstreetmap.org .ofri.ch ofri.matomo.cloud track-eu.customer.io ofri-files-production.s3.eu-central-1.amazonaws.com s3-eu-central-1.amazonaws.com/ofri-files-production/ s3-eu-west-1.amazonaws.com/file-bucket-prod/; manifest-src 'self' ofri.cloudflareaccess.com .ofri.ch; media-src 'self' data: .widget.cluster.groovehq.com ofri-files-production.s3.eu-central-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' ajax.cloudflare.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' blob: .ofri.ch ofri.cloudflareaccess.com code.gist.build .cloudflare.com .cluster.groovehq.com .customer.io .matomo.cloud .posthog.com .postmarkapp.com www.youtube.com; style-src 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css .ofri.ch fonts.googleapis.com ofri.cloudflareaccess.com; worker-src 'self' blob:; report-uri /csp/violation
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/

Response headers

access-control-max-age: 7200
x-request-id: c041ab34-8192-430c-843f-9bdd381e2259
access-control-expose-headers
content-encoding: br
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rJm%2BX6srYr31f5JyfaxuLMYwOta9w2ANfJ0h8DVRGREWW0Nu98gcnD8XL1LhvZGZr0qh2%2BT%2FZXy7Y3WDCLzl4fa5z%2BmwbvECL%2BMs%2FTYWT5ySzuvzPbq0MH3157n"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Fri, 27 Dec 2024 06:16:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14189&min_rtt=13944&rtt_var=1124&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5038&recv_bytes=4760&delivery_rate=166136&cwnd=12000&unsent_bytes=0&cid=09df73ed47ac972e&ts=143&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: text/html; charset=utf-8
vary: Origin
x-runtime: 0.011659
priority: u=1,i
x-frame-options: DENY
strict-transport-security: max-age=604800
content-security-policy: default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: ws: vimeo.com rebound.postmarkapp.com *.ofri.ch ofri.matomo.cloud gist-queue-consumer-api.cloud.gist.build *.posthog.com *.sentry.io sentry.ofri.dev; font-src 'self' data: *.ofri.ch fonts.gstatic.com fonts.googleapis.com; form-action 'self' ofri.us1.list-manage.com ofri-forms.typeform.com; frame-ancestors 'none'; frame-src 'self' player.vimeo.com ofri.payrexx.com *.widget.cluster.groovehq.com renderer.gist.build code.gist.build dispatcher.payrexx.com *.postfinance.ch www.youtube.com; img-src 'self' blob: data: *.vimeocdn.com *.cloudinary.com *.openstreetmap.org *.ofri.ch ofri.matomo.cloud track-eu.customer.io ofri-files-production.s3.eu-central-1.amazonaws.com s3-eu-central-1.amazonaws.com/ofri-files-production/ s3-eu-west-1.amazonaws.com/file-bucket-prod/; manifest-src 'self' ofri.cloudflareaccess.com *.ofri.ch; media-src 'self' data: *.widget.cluster.groovehq.com ofri-files-production.s3.eu-central-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' ajax.cloudflare.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' blob: *.ofri.ch ofri.cloudflareaccess.com code.gist.build *.cloudflare.com *.cluster.groovehq.com *.customer.io *.matomo.cloud *.posthog.com *.postmarkapp.com www.youtube.com; style-src 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css *.ofri.ch fonts.googleapis.com ofri.cloudflareaccess.com; worker-src 'self' blob:; report-uri /csp/violation
cache-control: max-age=86400, public, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8f7ef1a9b8e001db-ZRH
document-policy: js-profiling
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 profile_widget.png
www.ofri.ch/widgets/ 8 KB
10 KB 194ms
194ms Image
image/png 172.66.40.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ofri.ch/widgets/profile_widget.png?token=0fcbb7e06140e43d709774884b3e1ff8bae75b86

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a8e0e2b1824b6e615a39fe2b22617a38ff8e2ad54ab0ae4133ed48c39f56ad7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: ws: vimeo.com rebound.postmarkapp.com .ofri.ch ofri.matomo.cloud gist-queue-consumer-api.cloud.gist.build .posthog.com .sentry.io sentry.ofri.dev; font-src 'self' data: .ofri.ch fonts.gstatic.com fonts.googleapis.com; form-action 'self' ofri.us1.list-manage.com ofri-forms.typeform.com; frame-ancestors 'none'; frame-src 'self' player.vimeo.com ofri.payrexx.com .widget.cluster.groovehq.com renderer.gist.build code.gist.build dispatcher.payrexx.com .postfinance.ch www.youtube.com; img-src 'self' blob: data: .vimeocdn.com .cloudinary.com .openstreetmap.org .ofri.ch ofri.matomo.cloud track-eu.customer.io ofri-files-production.s3.eu-central-1.amazonaws.com s3-eu-central-1.amazonaws.com/ofri-files-production/ s3-eu-west-1.amazonaws.com/file-bucket-prod/; manifest-src 'self' ofri.cloudflareaccess.com .ofri.ch; media-src 'self' data: .widget.cluster.groovehq.com ofri-files-production.s3.eu-central-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' ajax.cloudflare.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' blob: .ofri.ch ofri.cloudflareaccess.com code.gist.build .cloudflare.com .cluster.groovehq.com .customer.io .matomo.cloud .posthog.com .postmarkapp.com www.youtube.com; style-src 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css .ofri.ch fonts.googleapis.com ofri.cloudflareaccess.com; worker-src 'self' blob:; report-uri /csp/violation
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.mhboeden.ch/

Response headers

x-request-id: 9c9e8dc5-37ed-4209-8ed5-0d30706f56d1
cf-cache-status: BYPASS
etag: W/"8a8e0e2b1824b6e615a39fe2b22617a3"
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cj9U8suUi6DIS1fcK%2B5gDtvRO7%2BzgTdkjLoooKVONdsevi%2FX1uCPP7vgBMFol94%2FfblD98VglEGZuo8GfKvsB0mByEX5pkxKFBOwgV70ghnODk5e%2F6q%2Bd3PW%2FbXT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 27 Dec 2024 06:16:46 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14579&min_rtt=13964&rtt_var=2396&sent=15&recv=12&lost=0&retrans=0&sent_bytes=6947&recv_bytes=4816&delivery_rate=171726&cwnd=12000&unsent_bytes=0&cid=a93531be0c2d8058&ts=516&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 06:16:46 GMT
content-type: image/png
content-disposition: inline
vary: Origin, Accept-Encoding
x-runtime: 0.116106
x-frame-options: DENY
strict-transport-security: max-age=604800
content-security-policy: default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: ws: vimeo.com rebound.postmarkapp.com *.ofri.ch ofri.matomo.cloud gist-queue-consumer-api.cloud.gist.build *.posthog.com *.sentry.io sentry.ofri.dev; font-src 'self' data: *.ofri.ch fonts.gstatic.com fonts.googleapis.com; form-action 'self' ofri.us1.list-manage.com ofri-forms.typeform.com; frame-ancestors 'none'; frame-src 'self' player.vimeo.com ofri.payrexx.com *.widget.cluster.groovehq.com renderer.gist.build code.gist.build dispatcher.payrexx.com *.postfinance.ch www.youtube.com; img-src 'self' blob: data: *.vimeocdn.com *.cloudinary.com *.openstreetmap.org *.ofri.ch ofri.matomo.cloud track-eu.customer.io ofri-files-production.s3.eu-central-1.amazonaws.com s3-eu-central-1.amazonaws.com/ofri-files-production/ s3-eu-west-1.amazonaws.com/file-bucket-prod/; manifest-src 'self' ofri.cloudflareaccess.com *.ofri.ch; media-src 'self' data: *.widget.cluster.groovehq.com ofri-files-production.s3.eu-central-1.amazonaws.com; object-src 'self'; script-src 'self' 'unsafe-eval' ajax.cloudflare.com; script-src-attr 'self' 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' blob: *.ofri.ch ofri.cloudflareaccess.com code.gist.build *.cloudflare.com *.cluster.groovehq.com *.customer.io *.matomo.cloud *.posthog.com *.postmarkapp.com www.youtube.com; style-src 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css; style-src-attr 'self' 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.css *.ofri.ch fonts.googleapis.com ofri.cloudflareaccess.com; worker-src 'self' blob:; report-uri /csp/violation
cache-control: max-age=86400, public, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=3,i
content-transfer-encoding: binary
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8f7ef1aa1a6824c4-ZRH
document-policy: js-profiling
accept-ranges: bytes
content-length: 7803
x-xss-protection: 1; mode=block
server: cloudflare

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mhboeden.ch
widgetlogic.org
www.mhboeden.ch
www.ofri.ch
142.250.186.35
172.66.40.140
2606:4700:20::ac43:443c
2a00:1450:4001:812::200a
2a01:ab20:0:4::97
008a1187f81d35916eceeb03d93d86463fcc229e306e9f78f0f0063f3c6d4b8c
055ef475667e372a72837c36d14d128c9a6ab95201042f8766516597e1c55174
098443881c72ac25e2e141812954124ead57e135d05afe089cd51d65be9a77ed
09b9a371dd9a8ebd648a4cd274f264db76270b8b10e8211833557d1393107ad7
1cc5fba1b17b26c8975d63d581f375152c583264b4ba58a2d2eacac2d11d90ee
2ca070d6203c5764371c0501c5e042b8ec1953937caeab1a0e21cd785fa4e409
2d704da2e55cd22e762710cff947d957a80c8f2e29397c81fc25041c249c23ae
2e858a3bf02390ad4f8a5db4f1b4b979d96db387f48f1c6069557bc369ee6662
3310986e26439bd35318188bd35b0c326bd3334e6699ca0469fd4f0b7d497098
364b9644eb69e756673d68a2d745f8186a7f81a26bbee4b9b70058e6bfcf084f
4397669abae0a85b96d9e878631b1a71260cfdcc3354a98947ba71498173b15f
4d776c63d493ac317851168f69d80cf10c45fee96f53db1e0a18d59c1cf77f28
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
57d35f39158ef6990a75261c466b5c93e3f441b5b05426a35975fc3f31c19c45
584b10df5af4716257aae636285c55f27e9a970412fa831dd66023efabb84b48
5af760e4297b064a2150dcd5f63d748a06dfa8b618c9e9d43a87c4ac74fa3974
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
742d9b54e7f694a7ed0e177cbe5671559408dc15c12bf54218d6c08197b83fb0
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
80bc4dfbda6c7088a4649b41d83f8635ff61f576199b83b4840a5e8dd7d868b6
8a8e0e2b1824b6e615a39fe2b22617a38ff8e2ad54ab0ae4133ed48c39f56ad7
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
968ab8ae6f33119ee267a11ce60920934e0d5e9d4714a3eb6b47cb9f05e42a0f
a889210286c7ad91b87d1fcf3a98c4dc6ee674872c6b62b648fb8e7ee378dffc
aa4dc37c957954867c8db50509090c678a7e13fcc899edfb119466d3b29d4477
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
bc82eb04ca9fd03c9a2a4268ea9bb087f222eef52426df995a0423d25f96262b
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2b82927ac9c25a19d64969bd98afb259171eb02a9f587887a083da8de11e114
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fe9ad90f945dc941dcb91ec916a5a997a5babc38178379c72ada4c2072ebaf79

www.mhboeden.ch Open in urlscan Pro 2a01:ab20:0:4::97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

100 %HTTPS

60 %IPv6

5 Domains

6 Subdomains

5 IPs

3 Countries

1462 kBTransfer

1829 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mhboeden.ch Open in urlscan Pro
2a01:ab20:0:4::97 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

1462 kB
Transfer

1829 kB
Size

0
Cookies

36 HTTP transactions
0 data transactions