urlscan.io logo urlscan.io
SecurityTrails logo

win.eksv.ch Open in urlscan Pro
5.75.247.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://win.eksv.ch/
Effective URL: https://win.eksv.ch/
Submission: On May 15 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 31 HTTP transactions. The main IP is 5.75.247.12, located in Germany and belongs to HETZNER-AS, DE. The main domain is win.eksv.ch.
TLS certificate: Issued by R3 on April 8th 2024. Valid for: 3 months.
This is the only time win.eksv.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 5.75.247.12 24940 (HETZNER-AS)
3 142.250.74.202 15169 (GOOGLE)
1 172.217.18.8 15169 (GOOGLE)
3 202.61.195.144 197540 (NETCUP-AS...)
2 104.126.37.160 20940 (AKAMAI-ASN1)
2 2.17.190.7 16625 (AKAMAI-AS)
31 7
20    5.75.247.12 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s30.be-on.dev
win.eksv.ch
3    142.250.74.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net
ajax.googleapis.com
1    172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net
www.googletagmanager.com
3    202.61.195.144 (Nuremberg, Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: s19.be-on.dev
matomo.be-on.de
2    104.126.37.160 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-160.deploy.static.akamaitechnologies.com
consent.cookiebot.com
2    2.17.190.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-190-7.deploy.static.akamaitechnologies.com
consentcdn.cookiebot.com
imgsct.cookiebot.com
Apex Domain
Subdomains		 Transfer
20 eksv.ch
win.eksv.ch
2 MB
4 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4164
consentcdn.cookiebot.com — Cisco Umbrella Rank: 4847
imgsct.cookiebot.com — Cisco Umbrella Rank: 4914
115 KB
3 be-on.de
matomo.be-on.de
40 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
106 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
68 KB
31 5
Domain Requested by
20 win.eksv.ch win.eksv.ch
3 matomo.be-on.de win.eksv.ch
matomo.be-on.de
3 ajax.googleapis.com win.eksv.ch
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
1 imgsct.cookiebot.com
1 consentcdn.cookiebot.com consent.cookiebot.com
1 www.googletagmanager.com win.eksv.ch
31 7

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
www.facebook.com
www.sbb.ch
www.instagram.com
www.youtube.com
www.tiktok.com
Subject Issuer Validity Valid
win.eksv.ch
R3		 2024-04-08 -
2024-07-07		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
matomo.be-on.de
R3		 2024-03-24 -
2024-06-22		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-28 -
2025-02-27		 a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-26		 a year crt.sh

This page contains 2 frames:

Primary Page: https://win.eksv.ch/
Frame ID: 690849C696F9908591E6D15CC51A7876
Requests: 31 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 306390CBAFD31E84DA11F88FD1082D3A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Glücksrad

Page URL History Show full URLs

  1. http://win.eksv.ch/ HTTP 307
    https://win.eksv.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

31
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

2650 kB
Transfer

3533 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://win.eksv.ch/ HTTP 307
    https://win.eksv.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
win.eksv.ch/
Redirect Chain
  • http://win.eksv.ch/
  • https://win.eksv.ch/
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
bfa90721a874e3afea0932839615c79d9032801f40e5501ebdabdb6ac3e86709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 15 May 2024 08:22:09 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Location
https://win.eksv.ch/
Non-Authoritative-Reason
HttpsUpgrades
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f10.1e100.net
Software
sffe /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 13:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31191
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 13:57:30 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/ 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/themes/smoothness/jquery-ui.css
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f10.1e100.net
Software
sffe /
Resource Hash
8473ed670b978405cb4ef7a6822385043b30107e0dae82a008326c6ed237ce51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 08:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8444
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 08:22:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 08:02:57 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/ 		249 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f10.1e100.net
Software
sffe /
Resource Hash
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:08:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67865
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 08:22:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 May 2025 14:08:04 GMT
normalize.css
win.eksv.ch/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.eksv.ch/css/normalize.css
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
d592f1c585062f14b5c94145f916377badda3351026d67a5c96f95f8a6885472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Apr 2023 12:42:24 GMT
server
nginx
etag
W/"6437f8b0-1a9e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
basic.css
win.eksv.ch/css/ 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.eksv.ch/css/basic.css?v1
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
b40fb8e1be83d09e15805ba1a5a1545a1b0715472ec7fb764ca72f8922ca9319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Apr 2024 12:55:57 GMT
server
nginx
etag
W/"6617dddd-853e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
mediaqueries.css
win.eksv.ch/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.eksv.ch/css/mediaqueries.css?v1
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
83756f8c40d2fb9a0076a2e642033fd5fc7d4be9a4f63adc44b12105b49dc10f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Apr 2024 12:55:57 GMT
server
nginx
etag
W/"6617dddd-36c6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
app.4bdc84f4.css
win.eksv.ch/build/assets/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://win.eksv.ch/build/assets/app.4bdc84f4.css
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
4bdc84f409138e092eb628d437c607c3605269b800b818db7b9ef82eae8c645d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 03 May 2024 07:56:05 GMT
server
nginx
etag
W/"66349895-19e7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
app.9b9a135c.js
win.eksv.ch/build/assets/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.eksv.ch/build/assets/app.9b9a135c.js
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
9021702c660f214fb21071d0b4243e323a307bc728fce50d0b7de7739d06e1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Origin
https://win.eksv.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 03 May 2024 07:56:05 GMT
server
nginx
etag
W/"66349895-11423"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
icon_instagram.svg
win.eksv.ch/images/socialmedia/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.eksv.ch/images/socialmedia/icon_instagram.svg
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
a46d5a703cedcd8cea459f7105973915dcc66902df56646611f9ab954742afd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Apr 2024 12:55:57 GMT
server
nginx
etag
W/"6617dddd-5fd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-xss-protection
1; mode=block
icon_facebook.svg
win.eksv.ch/images/socialmedia/ 		865 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.eksv.ch/images/socialmedia/icon_facebook.svg
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
67a9973c267834713b62e342e012dc8e4f8d95216a0053e336287070603d67e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Apr 2024 12:55:57 GMT
server
nginx
etag
W/"6617dddd-361"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-xss-protection
1; mode=block
icon_youtube.svg
win.eksv.ch/images/socialmedia/ 		945 B
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.eksv.ch/images/socialmedia/icon_youtube.svg
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
5fbf8f409dcaee3999f9dd86cf0d68db5cc375c35386cd7f27108ad602c89fe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Apr 2024 12:55:57 GMT
server
nginx
etag
W/"6617dddd-3b1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-xss-protection
1; mode=block
icon_tiktok.svg
win.eksv.ch/images/socialmedia/ 		1 KB
979 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.eksv.ch/images/socialmedia/icon_tiktok.svg
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
e0fd9c94e86a81245896e2e826ab006fe3c0610b14399f5744cc45f3bfedddba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Apr 2024 12:55:57 GMT
server
nginx
etag
W/"6617dddd-563"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-xss-protection
1; mode=block
menu.svg
win.eksv.ch/images/svgs/ 		531 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.eksv.ch/images/svgs/menu.svg
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
53c8001798829f13497c8e47858a45045fd5e08028c4b49810033bc7b3f425e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Apr 2023 12:42:24 GMT
server
nginx
etag
W/"6437f8b0-213"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-xss-protection
1; mode=block
logo.svg
win.eksv.ch/images/svgs/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.eksv.ch/images/svgs/logo.svg
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
b3b7752f5a3e4cc1e24073f3312ed3707c1526fa292537a9c8f8ebe96398cedb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Apr 2023 12:42:24 GMT
server
nginx
etag
W/"6437f8b0-b27"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-xss-protection
1; mode=block
home-pfeil.svg
win.eksv.ch/images/svgs/ 		506 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.eksv.ch/images/svgs/home-pfeil.svg
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
570f0234d7b62c10e3276dcb5b2b498b8760706d605f8d67f340bbecf51e5ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Apr 2024 12:55:57 GMT
server
nginx
etag
W/"6617dddd-1fa"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-xss-protection
1; mode=block
zurich.svg
win.eksv.ch/images/svgs/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.eksv.ch/images/svgs/zurich.svg
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
d6e2d1f8c74901148143eaba349bc379d3413048999845222bd75f3d72bb288f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Apr 2023 12:42:24 GMT
server
nginx
etag
W/"6437f8b0-1a88"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-xss-protection
1; mode=block
basic.js
win.eksv.ch/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.eksv.ch/js/basic.js
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
d612597b5cbe475a024292363ac28e522ca68b9d8e5288a933a1da491eb5b85f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Apr 2024 12:55:57 GMT
server
nginx
etag
W/"6617dddd-1d1e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		188 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KHDXDPWC
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b627a25ff75e16eecaae4be8d317d0d987fdb133eb1c2396895e57b642540d9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68853
x-xss-protection
0
last-modified
Wed, 15 May 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 May 2024 08:22:11 GMT
home-bg.png
win.eksv.ch/images/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.eksv.ch/images/home-bg.png
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/css/mediaqueries.css?v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
4ce1ad1ee268a29d766d45d5de1852244bd90b8a973d307fe0342e1e077d630c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/css/mediaqueries.css?v1
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 13 Apr 2023 12:42:24 GMT
server
nginx
etag
"6437f8b0-2135d0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
2176464
x-xss-protection
1; mode=block
matomo.js
matomo.be-on.de/ 		131 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.be-on.de/matomo.js
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.144 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
s19.be-on.dev
Software
Apache/2.4.57 (Debian) /
Resource Hash
a3cfd880d9dc92a71167c4369d5698f829e06a0ab8b1116888c88d44df6e918e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:11 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 10:20:37 GMT
server
Apache/2.4.57 (Debian)
etag
"20c5f-6148da4240794-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
40751
SBBWeb-Light.woff2
win.eksv.ch/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.eksv.ch/fonts/SBBWeb-Light.woff2
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/css/basic.css?v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
de48fe7cfbd2082df946a69799cd1dd63caa7683edff423bb7cd4824d2152125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/css/basic.css?v1
Origin
https://win.eksv.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 13 Apr 2023 12:42:24 GMT
server
nginx
etag
"6437f8b0-c078"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
49272
x-xss-protection
1; mode=block
SBBWeb-Roman.woff2
win.eksv.ch/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.eksv.ch/fonts/SBBWeb-Roman.woff2
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/css/basic.css?v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
c9ba3228b57bc4adc5a98c122dda7c0d179e4bcbe7985ec52f8afadab1a0c3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/css/basic.css?v1
Origin
https://win.eksv.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 13 Apr 2023 12:42:24 GMT
server
nginx
etag
"6437f8b0-c300"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
49920
x-xss-protection
1; mode=block
SBBWeb-Condensed-Bold.woff2
win.eksv.ch/fonts/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://win.eksv.ch/fonts/SBBWeb-Condensed-Bold.woff2
Requested by
Host: win.eksv.ch
URL: https://win.eksv.ch/css/basic.css?v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
474c24958acc3ec28719d6901e0e2b16566ac351ee7d90796c2abb456b08ab4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/css/basic.css?v1
Origin
https://win.eksv.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 13 Apr 2023 12:42:24 GMT
server
nginx
etag
"6437f8b0-b470"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
accept-ranges
bytes
content-length
46192
x-xss-protection
1; mode=block
matomo.php
matomo.be-on.de/ 		0
83 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.be-on.de/matomo.php?action_name=Gl%C3%BCcksrad&idsite=163&rec=1&r=793775&h=10&m=22&s=11&url=https%3A%2F%2Fwin.eksv.ch%2F&_id=e3ebfa1fba29e3ce&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=vUyUuN&pf_net=185&pf_srv=99&pf_tfr=1&pf_dm1=606&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.201%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by
Host: matomo.be-on.de
URL: https://matomo.be-on.de/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.144 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
s19.be-on.dev
Software
Apache/2.4.57 (Debian) / PHP/8.1.21
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://win.eksv.ch
date
Wed, 15 May 2024 08:22:11 GMT
access-control-allow-credentials
true
server
Apache/2.4.57 (Debian)
x-powered-by
PHP/8.1.21
vary
Origin
uc.js
consent.cookiebot.com/ 		109 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=d2e44000-a0ed-44b4-af80-582feeb10714&implementation=gtm&consentmode-dataredaction=dynamic
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHDXDPWC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6dec01698bd7318ccee3dae6e824f02ff358d309dbe5a97f21b70a726c903421

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Wed, 15 May 2024 08:22:12 GMT
content-encoding
gzip
last-modified
Mon, 15 Apr 2024 08:18:48 GMT
etag
"9a398f8ad8fda1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=467
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
34251
expires
Wed, 15 May 2024 08:29:59 GMT
configs.php
matomo.be-on.de/plugins/HeatmapSessionRecording/ 		118 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.be-on.de/plugins/HeatmapSessionRecording/configs.php?idsite=163&trackerid=ydwoyn&url=https%3A%2F%2Fwin.eksv.ch%2F
Requested by
Host: matomo.be-on.de
URL: https://matomo.be-on.de/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.144 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
s19.be-on.dev
Software
Apache/2.4.57 (Debian) / PHP/8.1.21
Resource Hash
f1e3fe7d8b1882d6f8b8d29533c6f9ba41c25d150b4a74af561495386e6c9b5d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:11 GMT
content-encoding
gzip
server
Apache/2.4.57 (Debian)
x-powered-by
PHP/8.1.21
content-length
121
vary
Accept-Encoding
content-type
application/javascript
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 3063 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=d2e44000-a0ed-44b4-af80-582feeb10714&implementation=gtm&consentmode-dataredaction=dynamic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.190.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-7.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://win.eksv.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 08:22:12 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Thu, 15 May 2025 08:22:12 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1715761332775_34901917_202764866_38_1308_42_103_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/d2e44000-a0ed-44b4-af80-582feeb10714/ 		304 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/d2e44000-a0ed-44b4-af80-582feeb10714/cc.js?renew=false&referer=win.eksv.ch&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=d2e44000-a0ed-44b4-af80-582feeb10714&implementation=gtm&consentmode-dataredaction=dynamic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-160.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
824e1678bd83bf0a006871b392d6f221b766cbe46570a6b5f31636ba8b52a4ac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:12 GMT
content-encoding
gzip
last-modified
Wed, 15 May 2024 08:22:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
cross-origin-resource-policy
cross-origin
content-length
81865
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
1.gif
imgsct.cookiebot.com/ 		35 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsct.cookiebot.com/1.gif?dgi=d2e44000-a0ed-44b4-af80-582feeb10714
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.190.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-190-7.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 08:22:13 GMT
X-GUploader-UploadID
ABPtcPq-7iiGOxduuungmSMh6XGyL_5g2Y1G3-JhSCLCkD_FeF7M4y-WpiXZ3OaR53JqIlMv6WE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
35
Last-Modified
Mon, 23 Oct 2023 11:39:32 GMT
Server
UploadServer
ETag
"c2196de8ba412c60c22ab491af7b1409"
x-goog-generation
1698061172769999
x-goog-hash
crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
public,max-age=1800
x-goog-stored-content-length
35
Accept-Ranges
bytes
Content-Type
image/gif
truncated
/ 		293 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
win.eksv.ch/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://win.eksv.ch/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.75.247.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s30.be-on.dev
Software
nginx /
Resource Hash
e16c37d4e7f01455665ee3851074a7c35f4efa42489456e29b33ca962b5185d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://win.eksv.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 08:22:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Apr 2023 12:42:24 GMT
server
nginx
etag
W/"6437f8b0-47e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| $ function| jQuery object| _paq number| globalAngle number| globalRotation number| last_clicked function| closeMenu function| openMenu function| getDraw function| populatePopup function| spinWheel function| showPopUp function| onclickfunctions function| updateStatus function| timer function| timerStopped function| deactivatePrize function| updateStatusToDeactivate object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| google_tag_manager object| google_tag_data object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| CookiebotDialog object| CookieConsentDialog

4 Cookies

Domain/Path Name / Value
win.eksv.ch/ Name: XSRF-TOKEN
Value: eyJpdiI6IkdMWXdyVHl6S3I0SFB1MHJ1QnhBMHc9PSIsInZhbHVlIjoiVnpkaUlZZkhYWjE1bExTM0xpMy9CSDJzSlJYMWU4U3RtSVEzYWlCbyt5OHk3OVlHVjY1NXlRbnp2U0tzLzlXb0xUdTZFVjduZi9vd1BENXBwOGpCR0J2V1lkRGZPdkdJeWF5SDd1bTI5ckRQV1I2T0NHNEM5dWs2RVZqbWFkUjkiLCJtYWMiOiI4YTg0MmIxNGNkODg4MmM1ZmQ3NGQ4YzhlNjQxOTIxNjc3ZDk2OTAzZTFjOGIwM2RjN2JiNmZmYWRlNjRjODA0IiwidGFnIjoiIn0%3D
win.eksv.ch/ Name: wineksvch_session
Value: eyJpdiI6InhBRVlTTVNwQmNtQVhKOXJHRWpwOFE9PSIsInZhbHVlIjoiN09idjljaXJFeW1HSEZJNSsyQ3lOMnRrTGNDM2R2cTNzaFVKK2NuMnl3b2FzOWlSZjZ6TXVYYlBlZTBpckNNYy9tSzNMRmdDL2x4c2RkNDJNSVo2NlBaZnFsbDJnUGdWaHB3ZWxNZ3NibURHZkJsYjRwZXFDdFQvNUMwVEV4dEYiLCJtYWMiOiIyMjVmYzQyODdhNDkxNzEwMmJlNGQ3ZGU1ZTgxYjYzODVjYTFmMTU5MjJhZjA0MzdjYTE3ZmViMzllNzVjOWFkIiwidGFnIjoiIn0%3D
.win.eksv.ch/ Name: _pk_id.163.f9e4
Value: e3ebfa1fba29e3ce.1715761332.
.win.eksv.ch/ Name: _pk_ses.163.f9e4
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
consent.cookiebot.com
consentcdn.cookiebot.com
imgsct.cookiebot.com
matomo.be-on.de
win.eksv.ch
www.googletagmanager.com
104.126.37.160
142.250.74.202
172.217.18.8
2.17.190.7
202.61.195.144
5.75.247.12
474c24958acc3ec28719d6901e0e2b16566ac351ee7d90796c2abb456b08ab4d
4bdc84f409138e092eb628d437c607c3605269b800b818db7b9ef82eae8c645d
4ce1ad1ee268a29d766d45d5de1852244bd90b8a973d307fe0342e1e077d630c
53c8001798829f13497c8e47858a45045fd5e08028c4b49810033bc7b3f425e4
570f0234d7b62c10e3276dcb5b2b498b8760706d605f8d67f340bbecf51e5ed3
5fbf8f409dcaee3999f9dd86cf0d68db5cc375c35386cd7f27108ad602c89fe8
67a9973c267834713b62e342e012dc8e4f8d95216a0053e336287070603d67e3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dec01698bd7318ccee3dae6e824f02ff358d309dbe5a97f21b70a726c903421
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
824e1678bd83bf0a006871b392d6f221b766cbe46570a6b5f31636ba8b52a4ac
83756f8c40d2fb9a0076a2e642033fd5fc7d4be9a4f63adc44b12105b49dc10f
8473ed670b978405cb4ef7a6822385043b30107e0dae82a008326c6ed237ce51
9021702c660f214fb21071d0b4243e323a307bc728fce50d0b7de7739d06e1a1
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
a3cfd880d9dc92a71167c4369d5698f829e06a0ab8b1116888c88d44df6e918e
a46d5a703cedcd8cea459f7105973915dcc66902df56646611f9ab954742afd0
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b3b7752f5a3e4cc1e24073f3312ed3707c1526fa292537a9c8f8ebe96398cedb
b40fb8e1be83d09e15805ba1a5a1545a1b0715472ec7fb764ca72f8922ca9319
b627a25ff75e16eecaae4be8d317d0d987fdb133eb1c2396895e57b642540d9b
bfa90721a874e3afea0932839615c79d9032801f40e5501ebdabdb6ac3e86709
c9ba3228b57bc4adc5a98c122dda7c0d179e4bcbe7985ec52f8afadab1a0c3ad
d592f1c585062f14b5c94145f916377badda3351026d67a5c96f95f8a6885472
d612597b5cbe475a024292363ac28e522ca68b9d8e5288a933a1da491eb5b85f
d6e2d1f8c74901148143eaba349bc379d3413048999845222bd75f3d72bb288f
de48fe7cfbd2082df946a69799cd1dd63caa7683edff423bb7cd4824d2152125
e0fd9c94e86a81245896e2e826ab006fe3c0610b14399f5744cc45f3bfedddba
e16c37d4e7f01455665ee3851074a7c35f4efa42489456e29b33ca962b5185d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1e3fe7d8b1882d6f8b8d29533c6f9ba41c25d150b4a74af561495386e6c9b5d