urlscan.io logo urlscan.io
SecurityTrails logo

hetreplus.ch Open in urlscan Pro
31.171.241.80  Public Scan

Go To Rescan Add Verdict Report
URL: https://hetreplus.ch/
Submission: On April 13 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 29 HTTP transactions. The main IP is 31.171.241.80, located in Emmenbrücke, Switzerland and belongs to CLOUDSIGMA-AS, CH. The main domain is hetreplus.ch.
TLS certificate: Issued by R3 on April 8th 2024. Valid for: 3 months.
This is the only time hetreplus.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 31.171.241.80 50837 (CLOUDSIGM...)
1 2a00:1450:400... 15169 (GOOGLE)
3 216.58.206.66 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.68 15169 (GOOGLE)
29 8
16    31.171.241.80 (Emmenbrücke, Switzerland)

ASN50837 (CLOUDSIGMA-AS, CH)
PTR: web1.ecodev.ch
hetreplus.ch
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net
pagead2.googlesyndication.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads.g.doubleclick.net
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
16 hetreplus.ch
hetreplus.ch
108 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
207 KB
3 gstatic.com
fonts.gstatic.com
58 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
29 6
Domain Requested by
16 hetreplus.ch hetreplus.ch
3 fonts.gstatic.com fonts.googleapis.com
3 pagead2.googlesyndication.com hetreplus.ch
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 fonts.googleapis.com hetreplus.ch
29 7

This site contains links to these domains. Also see Links.

Domain
wordpress.org
ecodev.ch
Subject Issuer Validity Valid
hetreplus.ch
R3		 2024-04-08 -
2024-07-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://hetreplus.ch/
Frame ID: 81BF312EA472C06FEE4F6B87A80F47F5
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773595138859437&output=html&adk=1812271804&adf=3025194257&lmt=1713049627&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhetreplus.ch%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&dt=1713049627695&bpp=4&bdt=221&idt=107&shv=r20240410&mjsv=m202404100101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1253908965773&frm=20&pv=2&ga_vid=158437511.1713049628&ga_sid=1713049628&ga_hid=222667566&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44795922%2C95330161%2C31082672%2C95322195%2C31082144&oid=2&pvsid=2756963533718113&tmod=1406208686&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=123
Frame ID: 1A5FEAF50380D302C1F1187BD8D01F22
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C1C64C5A87DB8649F951DEA4B76917D3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AFA578B0628BF1514388F651141F6DB9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hêtre+ – Un site utilisant WordPress

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

29
Requests

93 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

374 kB
Transfer

995 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hetreplus.ch/ 		28 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
6ef6ab8670c9c6b4b6e4a93a10a88b10a5acea08ffcc77db6b8dad54d95bc30e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 13 Apr 2024 23:07:17 GMT
link
<https://hetreplus.ch/wp-json/>; rel="https://api.w.org/"
server
nginx
strict-transport-security
max-age=31536000;
style.min.css
hetreplus.ch/wp-includes/css/dist/block-library/ 		111 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 16:04:09 GMT
server
nginx
etag
W/"66195b79-1bae5"
content-type
text/css
style.min.css
hetreplus.ch/wp-content/themes/siteorigin-north/ 		41 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-content/themes/siteorigin-north/style.min.css?ver=1.20.1
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
0b4297d560552dee2466d861c64dbfca112ba8c10613a7dbb88132e2a78ee8ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 27 Dec 2023 15:42:16 GMT
server
nginx
etag
W/"658c45d8-a27b"
content-type
text/css
north-icons.min.css
hetreplus.ch/wp-content/themes/siteorigin-north/css/ 		996 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-content/themes/siteorigin-north/css/north-icons.min.css?ver=1.20.1
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
ddd1457c7b0044b4562aa5c45324b2d419f8f779573305ce8acfe9cffe0fa196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 27 Dec 2023 15:42:16 GMT
server
nginx
etag
"658c45d8-3e4"
content-type
text/css
accept-ranges
bytes
content-length
996
flexslider.min.css
hetreplus.ch/wp-content/themes/siteorigin-north/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-content/themes/siteorigin-north/css/flexslider.min.css?ver=6.5.2
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
70dc3c1e3be54cfb73f46b4f61ef02db03d7db587dd851c8b1f4e3959cda6db0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 27 Dec 2023 15:42:16 GMT
server
nginx
etag
W/"658c45d8-edb"
content-type
text/css
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CMontserrat%3A400%7CDroid+Serif%3A400&ver=6.5.2
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
310a3fec331a2c946ac3b89585aaae8033d5b0326693a926f9b4a844f588ff4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 13 Apr 2024 23:07:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 13 Apr 2024 23:07:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 13 Apr 2024 23:07:07 GMT
jquery.min.js
hetreplus.ch/wp-includes/js/jquery/ 		86 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Mon, 13 Nov 2023 20:49:24 GMT
server
nginx
etag
W/"65528bd4-15601"
content-type
application/javascript
jquery-migrate.min.js
hetreplus.ch/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Tue, 05 Sep 2023 20:59:31 GMT
server
nginx
etag
W/"64f796b3-3509"
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
2502aaa69b971abe3437c8d3c5f4fc8c3b5e955df55d47f9dbdc693f8df03cdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51096
x-xss-protection
0
server
cafe
etag
11601983702438693212
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 13 Apr 2024 23:07:07 GMT
tracker.js
hetreplus.ch/wp-content/plugins/wp-statistics/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=14.6.0
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
4e7d502f3b3986ff3360391418a1062d96b466d78562fab9d0e9d4f02c8ed938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 15:32:00 GMT
server
nginx
etag
W/"661953f0-b7a"
content-type
application/javascript
jquery.flexslider.min.js
hetreplus.ch/wp-content/themes/siteorigin-north/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-content/themes/siteorigin-north/js/jquery.flexslider.min.js?ver=2.6.3
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
95d999253497d7e4e11a72502a6567ccd8ba322f574e70f0d4b01f1239755f0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 27 Dec 2023 15:42:16 GMT
server
nginx
etag
W/"658c45d8-59a2"
content-type
application/javascript
jquery.transit.min.js
hetreplus.ch/wp-content/themes/siteorigin-north/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-content/themes/siteorigin-north/js/jquery.transit.min.js?ver=0.9.12
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
1ebbdcd8e713f44ee60a9d3f8ca295b8bfa9beae9b6227bd8550178d34851dc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 27 Dec 2023 15:42:16 GMT
server
nginx
etag
W/"658c45d8-1cb1"
content-type
application/javascript
jquery.fitvids.min.js
hetreplus.ch/wp-content/themes/siteorigin-north/js/ 		2 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-content/themes/siteorigin-north/js/jquery.fitvids.min.js?ver=1.1
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
f796abd7314e4ebacdb480fbac6f09f75b1c3a2c1355850ed0fc7d81a74c56e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 27 Dec 2023 15:42:16 GMT
server
nginx
etag
W/"658c45d8-6a6"
content-type
application/javascript
north.min.js
hetreplus.ch/wp-content/themes/siteorigin-north/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-content/themes/siteorigin-north/js/north.min.js?ver=1.20.1
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
d5bfb507b218725f81ee3c21fc30c0a0bb1be3ec607bc3c51f40e1b14676144d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Wed, 27 Dec 2023 15:42:16 GMT
server
nginx
etag
W/"658c45d8-25af"
content-type
application/javascript
skip-link-focus-fix.min.js
hetreplus.ch/wp-content/themes/siteorigin-north/js/ 		478 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-content/themes/siteorigin-north/js/skip-link-focus-fix.min.js?ver=1.20.1
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
d8e9434d0a5ec1fc73872f2d3af476b174ecf6720fd4a1f296fc4f814cc7138f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 27 Dec 2023 15:42:16 GMT
server
nginx
etag
"658c45d8-1de"
content-type
application/javascript
accept-ranges
bytes
content-length
478
180b13c9-9618-42df-91be-7c18b5cddcd0
https://hetreplus.ch/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://hetreplus.ch/180b13c9-9618-42df-91be-7c18b5cddcd0
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v19/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CMontserrat%3A400%7CDroid+Serif%3A400&ver=6.5.2#038;subset&display=block
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://hetreplus.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:30:02 GMT
x-content-type-options
nosniff
age
463025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22476
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:19:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Apr 2025 14:30:02 GMT
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v18/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CMontserrat%3A400%7CDroid+Serif%3A400&ver=6.5.2#038;subset&display=block
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://hetreplus.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 13:55:45 GMT
x-content-type-options
nosniff
age
465082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21224
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:04:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Apr 2025 13:55:45 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CMontserrat%3A400%7CDroid+Serif%3A400&ver=6.5.2#038;subset&display=block
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://hetreplus.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 05:32:59 GMT
x-content-type-options
nosniff
age
322448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14940
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:46:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Apr 2025 05:32:59 GMT
north-icons.ttf
hetreplus.ch/wp-content/themes/siteorigin-north/css/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-content/themes/siteorigin-north/css/fonts/north-icons.ttf
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/wp-content/themes/siteorigin-north/css/north-icons.min.css?ver=1.20.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
f42ae1a044afa3e621e07d09c34048657fec35a9a4e40c726943db6532f19502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/wp-content/themes/siteorigin-north/css/north-icons.min.css?ver=1.20.1
Origin
https://hetreplus.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
last-modified
Wed, 27 Dec 2023 15:42:16 GMT
server
nginx
etag
"658c45d8-c50"
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3152
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
hetreplus.ch/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by
Host: hetreplus.ch
URL: https://hetreplus.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:17 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Fri, 12 Apr 2024 16:04:09 GMT
server
nginx
etag
W/"66195b79-4926"
content-type
application/javascript
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404100101/ 		408 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404100101/show_ads_impl_fy2021.js?bust=31082672
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
6a0eb18ab7485a93222dd070540565ab2457d1a14f8d48395bf5c0126b1e378e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141615
x-xss-protection
0
server
cafe
etag
12569446831825502501
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 Apr 2024 23:07:07 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1A5F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2773595138859437&output=html&adk=1812271804&adf=3025194257&lmt=1713049627&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhetreplus.ch%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuMTIyIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjMuMC42MzEyLjEyMiJdLFsiTm90OkEtQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyMy4wLjYzMTIuMTIyIl1dLDBd&dt=1713049627695&bpp=4&bdt=221&idt=107&shv=r20240410&mjsv=m202404100101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1253908965773&frm=20&pv=2&ga_vid=158437511.1713049628&ga_sid=1713049628&ga_hid=222667566&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44795922%2C95330161%2C31082672%2C95322195%2C31082144&oid=2&pvsid=2756963533718113&tmod=1406208686&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=123
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404100101/show_ads_impl_fy2021.js?bust=31082672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://hetreplus.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Apr 2024 23:07:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240410&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404100101/show_ads_impl_fy2021.js?bust=31082672
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
a9689458785daf70d1e5966812143ed7dc2d225fbc7720845631fdecbc5335b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12204
x-xss-protection
0
favicon.ico
hetreplus.ch/ 		548 B
611 B 		Other
General
Check archive.org
Download Go to
Full URL
https://hetreplus.ch/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.171.241.80 Emmenbrücke, Switzerland, ASN50837 (CLOUDSIGMA-AS, CH),
Reverse DNS
web1.ecodev.ch
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:18 GMT
server
nginx
content-length
548
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404100101/show_ads_impl_fy2021.js?bust=31082672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://hetreplus.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 23:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 13 Apr 2024 23:07:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C1C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://hetreplus.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
58863
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 13 Apr 2024 06:46:05 GMT
expires
Sun, 13 Apr 2025 06:46:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AFA5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-87fAJy6a4_SkcExbZButFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://hetreplus.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-87fAJy6a4_SkcExbZButFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 13 Apr 2024 23:07:08 GMT
expires
Sat, 13 Apr 2024 23:07:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240410&jk=2756963533718113&bg=!pKelp-jNAAbi8lI9wvI7ADQBe5WfOJzY9z0XpEna1blMecvpyvO-RGh8UTVciOhGsQMofI2abLF8DrkVZNr7tK5Xa7w7AgAAACFSAAAAAmgBB34ANbZk_vLgaGBNQWt_xr2yjXXF0U686WF_0CX2lGUxopOitHVN3DBEwecWtakF8QIISzFJYWGRCgAr5DfaVxiIRGjdTtLCePpIsynrrD6NvEqiyWQrwbRNNkZsyBNh5xz0r8gGspkCk5Zdv6IHraiMrIJmMSUI_72yvpBXLm_mRZKM5iqwraqF7iKATdiwXMeQLFZco8si2MKVFZzgEucRbk9DVdH-sfw4vRrW_aUTxNr3b9B0JbHTNv1LwNFISYPBZfHtgx6u6WBP2d2baJ_R0Ul4mNNoG4NIuBn_ILG4olCExqPOQh-no6Jx-A-1Kn4GM7ICcgaPRAkOhbtKPHL0WcK6QpwSuMuxaKiKX1Z3mTOsclkaZwVSVffGqZiPcQE3llmrFz9GoPs3ArnyZaDK33TYFXJQlKkgEzr5ObiYf6n5fv4iLEqunx-Wk7MkaFEWoW-BFAFZcOtyc879avS3zypq6n3dZh-JQ8BlQ9TdI8t89nKzdTaccGVLnqkHZLRqKhDQmL79zQtGnH7m_KBjDiKa_AbOO3IQFxSNkCZ3mP-pS_XueJOUa8wqFTOEAkwHtwxAwwuBp9hY5rTLB4b6RBW3ggVUMdWnTMwkIYDK-C1OH3cpaxUiBU-jjtKiGCwzEDGy2G8wJas0d8F6WcpSGAojMBod51FcXoKSHLR1IkYam5ZZPyXJraYMZ5NfPyLQz2QnltxHvjHPJuVo7df3XX492s0iLsvuzQNu-O2tVhf-gB4AE1eJmKZPKZzpjoeJKLwZFR2nrAPeosP4PNnactd-40F7p7-D6ifYp6TRwMG4Z6UHPIVT7KCut6b3MLy4QHJAaAs0kg33cbNqoFPorUDgaqGHByLiYGXn55DRUhKANKEzUZL-4lEIrw-IDQzKMELp1L9rwhtRA0BoRKLCljjoYJT6Rn-IcSp07HMs14E45ixXXVPe4uK3XC8sLo53eCgJMN6a1vnR9GYLRwPzCWSHWO1rPu_v8QzV2UGZfEGYgyeofqc3VvOZ

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpemojiSettings undefined| $ function| jQuery object| WP_Statistics_Tracker_Object object| siteoriginNorth object| twemoji object| wp object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
other warning URL: https://hetreplus.ch/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://hetreplus.ch/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hetreplus.ch
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
pagead2.googlesyndication.com
142.250.186.162
142.250.186.68
216.58.206.66
2a00:1450:4001:80e::2003
2a00:1450:4001:829::200a
2a00:1450:4001:830::2001
31.171.241.80
0b4297d560552dee2466d861c64dbfca112ba8c10613a7dbb88132e2a78ee8ec
1ebbdcd8e713f44ee60a9d3f8ca295b8bfa9beae9b6227bd8550178d34851dc6
2502aaa69b971abe3437c8d3c5f4fc8c3b5e955df55d47f9dbdc693f8df03cdb
310a3fec331a2c946ac3b89585aaae8033d5b0326693a926f9b4a844f588ff4d
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4e7d502f3b3986ff3360391418a1062d96b466d78562fab9d0e9d4f02c8ed938
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a0eb18ab7485a93222dd070540565ab2457d1a14f8d48395bf5c0126b1e378e
6ef6ab8670c9c6b4b6e4a93a10a88b10a5acea08ffcc77db6b8dad54d95bc30e
70dc3c1e3be54cfb73f46b4f61ef02db03d7db587dd851c8b1f4e3959cda6db0
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
95d999253497d7e4e11a72502a6567ccd8ba322f574e70f0d4b01f1239755f0c
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a9689458785daf70d1e5966812143ed7dc2d225fbc7720845631fdecbc5335b6
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d5bfb507b218725f81ee3c21fc30c0a0bb1be3ec607bc3c51f40e1b14676144d
d8e9434d0a5ec1fc73872f2d3af476b174ecf6720fd4a1f296fc4f814cc7138f
ddd1457c7b0044b4562aa5c45324b2d419f8f779573305ce8acfe9cffe0fa196
f42ae1a044afa3e621e07d09c34048657fec35a9a4e40c726943db6532f19502
f796abd7314e4ebacdb480fbac6f09f75b1c3a2c1355850ed0fc7d81a74c56e9