go.groupemutuel.ch Open in urlscan Pro
141.145.8.17 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.jaduda.com/click?tc=1734
Effective URL:
https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
Submission: On August 30 via manual (August 30th 2019, 7:55:03 am UTC) from CH

Summary HTTP 23 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 23 HTTP transactions. The main IP is 141.145.8.17, located in Amsterdam, Netherlands and belongs to . The main domain is go.groupemutuel.ch.
TLS certificate: Issued by SwissSign EV Gold CA 2014 - G22 on March 14th 2019. Valid for: a year.

This is the only time go.groupemutuel.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	136.243.95.140 136.243.95.140	24940 (HETZNER-AS) (HETZNER-AS)
1	141.145.8.17 141.145.8.17	() ()
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY - Fastly)
8	184.31.90.134 184.31.90.134	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	141.145.8.13 141.145.8.13	() ()
4	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
23	11

1 136.243.95.140 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.140.95.243.136.clients.your-server.de

t.jaduda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.145.8.17 (Amsterdam, Netherlands)

ASN- ()

go.groupemutuel.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.31.90.134 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-90-134.deploy.static.akamaitechnologies.com

img06.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.145.8.13 (Amsterdam, Netherlands) 2 redirects

ASN- ()

s1403096143.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	en25.com img06.en25.com	3 MB
4	gstatic.com fonts.gstatic.com	43 KB
3	eloqua.com 2 redirects s1403096143.t.eloqua.com	2 KB
2	jsdelivr.net cdn.jsdelivr.net	27 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	38 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	24 KB
1	groupemutuel.ch go.groupemutuel.ch	7 KB
1	jaduda.com t.jaduda.com	968 B
23	10

	Domain	Requested by
8	img06.en25.com	go.groupemutuel.ch code.jquery.com
4	fonts.gstatic.com	code.jquery.com go.groupemutuel.ch
3	s1403096143.t.eloqua.com	2 redirects go.groupemutuel.ch
2	cdn.jsdelivr.net	go.groupemutuel.ch
2	fonts.googleapis.com	go.groupemutuel.ch
2	stackpath.bootstrapcdn.com	go.groupemutuel.ch
1	cdnjs.cloudflare.com	go.groupemutuel.ch
1	code.jquery.com	go.groupemutuel.ch
1	go.groupemutuel.ch
1	t.jaduda.com
23	10

This site contains links to these domains. Also see Links.

Domain
www.groupemutuel.ch

Subject Issuer	Validity	Valid
*.jaduda.com Let's Encrypt Authority X3	`2019-08-01` - `2019-10-30`	3 months	crt.sh
go.groupemutuel.ch SwissSign EV Gold CA 2014 - G22	`2019-03-14` - `2020-03-14`	a year	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-07-29` - `2019-10-27`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2019-06-21` - `2020-08-19`	a year	crt.sh
*.t.eloqua.com DigiCert SHA2 Secure Server CA	`2019-01-14` - `2020-03-14`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
Frame ID: E1837272D962146A59F430E989CCCD05
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.jaduda.com/click?tc=1734 Page URL
https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad368... Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

10
Subdomains

11
IPs

4
Countries

2806 kB
Transfer

3133 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.groupemutuel.ch/de/clients-prives.html?utm_source=inbound&utm_medium=lead&utm_campaign=concours-iphoneXDE&elqTrackId=21670bae4ddf48f0ac67a80f2665e5ca&elqaid=163&elqat=2
Title: www.groupemutuel.ch

Search URL Search Domain Scan URL

URL: https://www.groupemutuel.ch/de/Privatkunden/Allgemeine-Nutzungsbedingungen.html?utm_source=inbound&utm_medium=lead&utm_campaign=&utm_campaign=concours-iphoneXDE&elqTrackId=8429ca8b72ff45c8ba21db9e0ecc2d92&elqaid=163&elqat=2
Title: NUTZUNGSBEDINGUNGEN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.jaduda.com/click?tc=1734 Page URL
https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://s1403096143.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=1403096143&PURLSiteID=7&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=163&PURLRecordID=0&PURLGUID=C72B491CD355437AB98DD252E2E6CCD7&UseRelativePath=True&elq={00000000-0000-0000-0000-000000000000}&ref=https%3A%2F%2Ft.jaduda.com%2Fclick%3Ftc%3D1734&elq_ck=0&clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1 HTTP 302
https://s1403096143.t.eloqua.com/visitor/v200/svrGP.aspx?pps=60&siteid=1403096143&PURLSiteID=7&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=163&PURLRecordID=0&PURLGUID=C72B491CD355437AB98DD252E2E6CCD7&UseRelativePath=True&elq={00000000-0000-0000-0000-000000000000}&ref=https%3A%2F%2Ft.jaduda.com%2Fclick%3Ftc%3D1734&elq_ck=0&clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1&elqCookie=1 HTTP 302
https://s1403096143.t.eloqua.com/eloquaimages/tinydot.gif

23 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set click
t.jaduda.com/ 521 B
968 B 230ms
161ms Document
text/html 136.243.95.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.jaduda.com/click?tc=1734
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.95.140 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.140.95.243.136.clients.your-server.de
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash

Request headers

Host: t.jaduda.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Server: nginx/1.4.6 (Ubuntu)
Date: Fri, 30 Aug 2019 07:54:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: symfony=ndpfsbdoa0u3nkfod1p79bq4v5; path=/ tc_1832=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1; expires=Thu, 28-Nov-2019 07:54:47 GMT; Max-Age=7776000; path=/
Refresh: 0; url=https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
Alternate-Protocol: 443:npn-spdy/2
Content-Encoding: gzip

GET
H/1.1 200
OK Primary Request Cookie set concours-sport-DE Show response
go.groupemutuel.ch/ 24 KB
7 KB 1757ms
142ms Document
text/html 141.145.8.17

General

Check archive.org

Show headers Download Go to

Full URL

https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.145.8.17 Amsterdam, Netherlands, ASN (),

Reverse DNS

Software

Resource Hash

474cb83b8e57bd815419fb1d7b23afd7b92436f89938096088c24ab1f9f743f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: go.groupemutuel.ch
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://t.jaduda.com/click?tc=1734
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://t.jaduda.com/click?tc=1734

Response headers

Cache-Control: private,no-cache, no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Set-Cookie: ELOQUA=GUID=C72B491CD355437AB98DD252E2E6CCD7; domain=go.groupemutuel.ch; expires=Mon, 30-Aug-2021 07:54:49 GMT; path=/; HttpOnly
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options: nosniff
Date: Fri, 30 Aug 2019 07:54:48 GMT
Content-Length: 7026

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
23 KB 22ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by: Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Sec-Fetch-Mode: cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
Origin: https://go.groupemutuel.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 07:54:49 GMT
content-encoding: gzip
last-modified: Wed, 13 Feb 2019 16:40:50 GMT
status: 200
etag: "1550076050"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 23237

GET
H2 200 css
fonts.googleapis.com/ 8 KB
750 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&display=swap

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

07c5a602558f0770920a59c74c6b15202d0a1a23bf0b0eb2cfcbb0fc34b63553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 30 Aug 2019 07:54:49 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Fri, 30 Aug 2019 07:54:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Fri, 30 Aug 2019 07:54:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
688 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2dac9a8ed7c7cc833b98d0aa024a537ffaa26109acc5d81197b0a50c350d91df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 30 Aug 2019 07:54:49 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Fri, 30 Aug 2019 07:54:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Fri, 30 Aug 2019 07:54:49 GMT

GET
H/1.1 200
OK jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 18ms
6ms Script
application/javascript 2001:4de0:ac18::1:a:2a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Sec-Fetch-Mode: cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
Origin: https://go.groupemutuel.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 30 Aug 2019 07:54:49 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1111d"
Vary: Accept-Encoding
X-HW: 1567151689.dop004.fr8.shc,1567151689.dop004.fr8.t,1567151689.cds019.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 50ms
22ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
Origin: https://go.groupemutuel.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 07:54:49 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11785628
status: 200
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Tue, 29 Jan 2019 12:15:56 GMT
server: cloudflare
etag: W/"5c5043fc-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 50e532e8ad3359fa-VIE
expires: Wed, 19 Aug 2020 07:54:49 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
15 KB 27ms
13ms Script
text/javascript 2001:4de0:ac19::1:b:2a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by: Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

Sec-Fetch-Mode: cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
Origin: https://go.groupemutuel.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 07:54:49 GMT
content-encoding: gzip
last-modified: Wed, 13 Feb 2019 16:40:57 GMT
status: 200
etag: "1550076057"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 15434

GET
H2 200 jquery.validate.js Show response
cdn.jsdelivr.net/npm/jquery-validation@1.19.0/dist/ 49 KB
13 KB 21ms
6ms Script
application/javascript 2a04:4e42:1b::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-validation@1.19.0/dist/jquery.validate.js

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

df06547d21b97467e4d13e09b849ed9862195690647490a4ef163bcef5567d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
status: 200
content-length: 13516
etag: W/"c5f7-x02RC//xRy9E95FNq9I+jQdjc1k"
x-served-by: cache-ams21023-AMS, cache-hhn4029-HHN
date: Fri, 30 Aug 2019 07:54:49 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 additional-methods.js Show response
cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/ 51 KB
14 KB 20ms
6ms Script
application/javascript 2a04:4e42:1b::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/additional-methods.js

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

44df0e0fc997dcb6ec19680189b1043e3c077e788ca3a0551c533d3c646d87bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
status: 200
content-length: 13859
etag: W/"cb40-GheFVEYfbHcC6aXdrAdELCax5h0"
x-served-by: cache-ams21045-AMS, cache-hhn4029-HHN
date: Fri, 30 Aug 2019 07:54:49 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK %7Bd404f78a-2792-4d4f-b33f-5f6ac77b90cf%7D_Combo_date_moment_locales3.js Show response
img06.en25.com/Web/GroupeMutuel/ 160 KB
161 KB 81ms
26ms Script
application/x-javascript 184.31.90.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/Web/GroupeMutuel/%7Bd404f78a-2792-4d4f-b33f-5f6ac77b90cf%7D_Combo_date_moment_locales3.js

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.90.134 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-90-134.deploy.static.akamaitechnologies.com

Software

Resource Hash

73acd8fadba2b351a014e24884f94bf5ac46cf96087ad080d6e5c9209b87c647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 May 2019 13:07:55 GMT
ETag: "f5fb639b11d51:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Fri, 30 Aug 2019 07:54:49 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 164294
Expires: Fri, 30 Aug 2019 07:54:49 GMT

GET
H/1.1 200
OK %7B4306c016-1f07-4f74-8814-8b48976822dc%7D_combodate.js Show response
img06.en25.com/Web/GroupeMutuel/ 17 KB
18 KB 81ms
26ms Script
application/x-javascript 184.31.90.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://img06.en25.com/Web/GroupeMutuel/%7B4306c016-1f07-4f74-8814-8b48976822dc%7D_combodate.js

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.90.134 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-90-134.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d1d3bf8f3fa1af32e5018821bbcfbf9ea2ed3bf09f802bb83054841c266402c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 19 Apr 2019 12:34:28 GMT
ETag: "dfaf13aacf6d41:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Fri, 30 Aug 2019 07:54:49 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 17669
Expires: Fri, 30 Aug 2019 07:54:49 GMT

GET
H/1.1 200
OK %7Bdd2f8441-bd97-4cb1-9156-32ad784442fd%7D_belkin.png
img06.en25.com/EloquaImages/clients/GroupeMutuel/ 79 KB
80 KB 108ms
26ms Image
image/png 184.31.90.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/GroupeMutuel/%7Bdd2f8441-bd97-4cb1-9156-32ad784442fd%7D_belkin.png

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.90.134 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-90-134.deploy.static.akamaitechnologies.com

Software

Resource Hash

7000182870072ab6a1d5480fc0baa928e564d7d2d69e6855dcedbb883f6867a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Aug 2019 08:12:10 GMT
ETag: "4786a6f5e55bd51:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Fri, 30 Aug 2019 07:54:49 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 81371
Expires: Fri, 30 Aug 2019 07:54:49 GMT

GET
H/1.1 200
OK %7B37186aeb-5b35-45c3-a8bd-8d6155d94d2c%7D_Carte_SportXX_de.png
img06.en25.com/EloquaImages/clients/GroupeMutuel/ 109 KB
109 KB 160ms
27ms Image
image/png 184.31.90.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/GroupeMutuel/%7B37186aeb-5b35-45c3-a8bd-8d6155d94d2c%7D_Carte_SportXX_de.png

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.90.134 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-90-134.deploy.static.akamaitechnologies.com

Software

Resource Hash

bd6caedfab036133a3042501ab5cd48a3d60ddc9c0f290d83c2b78d1529e615e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Aug 2019 09:21:22 GMT
ETag: "7a5346a0ef5bd51:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Fri, 30 Aug 2019 07:54:49 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 111165
Expires: Fri, 30 Aug 2019 07:54:49 GMT

GET
H/1.1 200
OK %7B9270e7af-2d32-42b7-83c3-02dc66a8caf9%7D_Group_2.png
img06.en25.com/EloquaImages/clients/GroupeMutuel/ 5 KB
5 KB 50ms
25ms Image
image/png 184.31.90.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/GroupeMutuel/%7B9270e7af-2d32-42b7-83c3-02dc66a8caf9%7D_Group_2.png

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.90.134 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-90-134.deploy.static.akamaitechnologies.com

Software

Resource Hash

5995f2cf91bafa9a477ec70b60e5d86b78da83fabea3fe07871243648d8a6777

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Fri, 14 Jun 2019 11:16:15 GMT
ETag: "266df94a222d51:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Fri, 30 Aug 2019 07:54:49 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 4640
Expires: Fri, 30 Aug 2019 07:54:49 GMT

GET
H/1.1

200
OK

tinydot.gif
s1403096143.t.eloqua.com/eloquaimages/
Redirect Chain

https://s1403096143.t.eloqua.com/visitor/v200/svrGP?pps=60&siteid=1403096143&PURLSiteID=7&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=163&PURLRecordID=0&PURLGUID=C72B491CD355437AB98DD252E...
https://s1403096143.t.eloqua.com/visitor/v200/svrGP.aspx?pps=60&siteid=1403096143&PURLSiteID=7&optin=disabled&PURLSiteAlternateDNSID=0&LandingPageID=163&PURLRecordID=0&PURLGUID=C72B491CD355437AB98D...
https://s1403096143.t.eloqua.com/eloquaimages/tinydot.gif

49 B
478 B

20ms
19ms

Image
image/gif

141.145.8.13

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1403096143.t.eloqua.com/eloquaimages/tinydot.gif

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

141.145.8.13 Amsterdam, Netherlands, ASN (),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Jul 2019 19:48:23 GMT
ETag: "bda6d6c05842d51:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Fri, 30 Aug 2019 07:54:50 GMT
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 49
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Date: Fri, 30 Aug 2019 07:54:50 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: /eloquaimages/tinydot.gif
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 142
Expires: -1

GET
H/1.1 200
OK %7B9daf7201-efd7-4652-82dc-cfffac5a5104%7D_bg_desktop2.png
img06.en25.com/EloquaImages/clients/GroupeMutuel/ 2 MB
2 MB 26ms
26ms Image
image/png 184.31.90.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/GroupeMutuel/%7B9daf7201-efd7-4652-82dc-cfffac5a5104%7D_bg_desktop2.png

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.slim.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.90.134 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-90-134.deploy.static.akamaitechnologies.com

Software

Resource Hash

7011fd0c855fa96be4e5cb022e93ed34a129a2e2aafd1753fde9bb57c5ade7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Aug 2019 08:09:13 GMT
ETag: "422f93b6ae5cd51:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Fri, 30 Aug 2019 07:54:49 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2143460
Expires: Fri, 30 Aug 2019 07:54:49 GMT

GET
DATA 200
OK truncated
/ 113 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.slim.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&display=swap
Origin: https://go.groupemutuel.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 14:56:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:22 GMT
server: sffe
age: 493073
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10968
x-xss-protection: 0
expires: Sun, 23 Aug 2020 14:56:56 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYb9lecyU.woff2

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.slim.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&display=swap
Origin: https://go.groupemutuel.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 13:15:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:04 GMT
server: sffe
age: 326387
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11052
x-xss-protection: 0
expires: Tue, 25 Aug 2020 13:15:02 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.slim.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700&display=swap
Origin: https://go.groupemutuel.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 22 Aug 2019 23:06:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:17 GMT
server: sffe
age: 636516
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10996
x-xss-protection: 0
expires: Fri, 21 Aug 2020 23:06:13 GMT

GET
H/1.1 200
OK %7Bdd2f8441-bd97-4cb1-9156-32ad784442fd%7D_belkin.png
img06.en25.com/EloquaImages/clients/GroupeMutuel/ 79 KB
80 KB 26ms
26ms Image
image/png 184.31.90.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/GroupeMutuel/%7Bdd2f8441-bd97-4cb1-9156-32ad784442fd%7D_belkin.png

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.90.134 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-90-134.deploy.static.akamaitechnologies.com

Software

Resource Hash

7000182870072ab6a1d5480fc0baa928e564d7d2d69e6855dcedbb883f6867a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Aug 2019 08:12:10 GMT
ETag: "4786a6f5e55bd51:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Fri, 30 Aug 2019 07:54:49 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 81371
Expires: Fri, 30 Aug 2019 07:54:49 GMT

GET
H/1.1 200
OK %7B37186aeb-5b35-45c3-a8bd-8d6155d94d2c%7D_Carte_SportXX_de.png
img06.en25.com/EloquaImages/clients/GroupeMutuel/ 109 KB
109 KB 26ms
26ms Image
image/png 184.31.90.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img06.en25.com/EloquaImages/clients/GroupeMutuel/%7B37186aeb-5b35-45c3-a8bd-8d6155d94d2c%7D_Carte_SportXX_de.png

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.31.90.134 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-31-90-134.deploy.static.akamaitechnologies.com

Software

Resource Hash

bd6caedfab036133a3042501ab5cd48a3d60ddc9c0f290d83c2b78d1529e615e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26 Aug 2019 09:21:22 GMT
ETag: "7a5346a0ef5bd51:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-cache, no-store
Date: Fri, 30 Aug 2019 07:54:49 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 111165
Expires: Fri, 30 Aug 2019 07:54:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:814::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: go.groupemutuel.ch
URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
Origin: https://go.groupemutuel.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 14:56:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 493075
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11016
x-xss-protection: 0
expires: Sun, 23 Aug 2020 14:56:54 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.go.groupemutuel.ch/	1970-01-19 20:51:50	Name: ELOQUA Value: GUID=C72B491CD355437AB98DD252E2E6CCD7

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://go.groupemutuel.ch/concours-sport-DE?clickid=2458c43d10b901d980e2f88b123767dca3e01a51f4f5aad3684dcae5a4f795b1(Line 85) Message: Fri Aug 30 2002 02:00:00 GMT+0200 (Central European Summer Time)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
go.groupemutuel.ch
img06.en25.com
s1403096143.t.eloqua.com
stackpath.bootstrapcdn.com
t.jaduda.com
136.243.95.140
141.145.8.13
141.145.8.17
184.31.90.134
2001:4de0:ac18::1:a:2a
2001:4de0:ac19::1:b:2a
2606:4700::6813:c697
2a00:1450:4001:814::2003
2a00:1450:4001:81f::200a
2a04:4e42:1b::621
07c5a602558f0770920a59c74c6b15202d0a1a23bf0b0eb2cfcbb0fc34b63553
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
2dac9a8ed7c7cc833b98d0aa024a537ffaa26109acc5d81197b0a50c350d91df
44df0e0fc997dcb6ec19680189b1043e3c077e788ca3a0551c533d3c646d87bf
474cb83b8e57bd815419fb1d7b23afd7b92436f89938096088c24ab1f9f743f2
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
5995f2cf91bafa9a477ec70b60e5d86b78da83fabea3fe07871243648d8a6777
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
7000182870072ab6a1d5480fc0baa928e564d7d2d69e6855dcedbb883f6867a8
7011fd0c855fa96be4e5cb022e93ed34a129a2e2aafd1753fde9bb57c5ade7f2
73acd8fadba2b351a014e24884f94bf5ac46cf96087ad080d6e5c9209b87c647
7d1d3bf8f3fa1af32e5018821bbcfbf9ea2ed3bf09f802bb83054841c266402c
848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
ac42e86ff1d0fc78a7870a72cf5d1bbf0a509a852dba1d8abdc734892b0d4844
bd6caedfab036133a3042501ab5cd48a3d60ddc9c0f290d83c2b78d1529e615e
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
df06547d21b97467e4d13e09b849ed9862195690647490a4ef163bcef5567d97
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

go.groupemutuel.ch Open in urlscan Pro 141.145.8.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

60 %IPv6

10 Domains

10 Subdomains

11 IPs

4 Countries

2806 kBTransfer

3133 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

go.groupemutuel.ch Open in urlscan Pro
141.145.8.17 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

10
Subdomains

11
IPs

4
Countries

2806 kB
Transfer

3133 kB
Size

1
Cookies

23 HTTP transactions
1 data transactions