urlscan.io logo urlscan.io
SecurityTrails logo

www.cembra.ch Open in urlscan Pro
193.223.58.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.moneyprotect.ch/
Effective URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Submission: On January 22 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 16 domains to perform 52 HTTP transactions. The main IP is 193.223.58.9, located in Switzerland and belongs to SWISSCOM Swisscom (Switzerland) Ltd, CH. The main domain is www.cembra.ch.
TLS certificate: Issued by SwissSign EV Gold CA 2014 - G22 on September 3rd 2019. Valid for: 2 years.
This is the only time www.cembra.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a01:ab20:0:2... 47302 (CYON)
1 23 193.223.58.9 3303 (SWISSCOM ...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 84.200.5.215 31400 (ACCELERAT...)
1 172.217.22.34 15169 (GOOGLE)
1 65.9.73.2 16509 (AMAZON-02)
1 65.9.73.70 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.73.103 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.252.74.75 16509 (AMAZON-02)
2 212.48.120.130 8893 (ARTFILES-...)
2 5 37.157.2.234 198622 (ADFORM)
2 37.157.6.234 198622 (ADFORM)
1 2 159.69.70.9 24940 (HETZNER-AS)
2 94.130.16.67 24940 (HETZNER-AS)
52 21
1    2a01:ab20:0:203::1:245 (Switzerland)

ASN47302 (CYON, CH)
www.moneyprotect.ch
23    193.223.58.9 (Switzerland)

ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH)
www.cembra.ch
3    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
tc.connects.ch
www.lacmp.net
1    172.217.22.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f34.1e100.net
www.googleadservices.com
1    65.9.73.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
1    65.9.73.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
script.hotjar.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    65.9.73.103 (Seattle, United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
1    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    34.252.74.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-74-75.eu-west-1.compute.amazonaws.com
in.hotjar.com
2    212.48.120.130 (Germany)

ASN8893 (ARTFILES-AS Zirkusweg 1, DE)
PTR: lb.usemaxserver.de
www.usemaxserver.de
5    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
2    159.69.70.9 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de
ad.ad-srv.net
2    94.130.16.67 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: veramedia1.timmeserver.de
cembra.rt.bly.ch
Domain Requested by
23 www.cembra.ch 1 redirects www.cembra.ch
5 track.adform.net 2 redirects track.adform.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com www.cembra.ch
www.googletagmanager.com
2 cembra.rt.bly.ch www.cembra.ch
cembra.rt.bly.ch
2 ad.ad-srv.net 1 redirects www.cembra.ch
2 s2.adform.net www.cembra.ch
2 www.usemaxserver.de www.cembra.ch
www.usemaxserver.de
2 www.google.de www.cembra.ch
2 www.google.com www.cembra.ch
1 www.lacmp.net tc.connects.ch
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 tc.connects.ch www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.moneyprotect.ch 1 redirects
0 ad.53rv3r.com Failed www.cembra.ch
52 21
Subject Issuer Validity Valid
www.cembra.ch
SwissSign EV Gold CA 2014 - G22		 2019-09-03 -
2021-09-03		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
tc.connects.ch
Let's Encrypt Authority X3		 2020-11-24 -
2021-02-22		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
www.lacmp.net
Let's Encrypt Authority X3		 2020-11-24 -
2021-02-22		 3 months crt.sh
usemaxserver.de
Sectigo RSA Domain Validation Secure Server CA		 2020-06-22 -
2021-06-22		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
ad-srv.net
R3		 2020-12-21 -
2021-03-21		 3 months crt.sh
cembra.rt.bly.ch
R3		 2020-12-17 -
2021-03-17		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Frame ID: 2E2DF60945F4247D0C793A6145C3B36A
Requests: 45 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 309FAD49B1E1FE66738A3DD50BF95678
Requests: 1 HTTP requests in this frame

Frame: https://www.usemaxserver.de/d.php?campaign_id=48138&ext_domain=1&rt=1&place=1&cachebuster=1611337059&gdpr=0&gdpr_consent=
Frame ID: A31BC93C66B3D81CDED3CBD378249F35
Requests: 4 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=32173&version=1&gdpr=0&gdpr_consent=&redirected=1
Frame ID: 3D4B1AABD36B32AE7CFAE59574CCAF20
Requests: 1 HTTP requests in this frame

Frame: https://www.usemaxserver.de/rt.php?campaign_id=48138&iframe=1&ext_domain=1&place=1&product_id=&checkout_amount=&checkout_order_id=&referrer=&host=www.cembra.ch&loc=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop&iframe=1&k0=0&ci=
Frame ID: 0301E86D213674DB8DFBD0807616A6BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.moneyprotect.ch/ HTTP 302
    http://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop HTTP 301
    https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

52
Requests

98 %
HTTPS

43 %
IPv6

16
Domains

21
Subdomains

21
IPs

6
Countries

941 kB
Transfer

1984 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.moneyprotect.ch/ HTTP 302
    http://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop HTTP 301
    https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Request Chain 42
  • https://ad.ad-srv.net/retarget?a=32173&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.ad-srv.net/retarget?a=32173&version=1&gdpr=0&gdpr_consent=&redirected=1
Request Chain 48
  • https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.cembra.ch/de/versicherungen/moneyprotect/
Redirect Chain
  • https://www.moneyprotect.ch/
  • http://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
  • https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
84a94daad74dbb66f4bdd2b2af0c29f76f6c52e80f82e00ab4605ce509038838

Request headers

Host
www.cembra.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Set-Cookie
ASP.NET_SessionId=pqihhgyppumxrgsylbggkw41; domain=.cembra.ch; path=/; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=b83e60ff769a41e59ec59d15d1f123a9; domain=.cembra.ch; expires=Wed, 22-Jan-2031 17:37:38 GMT; path=/; HttpOnly SC_ANALYTICS_SESSION_COOKIE=C81BB9806001487F993E0AA73C3D9C8E|1|pqihhgyppumxrgsylbggkw41; domain=.cembra.ch; path=/; HttpOnly
Date
Fri, 22 Jan 2021 17:37:38 GMT
Content-Length
9072

Redirect headers

Location
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Connection
close
Content-Length
0
4c195d2e6e5f51da4dfc4d27d63b832d.css
www.cembra.ch/frontend/CembraInternet/ 		121 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
074ee7d9af96b7ef9fd2dc36f088692148f6720caa26331beea45565a141675b

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Content-Encoding
gzip
X-Wf-1-Plugin-1
http://meta.firephp.org/Wildfire/Plugin/FirePHP/Library-FirePHPCore/0.3
X-Wf-1-Structure-1
http://meta.firephp.org/Wildfire/Structure/FirePHP/FirebugConsole/0.1
X-Wf-Protocol-1
http://meta.wildfirehq.org/Protocol/JsonStream/0.2
X-Wf-1-Index
1
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
X-Wf-1-1-1-1
157|[{"Type":"ERROR","File":"Cembra.Internet.Core.Helpers.get_MobileSwitchDevice","Line":34}, "An error occured while trying to retrieve the MobileDevice Type."]|
Content-Length
28281
Cache-Control
public, no-cache="Set-Cookie", max-age=3153600
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-44646576-1
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d0466461121a29f279b9fac2fff3d3821ceb023e15b231dbbe62675989dfedd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 17:37:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39538
x-xss-protection
0
last-modified
Fri, 22 Jan 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Jan 2021 17:37:38 GMT
jquery-1.10.2.min.js
www.cembra.ch/assets/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/js/jquery-1.10.2.min.js
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
cd8f413e39247d48ea354b8fb11c227e72f641403bd8d4dd81cd7473d60daafb

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2017 15:10:36 GMT
ETag
"07ecb1e102bd31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
32884
cembra-logo-de.png
www.cembra.ch/~/media/images/logo/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/~/media/images/logo/cembra-logo-de.png?h=142&la=de&w=117
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
c24dcfeadf125fb1c0a94cfb27a134044404f176bbd05d0dfc45b098cd6d910d

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 03 Feb 2020 09:42:57 GMT
Content-Type
image/png
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="Cembra-Logo-DE.png"
Accept-Ranges
bytes
Content-Length
17654
Expires
Fri, 29 Jan 2021 17:37:38 GMT
versicherung_cembra_moneyprotect_stage.jpg
www.cembra.ch/~/media/images/content-stage/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/~/media/images/content-stage/versicherung_cembra_moneyprotect_stage.jpg?h=350&la=de&mh=350&mw=980&w=980
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
75d653fc1087d8611e3bd793cae4913d318c6d8790477f335eee9658e0e4a684

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Fri, 31 Jan 2020 08:18:43 GMT
Content-Type
image/jpeg
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="Versicherung_Cembra_MoneyProtect_Stage.jpg"
Accept-Ranges
bytes
Content-Length
69524
Expires
Fri, 29 Jan 2021 17:37:38 GMT
icon-phone-new.png
www.cembra.ch/~/media/images/icons/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/~/media/images/icons/icon-phone-new.png?h=25&la=de&w=25
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
10da79411e1130d7ea692b2749ec94707427c1942ed3dac5dc379b36950a573d

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Fri, 02 May 2014 08:49:12 GMT
Content-Type
image/png
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="icon-phone-new.png"
Accept-Ranges
bytes
Content-Length
45555
Expires
Fri, 29 Jan 2021 17:37:39 GMT
b473e944cbd1211230481a50058b51cd.js
www.cembra.ch/frontend/CembraInternet/ 		246 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/frontend/CembraInternet/b473e944cbd1211230481a50058b51cd.js
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
377288b6ae21e0efe06097bac9591f3419832f65ffea861be78bfda7940fe1f9

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Content-Encoding
gzip
X-Wf-1-Plugin-1
http://meta.firephp.org/Wildfire/Plugin/FirePHP/Library-FirePHPCore/0.3
X-Wf-1-Structure-1
http://meta.firephp.org/Wildfire/Structure/FirePHP/FirebugConsole/0.1
X-Wf-Protocol-1
http://meta.wildfirehq.org/Protocol/JsonStream/0.2
X-Wf-1-Index
1
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Wf-1-1-1-1
157|[{"Type":"ERROR","File":"Cembra.Internet.Core.Helpers.get_MobileSwitchDevice","Line":34}, "An error occured while trying to retrieve the MobileDevice Type."]|
Transfer-Encoding
chunked
Cache-Control
public, max-age=3153600
gtm.js
www.googletagmanager.com/ 		256 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PSPLZHK
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eec1cfeb8d91a98397d2a1742e98ddc26bfbe9da3a0ef1563490391bb4d33273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 17:37:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70601
x-xss-protection
0
last-modified
Fri, 22 Jan 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Jan 2021 17:37:38 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-44646576-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1086
date
Fri, 22 Jan 2021 17:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 22 Jan 2021 19:19:32 GMT
e-service-btn-bg.gif
www.cembra.ch/assets/img/ 		483 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/assets/img/e-service-btn-bg.gif
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
7d27b0773218a2b41b6b4bcc9f8d5293a0a202485ab77eef8d1aa7f7974230d4

Request headers

Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
483
Content-Type
image/gif
main-nav-left.png
www.cembra.ch/assets/img/ 		171 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/assets/img/main-nav-left.png
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
f2ab4717112bb6cec5a44bd964b34f3e3bbc8b716465e4a3171ddc0fd382b3a3

Request headers

Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
171
Content-Type
image/png
main-nav-right.png
www.cembra.ch/assets/img/ 		316 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/assets/img/main-nav-right.png
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
0afb4fde1f2f00dd8d6562f005283d54e6b873c6bc912fa74acfceec176ee572

Request headers

Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
316
Content-Type
image/png
breadcrumb-home-icon.png
www.cembra.ch/assets/img/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/assets/img/breadcrumb-home-icon.png
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
f3f61fedb6d55ac553b12a6d5ce5ecd3843a233e0cc6b85f5b41ac9d514464d0

Request headers

Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
45549
Content-Type
image/png
breadcrumb-arrow.png
www.cembra.ch/assets/img/ 		174 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/assets/img/breadcrumb-arrow.png
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
d15a385b602d655ccbbed76d451d34d43f1e5e5b942c76a5d74d2d68e16e3701

Request headers

Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
174
Content-Type
image/png
trick-new.png
www.cembra.ch/assets/img/ 		173 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/assets/img/trick-new.png
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
412a1f253ef22fb0e6046de7b17684da90c337a69ffe577ef7bd73d2905c9771

Request headers

Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
173
Content-Type
image/png
button-green.png
www.cembra.ch/assets/img/ 		301 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/assets/img/button-green.png
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
ca177b0ffccaabd35197da40dd7f89fa34b4db2535e04e25b663d09c7a95f016

Request headers

Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
301
Content-Type
image/png
icon-pdf-new.png
www.cembra.ch/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/assets/img/icon-pdf-new.png
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
8963ba9f02e3ad9c5314dfb832b1ed1a2fc980b6ff9fcaeef0647e55004c697e

Request headers

Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
3115
Content-Type
image/png
vistasansmed-071211005EmigreWebOnly.woff
www.cembra.ch/assets/font/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/font/vistasansmed-071211005EmigreWebOnly.woff
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
50d50ec65d40e0664170d9ccbb982fa8f483ef714ecd7d519914e2032ef3c4f4

Request headers

Origin
https://www.cembra.ch
Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
32284
Content-Type
font/x-woff
vistaslab-med-071211005EmigreWebOnly.woff
www.cembra.ch/assets/font/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/font/vistaslab-med-071211005EmigreWebOnly.woff
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
8316bfcbdb0b5eaac530bf0dda7c90ccac7babbc43314533d3209aba0fcd6672

Request headers

Origin
https://www.cembra.ch
Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
36076
Content-Type
font/x-woff
vistaslab-book-071211001EmigreWebOnly.woff
www.cembra.ch/assets/font/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/font/vistaslab-book-071211001EmigreWebOnly.woff
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
5f636f3e95d09d3a339033f986b09d3ee20cdef5d710904726d96e1defe21411

Request headers

Origin
https://www.cembra.ch
Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
34988
Content-Type
font/x-woff
vistasansbook-071211005EmigreWebOnly.woff
www.cembra.ch/assets/font/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/font/vistasansbook-071211005EmigreWebOnly.woff
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
b37a9db57ad291741c5a43f24d69e73bd672e47034dd6f8e28599fb907abb768

Request headers

Origin
https://www.cembra.ch
Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
32344
Content-Type
font/x-woff
vistasansbold-071211005EmigreWebOnly.woff
www.cembra.ch/assets/font/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/font/vistasansbold-071211005EmigreWebOnly.woff
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
9b345a79c9926e0f500391903bae002eedf407258683191c84669c448e1bcf3a

Request headers

Origin
https://www.cembra.ch
Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
32976
Content-Type
font/x-woff
vistasansaltbook-071211005EmigreWebOnly.woff
www.cembra.ch/assets/font/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/font/vistasansaltbook-071211005EmigreWebOnly.woff
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
da6ce24f7addc1668a731f21390975af1f6c28d9462dd56a124473ec836c61b9

Request headers

Origin
https://www.cembra.ch
Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
32904
Content-Type
font/x-woff
vistaslabalt-book-071211001EmigreWebOnly.woff
www.cembra.ch/assets/font/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/font/vistaslabalt-book-071211001EmigreWebOnly.woff
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
Software
/
Resource Hash
dcf18d23ac6772b18679a140693cd90bec910061dbededafb26e3f72b56a01ea

Request headers

Origin
https://www.cembra.ch
Referer
https://www.cembra.ch/frontend/CembraInternet/4c195d2e6e5f51da4dfc4d27d63b832d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 17:37:38 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
34704
Content-Type
font/x-woff
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1924247106&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop&ul=en-us&de=UTF-8&dt=MoneyProtect&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1350668224&gjid=528798587&cid=523826793.1611337059&tid=UA-44646576-1&_gid=1278768543.1611337059&_r=1&gtm=2ou1d0&z=1171141363
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 17:37:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cembra.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-44646576-1&cid=523826793.1611337059&jid=1350668224&gjid=528798587&_gid=1278768543.1611337059&_u=IEBAAUAAAAAAAC~&z=619477208
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 22 Jan 2021 17:37:39 GMT
content-type
text/plain
access-control-allow-origin
https://www.cembra.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-44646576-1&cid=523826793.1611337059&jid=1350668224&_u=IEBAAUAAAAAAAC~&z=191429984
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 17:37:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-44646576-1&cid=523826793.1611337059&jid=1350668224&_u=IEBAAUAAAAAAAC~&z=191429984
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 17:37:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		137 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z8ESKZNZ33&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-44646576-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b371b4470c27bb584ee80b930044be9dc2f9b725a1f4aad9b3006ce143bcb3d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 17:37:39 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53445
x-xss-protection
0
expires
Fri, 22 Jan 2021 17:37:39 GMT
lila.js
tc.connects.ch/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tc.connects.ch/lila.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPLZHK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),
Reverse DNS
Software
nginx /
Resource Hash
2bbd412bfc6e2aefaee5cf0648ad34e5ae55f21b7baec795169ad9d1a5361883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 17:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 13:24:42 GMT
server
nginx
etag
W/"5f7c701a-3f97"
content-type
application/javascript
x-xss-protection
1; mode=block
conversion_async.js
www.googleadservices.com/pagead/ 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPLZHK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s16-in-f34.1e100.net
Software
cafe /
Resource Hash
ffa682ba1e70b0d1ce4bac0d3b9a2e1dc8f06d307df6254096beaa4551e2f5fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 17:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12193
x-xss-protection
0
server
cafe
etag
12229457171550589843
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Jan 2021 17:37:39 GMT
hotjar-1451276.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1451276.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPLZHK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ab0a4027ced24393fcb9ae430e96d92a0d98272ce4c64caa3583339f54a30db2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 17:37:39 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
AMS1-C1
etag
W/08659779d624aef07a1cce6def89a90a
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
content-length
1618
via
1.1 254622ebfed5feb6e2d8380b3f9c4c10.cloudfront.net (CloudFront)
x-amz-cf-id
-HWZZ4OO6ShpxvmvzBRaE2ci8ln6Fy7EI2mSmGW1l-3d0A0lW_MNIQ==
collect
www.google-analytics.com/g/ 		0
46 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z8ESKZNZ33&gtm=2oe1d0&_p=1924247106&sr=1600x1200&ul=en-us&cid=523826793.1611337059&_s=1&dl=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop&dr=&dt=MoneyProtect&sid=1611337059&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z8ESKZNZ33&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 17:37:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cembra.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.59fae23e8e8310b9fca6.js
script.hotjar.com/ 		223 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.59fae23e8e8310b9fca6.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1451276.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
05cd215b7b218de7ab7c87c2b051c3be0d336780bbd627df696563580d5de2c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 16:25:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
4311
x-cache
Hit from cloudfront
content-length
59724
access-control-allow-origin
*
last-modified
Fri, 22 Jan 2021 16:22:44 GMT
etag
"474bf4f62df1bb58f039e2f05cbd9062"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
j0Qy2N-DxWRIIwxeGilGay1UMBtwFXsgGwCZkjo6YeVVkaCnrlJGYg==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/765886240/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765886240/?random=1611337059239&cv=9&fst=1611337059239&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop&tiba=MoneyProtect&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b40ff4ffd335badb2d315e11de3e7896e72dac4c78d07c5fde98fe1880d2ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 17:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1025
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 309F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1451276.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop

Response headers

content-type
text/html
content-length
851
date
Fri, 08 Jan 2021 17:55:07 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Fri, 08 Jan 2021 15:18:59 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
pZcy3j_UFNHS01HN3bgnPdpwC-y5wgemNHH5Slf2J57i13g3_cc9eg==
age
1208552
/
www.google.com/pagead/1p-user-list/765886240/ 		42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/765886240/?random=1611337059239&cv=9&fst=1611334800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&frm=0&url=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop&tiba=MoneyProtect&async=1&fmt=3&is_vtc=1&random=1898014670&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 17:37:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/765886240/ 		42 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/765886240/?random=1611337059239&cv=9&fst=1611334800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1d0&sendb=1&frm=0&url=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop&tiba=MoneyProtect&async=1&fmt=3&is_vtc=1&random=1898014670&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 17:37:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/1451276/ 		152 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1451276/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.59fae23e8e8310b9fca6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.74.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-74-75.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 22 Jan 2021 17:37:39 GMT
content-encoding
br
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
lila.php
www.lacmp.net/ 		15 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lacmp.net/lila.php?id=q1efspMzXUBoFQVBREdl&url=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop&frameit=1&module=Profiling&event=PageView
Requested by
Host: tc.connects.ch
URL: https://tc.connects.ch/lila.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),
Reverse DNS
Software
nginx /
Resource Hash
ae85c77b17535441b2ce8209702e8ed47494ba7e919febc6fb5a7e73f14c6283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Jan 2021 17:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
d.php
www.usemaxserver.de/ Frame A31B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usemaxserver.de/d.php?campaign_id=48138&ext_domain=1&rt=1&place=1&cachebuster=1611337059&gdpr=0&gdpr_consent=
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.48.120.130 , Germany, ASN8893 (ARTFILES-AS Zirkusweg 1, DE),
Reverse DNS
lb.usemaxserver.de
Software
Apache/2.4.25 (Debian) / PHP/5.6.40-39+0~20210112.43+debian9~1.gbpe0cf00
Resource Hash
6818fa9283392c2b05412ff302bef858e921e3e38b7859dc079c1a85f1531b92

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Jan 2021 17:37:39 GMT
Content-Encoding
gzip
Server
Apache/2.4.25 (Debian)
X-Powered-By
PHP/5.6.40-39+0~20210112.43+debian9~1.gbpe0cf00
Vary
Accept-Encoding
P3P
CP="NOI DEVa TAIa OUR BUS UNI"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Type
application/javascript
Keep-Alive
timeout=3, max=70
Content-Length
628
Expires
Sun, 01 Jan 2014 00:00:00 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame A31B
Redirect Chain
  • https://track.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 17:37:39 GMT
content-encoding
gzip
last-modified
Mon, 18 Jan 2021 11:55:12 GMT
server
nginx
etag
W/"60057720-13dce"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Fri, 22 Jan 2021 17:37:39 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
Cookie set retarget
ad.ad-srv.net/ Frame 3D4B
Redirect Chain
  • https://ad.ad-srv.net/retarget?a=32173&version=1&gdpr=0&gdpr_consent=
  • https://ad.ad-srv.net/retarget?a=32173&version=1&gdpr=0&gdpr_consent=&redirected=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/retarget?a=32173&version=1&gdpr=0&gdpr_consent=&redirected=1
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

Host
ad.ad-srv.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
kdb0xdq3ls8m_uid=4528755cb03cc824
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop

Response headers

Date
Fri, 22 Jan 2021 17:37:39 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie
kdb0xdq3ls8m_uid=4528755cb03cc824; expires=Thu, 22-Apr-2021 17:37:39 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1096
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 22 Jan 2021 17:37:39 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie
kdb0xdq3ls8m_uid=4528755cb03cc824; expires=Thu, 22-Apr-2021 17:37:39 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Location
?a=32173&version=1&gdpr=0&gdpr_consent=&redirected=1
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
track_js.php
ad.53rv3r.com/ Frame A31B 		0
0
/
cembra.rt.bly.ch/ 		787 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cembra.rt.bly.ch/?place=1&cachebooster=0.06794252771352371&sourceURL=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
veramedia1.timmeserver.de
Software
nginx /
Resource Hash
aac82e607f37684e94fe522680c39d0baaba5231314ee73f2d39c8b68283895f

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 17:37:39 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
x-bly-info
Opt Out under https://www.bly.ch/opt-out/
cache-control
no-store, no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
expires
Thu, 19 Nov 1981 08:52:00 GMT
rt.php
www.usemaxserver.de/ Frame 0301 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.usemaxserver.de/rt.php?campaign_id=48138&iframe=1&ext_domain=1&place=1&product_id=&checkout_amount=&checkout_order_id=&referrer=&host=www.cembra.ch&loc=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop&iframe=1&k0=0&ci=
Requested by
Host: www.usemaxserver.de
URL: https://www.usemaxserver.de/d.php?campaign_id=48138&ext_domain=1&rt=1&place=1&cachebuster=1611337059&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.48.120.130 , Germany, ASN8893 (ARTFILES-AS Zirkusweg 1, DE),
Reverse DNS
lb.usemaxserver.de
Software
Apache/2.4.25 (Debian) / PHP/5.6.40-39+0~20210112.43+debian9~1.gbpe0cf00
Resource Hash

Request headers

Host
www.usemaxserver.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
um_rt=1856314414; ident_v=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop

Response headers

Date
Fri, 22 Jan 2021 17:37:39 GMT
Server
Apache/2.4.25 (Debian)
X-Powered-By
PHP/5.6.40-39+0~20210112.43+debian9~1.gbpe0cf00
P3P
CP="NOI DEVa TAIa OUR BUS UNI"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
461
Keep-Alive
timeout=3, max=69
Connection
Keep-Alive
Content-Type
text/html
blytm.js
cembra.rt.bly.ch/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cembra.rt.bly.ch/blytm.js?id=
Requested by
Host: cembra.rt.bly.ch
URL: https://cembra.rt.bly.ch/?place=1&cachebooster=0.06794252771352371&sourceURL=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.16.67 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
veramedia1.timmeserver.de
Software
nginx /
Resource Hash
3400de1b3b6ea0dc50c17102c3b3d163f96b6fb9a4b7af20548fe9cea59db816

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 17:37:39 GMT
content-encoding
br
last-modified
Fri, 22 Jan 2021 16:55:07 GMT
server
nginx
etag
W/"600b036b-18374"
vary
Accept-Encoding
content-type
application/javascript
cross-origin-resource-policy
cross-origin
/
track.adform.net/Serving/TrackPoint/ Frame A31B 		104 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=1586314&ADFPageName=Home&ADFdivider=%7C&ord=691936644323&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a84de6fef8be9a33b67862bd1c490e8989ce5cf9411421db5f5e6843b0fde20b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 17:37:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
179
expires
-1
trackpoint-async.js
s2.adform.net/banners/scripts/st/
Redirect Chain
  • https://track.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 17:37:40 GMT
content-encoding
gzip
last-modified
Mon, 18 Jan 2021 11:55:12 GMT
server
nginx
etag
W/"60057720-13dce"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Fri, 22 Jan 2021 17:37:40 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
/
track.adform.net/Serving/TrackPoint/ 		108 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=1587168&ADFPageName=PageView&ADFdivider=%7C&ord=155253810977&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
da81433637652bc0d7b2be0b767163d0d657ade80a1d3e783619e13c3bb534d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 17:37:40 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
183
expires
-1
/
track.adform.net/Serving/TrackPoint/ 		111 B
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=1587168&ADFPageName=DE_PageView&ADFdivider=%7C&ord=204472644216&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.cembra.ch%2Fde%2Fversicherungen%2Fmoneyprotect%2F%3Fdisplay%3Ddesktop
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cf93efa35a4ff9e49180ffa46225b9a50a21e3eef109f9b19bc91a4893adce80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cembra.ch/de/versicherungen/moneyprotect/?display=desktop
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 17:37:40 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
187
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.53rv3r.com
URL
https://ad.53rv3r.com/track_js.php?t=3931730928

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| gtag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery boolean| isContactForm object| gaplugins object| gaGlobal object| gaData function| SetValidationClass object| Tc object| Form boolean| enableSlider string| slideMode function| Class object| jQuery110207995215149791604 function| iFrameResize boolean| flg function| postscribe object| _lea function| hj object| _hjSettings function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| ready object| lea function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| lea_param_name string| lea_cookie_name string| lea_cookie_name_pv object| lea_ca string| lea_res number| lea_type string| c number| expiresIn number| expiresInPv number| setSameSiteAttr object| browsers string| userbrowser string| useragent number| setcookie object| raw number| version object| lea_regex object| lea_results string| lea_sid undefined| secure_tracking undefined| yyyy undefined| mm undefined| dd undefined| hh undefined| ss undefined| msms undefined| cookie_set_date undefined| res_klickzeit undefined| split undefined| existing_cookie_date undefined| actual_date undefined| lea_d undefined| runtime undefined| cookie_expires_date undefined| cookie_expires_date_instance string| lea_test undefined| tcstring function| determineAdroxAssignedParameter function| playoutPixels number| random object| leaDeleteArray number| bly_place object| s undefined| bly_script undefined| bly_rt_script object| _adftrack object| Adform object| KJUR object| adf

15 Cookies

Domain/Path Name / Value
www.cembra.ch/ Name: _hjIncludedInSessionSample
Value: 1
.cembra.ch/ Name: _hjAbsoluteSessionInProgress
Value: 0
.cembra.ch/ Name: _hjFirstSeen
Value: 1
.cembra.ch/ Name: ASP.NET_SessionId
Value: pqihhgyppumxrgsylbggkw41
.cembra.ch/ Name: _hjid
Value: fdc0f11c-647e-4168-9413-0a14c52602d3
.cembra.ch/ Name: _gid
Value: GA1.2.1278768543.1611337059
.cembra.ch/ Name: _ga
Value: GA1.1.523826793.1611337059
www.cembra.ch/ Name: _hjIncludedInPageviewSample
Value: 1
.cembra.ch/ Name: cembra_main#lang
Value: en
.cembra.ch/ Name: _ga_Z8ESKZNZ33
Value: GS1.1.1611337059.1.0.1611337059.0
.cembra.ch/ Name: _gat_gtag_UA_44646576_1
Value: 1
.cembra.ch/ Name: _gcl_au
Value: 1.1.1814502872.1611337059
.cembra.ch/ Name: SC_ANALYTICS_SESSION_COOKIE
Value: C81BB9806001487F993E0AA73C3D9C8E|1|pqihhgyppumxrgsylbggkw41
.cembra.ch/ Name: _hjTLDTest
Value: 1
.cembra.ch/ Name: SC_ANALYTICS_GLOBAL_COOKIE
Value: b83e60ff769a41e59ec59d15d1f123a9

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.cembra.ch/frontend/CembraInternet/b473e944cbd1211230481a50058b51cd.js(Line 38)
Message:
UELI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.53rv3r.com
ad.ad-srv.net
cembra.rt.bly.ch
googleads.g.doubleclick.net
in.hotjar.com
s2.adform.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tc.connects.ch
track.adform.net
vars.hotjar.com
www.cembra.ch
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.lacmp.net
www.moneyprotect.ch
www.usemaxserver.de
ad.53rv3r.com
159.69.70.9
172.217.22.34
193.223.58.9
212.48.120.130
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:802::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:817::2008
2a00:1450:4001:81f::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c0b::9b
2a01:ab20:0:203::1:245
34.252.74.75
37.157.2.234
37.157.6.234
65.9.73.103
65.9.73.2
65.9.73.70
84.200.5.215
94.130.16.67
05cd215b7b218de7ab7c87c2b051c3be0d336780bbd627df696563580d5de2c7
074ee7d9af96b7ef9fd2dc36f088692148f6720caa26331beea45565a141675b
0afb4fde1f2f00dd8d6562f005283d54e6b873c6bc912fa74acfceec176ee572
10da79411e1130d7ea692b2749ec94707427c1942ed3dac5dc379b36950a573d
2bbd412bfc6e2aefaee5cf0648ad34e5ae55f21b7baec795169ad9d1a5361883
3400de1b3b6ea0dc50c17102c3b3d163f96b6fb9a4b7af20548fe9cea59db816
377288b6ae21e0efe06097bac9591f3419832f65ffea861be78bfda7940fe1f9
412a1f253ef22fb0e6046de7b17684da90c337a69ffe577ef7bd73d2905c9771
50d50ec65d40e0664170d9ccbb982fa8f483ef714ecd7d519914e2032ef3c4f4
5f636f3e95d09d3a339033f986b09d3ee20cdef5d710904726d96e1defe21411
6818fa9283392c2b05412ff302bef858e921e3e38b7859dc079c1a85f1531b92
75d653fc1087d8611e3bd793cae4913d318c6d8790477f335eee9658e0e4a684
7d27b0773218a2b41b6b4bcc9f8d5293a0a202485ab77eef8d1aa7f7974230d4
8316bfcbdb0b5eaac530bf0dda7c90ccac7babbc43314533d3209aba0fcd6672
84a94daad74dbb66f4bdd2b2af0c29f76f6c52e80f82e00ab4605ce509038838
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8963ba9f02e3ad9c5314dfb832b1ed1a2fc980b6ff9fcaeef0647e55004c697e
9b345a79c9926e0f500391903bae002eedf407258683191c84669c448e1bcf3a
a84de6fef8be9a33b67862bd1c490e8989ce5cf9411421db5f5e6843b0fde20b
aac82e607f37684e94fe522680c39d0baaba5231314ee73f2d39c8b68283895f
ab0a4027ced24393fcb9ae430e96d92a0d98272ce4c64caa3583339f54a30db2
ae85c77b17535441b2ce8209702e8ed47494ba7e919febc6fb5a7e73f14c6283
b371b4470c27bb584ee80b930044be9dc2f9b725a1f4aad9b3006ce143bcb3d7
b37a9db57ad291741c5a43f24d69e73bd672e47034dd6f8e28599fb907abb768
c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2
c24dcfeadf125fb1c0a94cfb27a134044404f176bbd05d0dfc45b098cd6d910d
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858
ca177b0ffccaabd35197da40dd7f89fa34b4db2535e04e25b663d09c7a95f016
cd8f413e39247d48ea354b8fb11c227e72f641403bd8d4dd81cd7473d60daafb
cf93efa35a4ff9e49180ffa46225b9a50a21e3eef109f9b19bc91a4893adce80
d0466461121a29f279b9fac2fff3d3821ceb023e15b231dbbe62675989dfedd5
d15a385b602d655ccbbed76d451d34d43f1e5e5b942c76a5d74d2d68e16e3701
da6ce24f7addc1668a731f21390975af1f6c28d9462dd56a124473ec836c61b9
da81433637652bc0d7b2be0b767163d0d657ade80a1d3e783619e13c3bb534d0
dcf18d23ac6772b18679a140693cd90bec910061dbededafb26e3f72b56a01ea
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b40ff4ffd335badb2d315e11de3e7896e72dac4c78d07c5fde98fe1880d2ef
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eec1cfeb8d91a98397d2a1742e98ddc26bfbe9da3a0ef1563490391bb4d33273
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ab4717112bb6cec5a44bd964b34f3e3bbc8b716465e4a3171ddc0fd382b3a3
f3f61fedb6d55ac553b12a6d5ce5ecd3843a233e0cc6b85f5b41ac9d514464d0
ffa682ba1e70b0d1ce4bac0d3b9a2e1dc8f06d307df6254096beaa4551e2f5fc