win4win.ch Open in urlscan Pro
2a01:4a0:17::1:f800 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU
Effective URL:
https://win4win.ch/wettbewerb/helsana-wettbewerb/
Submission: On August 25 via api (August 25th 2024, 6:05:52 am UTC) from BE — Scanned from FR

Summary HTTP 117 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 24 domains to perform 117 HTTP transactions. The main IP is 2a01:4a0:17::1:f800, located in Erlangen, Germany and belongs to CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE. The main domain is win4win.ch.
TLS certificate: Issued by E5 on August 19th 2024. Valid for: 3 months.

This is the only time win4win.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	1.179.112.195 1.179.112.195	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:440... 2606:4700:4400::ac40:9473	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	2a01:4a0:17::... 2a01:4a0:17::1:f800	201011 (CORE-BACK...) (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK)
1	2600:9000:205... 2600:9000:2057:8000:1d:87b1:e480:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
5	46.101.217.240 46.101.217.240	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2 3	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:ac8... 2a05:d018:ac8:b920:dd40:ba35:8719:9f90	16509 (AMAZON-02) (AMAZON-02)
5	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.95.80 65.9.95.80	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:e8a... 2600:1f18:e8a:cd08:3437:aff5:50c:d298	14618 (AMAZON-AES) (AMAZON-AES)
6	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.163.248.4 3.163.248.4	16509 (AMAZON-02) (AMAZON-02)
5	2.18.64.26 2.18.64.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
4	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
2	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.95.52 65.9.95.52	16509 (AMAZON-02) (AMAZON-02)
1	54.216.135.50 54.216.135.50	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:591::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4013:c14::54	15169 (GOOGLE) (GOOGLE)
6	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
117	35

1 1.179.112.195 (France)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

r.win4win-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9473 (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a01:4a0:17::1:f800 (Erlangen, Germany)

ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE)

win4win.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:8000:1d:87b1:e480:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.du89buildings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.101.217.240 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

sdk.checkout-panda.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
promo.checkout-panda.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.228 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:ac8:b920:dd40:ba35:8719:9f90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

esputnik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-80.prg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:e8a:cd08:3437:aff5:50c:d298 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.du89buildings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.64.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-26.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-52.prg50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.216.135.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-135-50.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:591::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4013:c14::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	win4win.ch win4win.ch	7 MB
10	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
8	google.com 2 redirects apis.google.com — Cisco Umbrella Rank: 225 www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 3773 accounts.google.com — Cisco Umbrella Rank: 46	82 KB
7	du89buildings.com ob.du89buildings.com — Cisco Umbrella Rank: 756513 obs.du89buildings.com — Cisco Umbrella Rank: 626207	154 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1235	6 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1202 tr6.snapchat.com — Cisco Umbrella Rank: 1340	1 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	137 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	164 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	510 KB
5	checkout-panda.ch sdk.checkout-panda.ch promo.checkout-panda.ch	507 KB
4	google.fr www.google.fr — Cisco Umbrella Rank: 16277	254 B
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 252 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	345 B
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	65 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 176	2 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1417	25 KB
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 4716 content.hotjar.io — Cisco Umbrella Rank: 8904	404 B
2	gstatic.com fonts.gstatic.com www.gstatic.com	248 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 ajax.googleapis.com — Cisco Umbrella Rank: 641	32 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1413	21 KB
1	esputnik.com esputnik.com — Cisco Umbrella Rank: 66628	12 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	9 KB
1	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 34099
1	win4win-news.com r.win4win-news.com	819 B
117	24

	Domain	Requested by
37	win4win.ch	r.win4win-news.com win4win.ch
10	www.facebook.com	win4win.ch connect.facebook.net
6	ct.pinterest.com	sdk.checkout-panda.ch ob.du89buildings.com
6	obs.du89buildings.com	ob.du89buildings.com win4win.ch sdk.checkout-panda.ch
5	analytics.tiktok.com	r.win4win-news.com analytics.tiktok.com
5	connect.facebook.net	win4win.ch connect.facebook.net ob.du89buildings.com
5	www.googletagmanager.com	win4win.ch www.googletagmanager.com www.google-analytics.com ob.du89buildings.com
4	tr.snapchat.com	sdk.checkout-panda.ch ob.du89buildings.com sc-static.net
4	www.google.fr	win4win.ch
3	www.google.com	2 redirects win4win.ch
3	promo.checkout-panda.ch	win4win.ch
2	googleads.g.doubleclick.net	2 redirects
2	www.googleadservices.com	1 redirects ob.du89buildings.com
2	s.pinimg.com	win4win.ch ob.du89buildings.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	static.hotjar.com	win4win.ch
2	www.google-analytics.com	win4win.ch www.google-analytics.com
2	apis.google.com	win4win.ch apis.google.com
2	sdk.checkout-panda.ch	win4win.ch sdk.checkout-panda.ch
1	tr6.snapchat.com	sc-static.net
1	accounts.google.com	apis.google.com
1	content.hotjar.io	sdk.checkout-panda.ch
1	vc.hotjar.io	sdk.checkout-panda.ch
1	www.gstatic.com	www.google.com
1	sc-static.net	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	fonts.gstatic.com	fonts.googleapis.com
1	esputnik.com	win4win.ch
1	cdnjs.cloudflare.com	win4win.ch
1	ajax.googleapis.com	win4win.ch
1	fonts.googleapis.com	win4win.ch
1	ob.du89buildings.com	win4win.ch
1	sibautomation.com	r.win4win-news.com
1	r.win4win-news.com
117	35

This site contains links to these domains. Also see Links.

Domain
www.helsana.ch
wa.me
www.facebook.com
pinterest.com

Subject Issuer	Validity	Valid
r.win4win-news.com R11	`2024-07-12` - `2024-10-10`	3 months	crt.sh
sibautomation.com WE1	`2024-08-05` - `2024-11-03`	3 months	crt.sh
win4winbalancer.ch.trendhosting.cloud E5	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.du89buildings.com Amazon RSA 2048 M03	`2024-06-04` - `2025-07-03`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
sdk.checkout-panda.ch R10	`2024-07-12` - `2024-10-10`	3 months	crt.sh
promo.checkout-panda.ch R10	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.apis.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.esputnik.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-13` - `2024-11-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.fr WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-02` - `2025-08-07`	a year	crt.sh
accounts.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.googleadservices.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Frame ID: 22AE37BC45A1E5A4103E5988947F11A3
Requests: 111 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2510798
Frame ID: 417E4E34382C088F413C1D9D125CEF9C
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 6522F0A04E8CA333773E07ECFA84F246
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/login_button.php?app_id=2453031748306293&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3b030b2a20f57ba%26domain%3Dwin4win.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwin4win.ch%252Ff7e0312fdef5e1b0b%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey
Frame ID: D76E7E1145913310CD808AA8970D8F33
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/login_button.php?app_id=2453031748306293&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df737cc6971c8281d0%26domain%3Dwin4win.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwin4win.ch%252Ff7e0312fdef5e1b0b%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey
Frame ID: FF28E1BCC1104A426B6C7F52BF556322
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: B706D2495662CEB229D0E2B54E5C2120
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1cdb7c83-6b94-4de3-8d9d-6a5c277bfa5c&u_scsid=4ed61e0b-8536-4522-80ec-ec5730215dfa&u_sclid=fc371890-0b32-4b3e-aa83-c02960a86c60
Frame ID: 0C35765F4CBEF4F03D9BA9CD318218BD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Helsana verlost iPhone 15 Pro

Page URL History Show full URLs

http://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU HTTP 307
https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU Page URL
https://win4win.ch/wettbewerb/helsana-wettbewerb/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope
apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

117
Requests

97 %
HTTPS

49 %
IPv6

24
Domains

35
Subdomains

35
IPs

7
Countries

9494 kB
Transfer

13276 kB
Size

28
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.helsana.ch/de/private.html

Search URL Search Domain Scan URL

URL: https://wa.me/whatsappphonenumber/?text=https://win4win.ch/wettbewerb/helsana-wettbewerb/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?&u=https://win4win.ch/wettbewerb/helsana-wettbewerb/&t=Helsana%20Wettbewerb

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://win4win.ch/wettbewerb/helsana-wettbewerb/&media=https://win4win.ch/wp-content/uploads/2024/06/Beitragsbilder-297p-x-497p-8-297x340.gif&description=

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU HTTP 307
https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU Page URL
https://win4win.ch/wettbewerb/helsana-wettbewerb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU HTTP 307
https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU

Request Chain 90

https://www.googleadservices.com/pagead/conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1256841628&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIg_WZ5byPiAMV1CFVCB3BeBV7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv HTTP 302
https://www.google.com/pagead/1p-conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1256841628&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIg_WZ5byPiAMV1CFVCB3BeBV7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSGwDpaXnfKW8eBPYPFFzfkkYl9IoJqZ3xE-qeNg&random=122522373 HTTP 302
https://www.google.fr/pagead/1p-conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1256841628&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIg_WZ5byPiAMV1CFVCB3BeBV7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSGwDpaXnfKW8eBPYPFFzfkkYl9IoJqZ3xE-qeNg&random=122522373&ipr=y

Request Chain 101

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628473700/?random=344283332&cv=11&fst=1724565946942&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&ref=https%3A%2F%2Fr.win4win-news.com%2F&label=rsGbCJeb6okZEOT-1qsC&hn=www.googleadservices.com&frm=0&tiba=Helsana%20verlost%20iPhone%2015%20Pro&gtm_ee=1&npa=1&pscdl=noapi&auid=312957301.1724565946&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI0rKk5byPiAMVtOkRCB3yQxM3MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv HTTP 302
https://www.google.com/pagead/1p-conversion/628473700/?random=344283332&cv=11&fst=1724565946942&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&ref=https%3A%2F%2Fr.win4win-news.com%2F&label=rsGbCJeb6okZEOT-1qsC&hn=www.googleadservices.com&frm=0&tiba=Helsana%20verlost%20iPhone%2015%20Pro&gtm_ee=1&npa=1&pscdl=noapi&auid=312957301.1724565946&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI0rKk5byPiAMVtOkRCB3yQxM3MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSKQDpaXnf6cdS_m-kyrzELDpbrqq8AKR8h5CF_ojmRYgp06no2hzlZ_ve&random=2807504238 HTTP 302
https://www.google.fr/pagead/1p-conversion/628473700/?random=344283332&cv=11&fst=1724565946942&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&ref=https%3A%2F%2Fr.win4win-news.com%2F&label=rsGbCJeb6okZEOT-1qsC&hn=www.googleadservices.com&frm=0&tiba=Helsana%20verlost%20iPhone%2015%20Pro&gtm_ee=1&npa=1&pscdl=noapi&auid=312957301.1724565946&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI0rKk5byPiAMVtOkRCB3yQxM3MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSKQDpaXnf6cdS_m-kyrzELDpbrqq8AKR8h5CF_ojmRYgp06no2hzlZ_ve&random=2807504238&ipr=y

117 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

bihzCwnfeNjU Show response
r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/
Redirect Chain

http://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU
https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU

671 B
819 B

161ms
69ms

Document
text/html

1.179.112.195
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

1.179.112.195 , France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

c6ffcf1486c217e3188fe288b8d88aa8ddb757ed7733c5408f0031a9bb0c9687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-length: 671
content-type: text/html; charset=utf-8
date: Sun, 25 Aug 2024 06:05:45 GMT
x-content-type-options: nosniff
x-sib-server: gke-public-cluster-v2-1-179-112-137
x-xss-protection: 1

Redirect headers

Location: https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 cm.html
sibautomation.com/ Frame 417E 0
0 76ms
31ms Document
text/html 2606:4700:4400::ac40:9473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/cm.html?id=2510798
Requested by: Host: r.win4win-news.com
URL: https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9473 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Referer: https://r.win4win-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 8
cache-control: public, max-age=7200
cf-cache-status: HIT
cf-ray: 8b8964671cd2639b-LHR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 25 Aug 2024 06:05:45 GMT
expires: Sun, 25 Aug 2024 08:05:45 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>

GET
H2 200 Primary Request / Show response
win4win.ch/wettbewerb/helsana-wettbewerb/ 71 KB
16 KB 119ms
59ms Document
text/html 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wettbewerb/helsana-wettbewerb/

Requested by

Host: r.win4win-news.com
URL: https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx / PHP/7.4.28

Resource Hash

de50168bdf739fd3af791bb4c463d2386e9c266ef3c6c1033dedcf9695628fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.win4win-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 15576
content-type: text/html; charset=UTF-8
date: Sun, 25 Aug 2024 06:05:45 GMT
edit: Set-Cookie (.*) "$1; Secure" Set-Cookie (.*) "$1; HTTPOnly"
etag: "75923-1724331036;br"
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://win4win.ch/wp-json/>; rel="https://api.w.org/" <https://win4win.ch/?p=23696>; rel=shortlink
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
pragma: no-cache
referrer-policy
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-litespeed-cache: hit
x-powered-by: PHP/7.4.28
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 eb440d79bb10219527b9498b0012b9bb.js Show response
ob.du89buildings.com/i/ 470 KB
152 KB 199ms
93ms Script
text/javascript 2600:9000:2057:8000:1d:87b1:e480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js
Requested by: Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8000:1d:87b1:e480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 6f916c93d60afa8634855848aa4273e8032393562abe6b37f8b4ea5f2d8f4afa

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 18:31:16 GMT
content-encoding: gzip
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA6-C1
age: 41669
etag: "75998-mdNVSUmmDCN9HN5HrsUPwbRwzdk"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 154737
x-amz-cf-id: uTWlocDj74prseYrWOs2tLssLrTKptTSwuaNJIjNO-u7EqbZjyZJyw==
expires: Sun, 25 Aug 2024 06:31:16 GMT

GET
H2 200 style.min.css
win4win.ch/wp-includes/css/dist/block-library/ 95 KB
12 KB 41ms
34ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-includes/css/dist/block-library/style.min.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 11775
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 12 Jun 2023 08:14:25 GMT
server: nginx
etag: "17ced-6486d3e1-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 classic-themes.min.css
win4win.ch/wp-includes/css/ 291 B
632 B 39ms
33ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-includes/css/classic-themes.min.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 12 Jun 2023 08:14:25 GMT
server: nginx
etag: W/"123-6486d3e1-0;;;"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 100ms
35ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800&display=swap&ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 06:05:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Aug 2024 06:05:45 GMT

GET
H2 200 bootstrap.min.css
win4win.ch/wp-content/themes/win4win/css/ 152 KB
21 KB 41ms
36ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/bootstrap.min.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 20900
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:25 GMT
server: nginx
etag: "26041-650c17f9-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 fontello.css
win4win.ch/wp-content/themes/win4win/css/ 2 KB
960 B 39ms
33ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/fontello.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

3801892e3e472faf7c234a8cc90981a1c15eba0458cec51274979f51f9ca49ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 469
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:25 GMT
server: nginx
etag: "6d7-650c17f9-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 slick.css
win4win.ch/wp-content/themes/win4win/css/ 2 KB
963 B 71ms
66ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/slick.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

81c33672d192732fd5591050eb92255404dec032d950e06340220ce3bd4c1c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 472
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:25 GMT
server: nginx
etag: "6c9-650c17f9-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 bootstrap-select.css
win4win.ch/wp-content/themes/win4win/css/ 12 KB
3 KB 70ms
65ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/bootstrap-select.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b14eaeddc99b48d46555f3c800db25b490688ada43b089a3477a633dae9cc56f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 2079
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:25 GMT
server: nginx
etag: "2ff4-650c17f9-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 animate.min.css
win4win.ch/wp-content/themes/win4win/css/ 57 KB
4 KB 71ms
67ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/animate.min.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 4011
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:25 GMT
server: nginx
etag: "e311-650c17f9-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 intlTelInput.min.css
win4win.ch/wp-content/themes/win4win/css/ 19 KB
3 KB 72ms
67ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/intlTelInput.min.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

1fbae76075c291126d0358aa627f3001f2624ac8e07ef113a99c6f9758a7c048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 2269
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:25 GMT
server: nginx
etag: "4adb-650c17f9-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 style.css
win4win.ch/wp-content/themes/win4win/css/ 163 KB
22 KB 72ms
67ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/style.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

41f98207a2bcab9d5f7da91c377ed204bac8cb702530f3b6e564447cfc4a6b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 21649
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 31 Jul 2024 13:30:23 GMT
server: nginx
etag: "28c17-66aa3c6f-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 107ms
27ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 13:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Aug 2025 13:28:38 GMT

GET
H2 200 js.cookie-2.1.3.min.js Show response
win4win.ch/wp-content/plugins/pixelyoursite/dist/scripts/ 2 KB
1 KB 71ms
67ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 832
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 14 Jun 2023 09:55:33 GMT
server: nginx
etag: "6d7-64898e95-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 jquery.bind-first-0.2.3.min.js Show response
win4win.ch/wp-content/plugins/pixelyoursite/dist/scripts/ 1 KB
1 KB 71ms
68ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 625
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 14 Jun 2023 09:55:33 GMT
server: nginx
etag: "525-64898e95-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 public.js Show response
win4win.ch/wp-content/plugins/pixelyoursite/dist/scripts/ 57 KB
9 KB 71ms
68ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=7.2.1.1

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b439917bec713319595d8c307b0498b9e5454447074d60362a0321ab3e97319e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 9135
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 14 Jun 2023 09:55:33 GMT
server: nginx
etag: "e2f4-64898e95-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 public.js Show response
win4win.ch/wp-content/plugins/pixelyoursite-pinterest/dist/scripts/ 10 KB
2 KB 71ms
68ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/plugins/pixelyoursite-pinterest/dist/scripts/public.js?ver=2.0.17

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

546563b2127208f386e87a2a9408e8df00c8ead92181e22a6824d823be57827f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 1749
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 27 Jan 2021 09:13:32 GMT
server: nginx
etag: "28fa-60112ebc-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 w4w.js Show response
sdk.checkout-panda.ch/ 441 B
565 B 188ms
59ms Script
application/javascript 46.101.217.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.checkout-panda.ch/w4w.js
Requested by: Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.101.217.240 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: ef32182597ff24ee15b7bea8e09c5e9a325ae31152149ce1908fc584096037ed

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:45 GMT
last-modified: Wed, 20 Apr 2022 07:59:24 GMT
server: nginx/1.20.0
accept-ranges: bytes
etag: "625fbd5c-1b9"
content-length: 441
content-type: application/javascript

GET
H2 200 app.css
promo.checkout-panda.ch/css/ 24 KB
24 KB 124ms
44ms Stylesheet
text/css 46.101.217.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.checkout-panda.ch/css/app.css
Requested by: Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.101.217.240 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 176c57f5621456e48b9cd437462145b426bdaf91673cec3e6de86b79292380d4

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:45 GMT
last-modified: Tue, 30 May 2023 08:24:38 GMT
server: nginx/1.20.0
etag: "6475b2c6-5ea5"
content-type: text/css
cache-control: no-cache
accept-ranges: bytes
content-length: 24229
expires: Sun, 25 Aug 2024 06:05:44 GMT

GET
H2 200 app.js Show response
promo.checkout-panda.ch/js/ 72 KB
73 KB 159ms
79ms Script
application/javascript 46.101.217.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.checkout-panda.ch/js/app.js
Requested by: Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.101.217.240 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: a7fadd48caf40975fd83278c5ffe403f8fb906d35ea0c28fe291348c1cf3ac3f

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:45 GMT
last-modified: Tue, 30 May 2023 08:24:38 GMT
server: nginx/1.20.0
etag: "6475b2c6-121fc"
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 74236
expires: Sun, 25 Aug 2024 06:05:44 GMT

GET
H2 200 chunk-vendors.js Show response
promo.checkout-panda.ch/js/ 299 KB
300 KB 245ms
165ms Script
application/javascript 46.101.217.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.checkout-panda.ch/js/chunk-vendors.js
Requested by: Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.101.217.240 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 2c88a11c8087ce4c87d7e6f1fc8bdac822ee09a7400565c058c89e03df8b5c10

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:45 GMT
last-modified: Tue, 30 May 2023 08:24:38 GMT
server: nginx/1.20.0
etag: "6475b2c6-4ad95"
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 306581
expires: Sun, 25 Aug 2024 06:05:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 335 KB
112 KB 313ms
190ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-805112524

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fca1eca3767fe91982bb7fbb94921f46677e5911b3ba76b24bc1dac67dad32ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 114750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 06:05:45 GMT

GET
H2 200 google.svg
win4win.ch/wp-content/themes/win4win/images/ 1 KB
1 KB 70ms
69ms Image
image/svg+xml 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/google.svg

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b8e9b6f51f0a6014b39060747a6a7fb66c842442e3f0fa04202df5862665efdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 653
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
etag: "535-650c17f5-0;br"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 facebook.svg
win4win.ch/wp-content/themes/win4win/images/ 842 B
861 B 70ms
69ms Image
image/svg+xml 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/facebook.svg

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

9011cc3e35968d04dcaa3cb8f48afdf51e3cae17e0e631ba5ab019e8f18ae6b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 414
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
etag: "34a-650c17f5-0;br"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 Bubble-GE.png
win4win.ch/wp-content/themes/win4win/images/ 32 KB
33 KB 40ms
36ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/Bubble-GE.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

45ee22f61a84fb36cce1717c1f08cba04ac6590543cdedee9b691f0e2557d296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 32829
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:23 GMT
server: nginx
etag: "803d-650c17f7-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 Background-Image-3200x1040px-63-1.png
win4win.ch/wp-content/uploads/2024/06/ 6 MB
6 MB 36ms
34ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/uploads/2024/06/Background-Image-3200x1040px-63-1.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

eeadabe52147b776a531b385b2af1c633bb67ff8032af5c16f718140cc22f94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 6804062
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 27 Jun 2024 08:31:09 GMT
server: nginx
etag: "67d25e-667d234d-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 Background-Image-3200x1040px-63-1-1024x333.png
win4win.ch/wp-content/uploads/2024/06/ 501 KB
502 KB 91ms
91ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/uploads/2024/06/Background-Image-3200x1040px-63-1-1024x333.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b8100300782c3996df589115a277f672d840d7701a8afa6bb22aa985b5812a2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 512844
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 27 Jun 2024 08:31:20 GMT
server: nginx
etag: "7d34c-667d2358-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 Banner-Logo-400x342-24-1.png
win4win.ch/wp-content/uploads/2024/06/ 16 KB
16 KB 187ms
181ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/uploads/2024/06/Banner-Logo-400x342-24-1.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

53f62af044f11f04fd583b5e6af56516d898e3e8de0bc5db656cbd0926530af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 16372
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 27 Jun 2024 08:07:36 GMT
server: nginx
etag: "3ff4-667d1dc8-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 safebrowsing-logo.svg
win4win.ch/wp-content/themes/win4win/images/ 1 KB
1 KB 187ms
181ms Image
image/svg+xml 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/safebrowsing-logo.svg

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

f040e77b8264be8887ce6b69b83480c46926230d99d844a5ffc1893b5c9dc748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 664
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
etag: "5c9-650c17f4-0;br"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 logo.png
win4win.ch/wp-content/themes/win4win/images/ 12 KB
12 KB 186ms
181ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/logo.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

2514c6c83638d066a64044f01a050a9f6a40e34d4f28b88bbe002e605d53e503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 11985
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:21 GMT
server: nginx
etag: "2ed1-650c17f5-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 contacts-send.png
win4win.ch/wp-content/themes/win4win/images/ 10 KB
10 KB 186ms
180ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/contacts-send.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

7555e222251b2447fb5904611f5543f0335765a95807cea8ec3df992dd97142a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 9780
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:21 GMT
server: nginx
etag: "2634-650c17f5-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 ok.png
win4win.ch/wp-content/themes/win4win/images/ 630 B
1 KB 184ms
181ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/ok.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

46977089b698cb83d11e559cea0366e56bfc0328611fb4d6ee885884c652bcc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 630
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:20 GMT
server: nginx
etag: "276-650c17f4-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 platform.js Show response
apis.google.com/js/ 55 KB
22 KB 233ms
107ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f6a762a7e6247be81722a92c5c7ecb3fb7336b8126a97c5863286ee4090fe03

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Aug 2024 06:05:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21629
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "df3535a04293effe"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 06:05:45 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
971 B 191ms
69ms Script
text/javascript 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

ESF /

Resource Hash

34460dcaea00c8a53d84b7d6e630deef8cb1dd07e9c99420f178c56b37727253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires: Sun, 25 Aug 2024 06:05:45 GMT

GET
H2 200 poper.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 20 KB
7 KB 187ms
178ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/poper.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b1a358fb3138ddc55239faf121e297470da161e6c1d0bee44079ebb7a8a754c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 7152
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "51e9-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 bootstrap.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 57 KB
15 KB 186ms
178ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/bootstrap.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

61ac8d1132905ced04a756b27b2b9149ed4cc35ac9cb04c9b24606d02f7b2bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 14741
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "e2b5-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 slick.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 42 KB
10 KB 186ms
177ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/slick.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 10097
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "a76f-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 clipboard.min.js Show response
win4win.ch/wp-includes/js/ 9 KB
3 KB 188ms
179ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-includes/js/clipboard.min.js?ver=2.0.11

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

700c8bd73d93522ca53cdc35e2a71e96caf7c344bc7a8391f3af90c10b917033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 2989
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 12 Jun 2023 08:14:25 GMT
server: nginx
etag: "2331-6486d3e1-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 bootstrap-select.js Show response
win4win.ch/wp-content/themes/win4win/js/ 109 KB
24 KB 187ms
179ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/bootstrap-select.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

5358d52e0c51328692627f14b34cb706b8426b1bc4281ab55dd06b01fcbdc76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 24261
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "1b39d-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 jquery.validate.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 24 KB
8 KB 187ms
180ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/jquery.validate.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 7569
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "5f38-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 wow.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 8 KB
3 KB 187ms
180ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/wow.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 2572
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "20df-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 uploadPreview.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 1 KB
1017 B 188ms
180ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/uploadPreview.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

e294e848e32473a56985bd55d8b084fb501a8fe4f66b0e11597870e711804ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 515
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "4f5-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 sticky-kit.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 3 KB
2 KB 187ms
180ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/sticky-kit.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

753b6da6d4ab99217d7b21623591f3b3e4b54c712f01fb80d898a412a6ad502f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 1205
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "b19-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H3 200 intlTelInput-jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/ 28 KB
9 KB 118ms
74ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/intlTelInput-jquery.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ecb6f95059703c992766b3b3ceef6c17b31e3a5c648343e069d637b746933d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3251398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8933
last-modified: Mon, 04 May 2020 16:11:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea6-7134"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UE2ElZsaW8jS3nMSN5YTG%2BQQ6ECp4tk%2FBNOX8K4xVcs93JPR66Gv%2BVyuCcHxIPigE2TX1kShzpSc7zFPbCiWKyBUnKcybkBTk4l0par3F1petyA7KOkc87Ob5OxdHKkyiYk%2FoqWx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b896469ab5ed107-CDG
expires: Fri, 15 Aug 2025 06:05:45 GMT

GET
H2 200 script.js Show response
win4win.ch/wp-content/themes/win4win/js/ 41 KB
7 KB 187ms
181ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/script.js?ver=1724331036

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b63d4fba35ebc3fa5ed0bf3b04b8bff0694c39ac41569552142036a0b5ace965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:45 GMT
date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 6462
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 12 Aug 2024 14:57:36 GMT
server: nginx
etag: "a405-66ba22e0-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 262 KB
89 KB 227ms
107ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBGQV67

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d868e8f60da7be6c160c964a5c47ed02e409abf0f9c13b65a15840bf32d717a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 06:05:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 177ms
58ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Aug 2024 05:15:05 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3040
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 25 Aug 2024 07:15:05 GMT

GET
H2 200 hotjar-1769474.js Show response
static.hotjar.com/c/ 11 KB
5 KB 231ms
103ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1769474.js?sv=5

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

047d84c27851de37909199aa500b248940b50d806497197d405d0398c1f22740

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/7309c59249d3a780bec2ab2943111fe2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: L0mO0Ne6-SxzhrfmHvfZu7CWI-iHLNYb1jb1sMaacA9eQm1EbXbUMg==

GET
H2 200 scripts Show response
esputnik.com/scripts/v1/public/ 39 KB
12 KB 272ms
144ms Script
application/javascript 2a05:d018:ac8:b920:dd40:ba35:8719:9f90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esputnik.com/scripts/v1/public/scripts?apiKey=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0NTI0ZWZhYTJkYzI2MGRmYTM4YTE1NDBlMWE2Yjg1YmQ1YmU3YTFkMzg0NWRiOTkyZWE1NGU3YTlmOGY0NTAzMjNlZmYwMzAwZWZiZWYyNDJhMTE3N2UzZDgyN2RhMmQwM2E0YmIwNTU3MzQ3N2JjYWYyMjA1ZDIzNTFmYzYxNGIzYzBhOTMzMzA3ZDY2NGNiNzI1ZTk3YmU3OTM0OTExMDI4MmU1OWQ5ZDFlNjI1YWZiMDNhYjkyZGMifQ.W_zZgG1FCQ8mAi_R7HtSQLH8Soh4IwkvhG7gL8DuMPulo9K5pnkOyUHKtbaQSJU4NqYiZSLn2H3mPzrJQdSkGQ&domain=AAB37FE6-426D-47BE-B00E-32EA03B61192

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:ac8:b920:dd40:ba35:8719:9f90 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e71ea0e0b3afe1fbcecccf194b54de5d0741c9889ce6c76f6b6ac00f8d2bdfd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
expires: Sun, 25 Aug 2024 06:10:45 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 227ms
193ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 06:05:45 GMT
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=23, mss=1232, tbw=4464, tp=12, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: xDQRd+Rooh7rvcFj6dYNQ5ifhqPJkOYezbE08O2Wi50oUphqeUe8Xf/cOiKhR2y0IXWnkJ43VaC/BGFEM4nsTg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-3790757.js Show response
static.hotjar.com/c/ 11 KB
5 KB 112ms
103ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3790757.js?sv=6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

6f12865fd04625331257e28d725dd0bb71426f9c16568997f57e0d794966cd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/9ae54829abc75270fd077df77727629d
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: jXuQvG0er6cSQm_qkvH8SiKWzIyMHtXcED33ingkcpvZ0dP_99ngDg==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 212ms
86ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800&display=swap&ver=6.2.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://win4win.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:47:59 GMT
x-content-type-options: nosniff
age: 400666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:47:59 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc52a1b197d39b12ee2340c85f7e2c5560cb7ff9262f760e78a60227dbf9c234

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sdk.js Show response
sdk.checkout-panda.ch/ 110 KB
110 KB 437ms
437ms Script
application/javascript 46.101.217.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565945992
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/w4w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.101.217.240 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 2c558433f31467de73d0da85a16fe44db6a58f9cfccbd0061ad4d4ff6cb51f3f

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:46 GMT
last-modified: Wed, 20 Apr 2022 07:59:24 GMT
server: nginx/1.20.0
accept-ranges: bytes
etag: "625fbd5c-1b813"
content-length: 112659
content-type: application/javascript

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 131ms
43ms Script
application/javascript 65.9.95.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1769474.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-80.prg50.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2216560
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: k-_OjVSKiI81a7jOc7ASkDgXFMRCrduWKfwutIvRv48DnDE5i3Eusg==

GET
H3 200 920079845401155 Show response
connect.facebook.net/signals/config/ 72 KB
14 KB 30ms
30ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/920079845401155?v=2.9.165&r=stable&domain=win4win.ch&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

959fb278a61b3a670f053b53771f696c936ab8c14a9fb87c2caeb383a5c4f7fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 06:05:46 GMT
document-policy: force-load-at-top
x-fb-server-load: 23
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14661
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=67, mss=1232, tbw=67178, tp=67, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: OBF4htaeFuTS5Et7WDmcdjpSUP0N18l1gINxGKei4hb++IOgjwAQZYGmLvK7gI0uRCV2WEqeSVdIxMvTrz6jSw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ct Show response
obs.du89buildings.com/ 4 KB
2 KB 351ms
135ms Script
text/javascript 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.du89buildings.com/ct?id=52974&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1724565946236&hl=2&op=0&ag=1074146904&rand=238592107826101262211176921670922370563110790200810116180079641621111256010207591016&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=https%3A%2F%2Fr.win4win-news.com%2F&ss=1600x1200&nc=0&at=&di=W1siZWYiLDM2MTddLFsiYWJuY2giLDBdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUpIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAgICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAgICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAgICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAgfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAgfV0iXSxbLTgsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTI1LCItIl0sWy0yOSwiLSJdLFstMzUsIlsxNzI0NTY1OTQ2MTg5LC0yXSJdLFstNDAsIjMzIl0sWy01MSwiLSJdLFstNjgsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MTAxNjkwODQsXCJ1amhzXCI6NjI3NzE5MixcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstMzEsImZhbHNlIl0sWy00NywiLSJdLFstNTUsIjIiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTcsIi0iXSxbLTMzLCItIl0sWy0zOCwibCwtMSwtMSw2LDAsMSwwLDAsNjAsNjIsLTEsMCwzNjgsMzY4LDcxOCw3MTgiXSxbLTQ0LCIwLDAsMCw1Il0sWy01MCwiLSJdLFstNjMsIi0iXSxbLTUsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xOSwiWzk5MCw5OTAsOTkwLDk5MCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTI4NSwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMywiKyJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEwMDExMTAxMTAwMTAxMTAxMDAwMDAxIl0sWy02OSwiLSJdLFstMTQsIi0iXSxbLTE2LCIwIl0sWy0xNywiOCJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsNSx0cnVlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTQxLCItIl0sWy00NiwiMCJdLFstNTMsIjEwMCJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRb0pBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkZlhCa1JVVTFOU1VvREZoWldXeGRkVEFFQVcweFFWVjFRVjE1S0YxcFdWQlpRRmx4YkRRMEpYUTRBVzFzSUNRc0lBQXdMRGxzQURRQUJXd2tKQ0F0YkFGdGJGMU5LQXdnRER3NE9EQWtRRlZoTkdVc1pFVkZOVFVsS0F4WVdWbHNYWFV3QkFGdE1VRlZkVUZkZVNoZGFWbFFXVUJaY1d3ME5DVjBPQUZ0YkNBa0xDQUFNQ3c1YkFBMEFBVnNKQ1FnTFd3QmJXeGRUU2dNSUF3NElDUT09Il0sWy01OSwiZGVmYXVsdCJdLFstNjEsIntcIndnc2xcIjpcIjQ7cmVhZG9ubHlfYW5kX3JlYWR3cml0ZV9zdG9yYWdlX3RleHR1cmVzO3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztcIixcInBjZlwiOlwiYmdyYTh1bm9ybVwifSJdLFstNjcsIi0iXSxbLTYsIi0iXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01OCwiLSJdLFstNjAsIi0iXSxbLTY1LCItIl0sWy0xMywiLSJdLFstMjAsIi0iXSxbLTI0LCJbXSJdLFstMzQsIi0iXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstMTUsIi0iXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMyLCItIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyNDAxNzExNTA0XCJdLFwiZFwiOltdLFwiYlwiOltdLFwic1wiOjF9Il0sWy02NiwiZ2VvbG9jYXRpb24sc3RvcmFnZWFjY2VzcyxnYW1lcGFkLGNoZWN0LG1pZGksZGlzcGxheWNhcHR1cmUsdXNiLGxvY2FsZm9udHMscGljdHVyZWlucGljdHVyZSxqb2luYWRpbnRlcmVzdGdyb3VwLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LGJyb3dzaW5ndG9waWNzLG90cGNyZWRlbnRpYWxzLGVuY3J5cHRlZG1lZGlhLGNoc2F2ZWRhdGEsY2h1YWZ1bGx2ZXJzaW9ubGlzdCxjaHVhd293NjQsc2hhcmVkc3RvcmFnZSxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksc2VyaWFsLGNhbWVyYSxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsaWRlbnRpdHljcmVkZW50aWFsc2dldCxjaHVhZnVsbHZlcnNpb24sZnVsbHNjcmVlbixjaGRwcix1bmxvYWQsa2V5Ym9hcmRtYXAsY2h1YXBsYXRmb3JtLHNoYXJlZHN0b3JhZ2VzZWxlY3R1cmwsZ3lyb3Njb3BlLGludGVyZXN0Y29ob3J0LGNodWFtb2JpbGUsd2luZG93bWFuYWdlbWVudCxjaHVhLHB1YmxpY2tleWNyZWRlbnRpYWxzY3JlYXRlLHJ1bmFkYXVjdGlvbixtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsY2h1YWZvcm1mYWN0b3JzLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLGNvbXB1dGVwcmVzc3VyZSxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2sscHJpdmF0ZWFnZ3JlZ2F0aW9uLGNsaXBib2FyZHdyaXRlLGF0dHJpYnV0aW9ucmVwb3J0aW5nLGNoZGV2aWNlbWVtb3J5LG1pY3JvcGhvbmUiXSxbLTUyLCItIl0sWy02MiwiODAiXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstNCwiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00NSwiLSJdLFsiYm5jaCIsMTE0XSxbLTEsIi0iXSxbLTIsIi0iXSxbLTIxLCItIl0sWy0yNywiWzUwLDEwLDAsXCI0Z1wiLG51bGxdIl0sWyJkZGIiLCIwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwxLDAsMSwwLDIsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDEsMCwwLDAsMCwzLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=VhJgDewCzd&pto=743&ver=61&gac=-&mei=&ap=&fe=1&duid=1.1724565946.PVJoKscjoZxxeLWE&suid=1.1724565946.VFRU5ADpnqcjxLlR&tuid=1.1724565946.RkWiYXJDaotP0JGx&fbc=-&gtm=W10%3D&it=44%2C134%2C488&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=Ojk2Oi0%2BOTY6LSY5NjstJj8%2BNjstJj88NjstJj8yNjstJj46NjstaGA2Oi1uc2hKeHJlaDY6LWVkbXk2Oi17c2w2Lj5JZGlhbmh%2FLjk7RGlhbmh%2FLj5P
Requested by: Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d88a0785cb66c8653970ead767959158ae58ea3022fb69912763aa5a95373016

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:46 GMT
content-encoding: gzip
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: https://win4win.ch
content-length: 1360
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 95ms
31ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=920079845401155&ev=PageView&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565946259&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=12318&fbp=fb.1.1724565946256.748617935223553334&cs_est=true&ler=other&cdl=API_unavailable&it=1724565946096&coo=false&rqm=GET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2829, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 06:05:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 245ms
181ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=920079845401155&ev=PageView&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565946259&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=12318&fbp=fb.1.1724565946256.748617935223553334&cs_est=true&ler=other&cdl=API_unavailable&it=1724565946096&coo=false&rqm=FGET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 25 Aug 2024 06:05:46 GMT
document-policy: force-load-at-top
x-fb-server-load: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406954339164388406", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=14, mss=1297, tbw=3342, tp=-1, tpl=-1, uplat=145, ullat=0
pragma: no-cache
x-fb-debug: AZC1L8Tq7O3E2oiuTp+Sjmj2twdAhyIkNkdy15PDxoHs0IGwO/tHTf+w/1vTw5Br3QgWqnJpTk3kABWzioYC3A==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406954339164388406"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
105 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V0NHQB0T8H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBGQV67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f29717fd49e6c77be44043c0a196f74adb314aed0ef3c71964fff83c94933ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 06:05:46 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 49 KB
21 KB 88ms
38ms Script
application/javascript 3.163.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBGQV67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 2af0f5c12099fb857aeda94a926b0ab19f253b649b4b159f04f0f9e342de2d9f

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:46 GMT
content-encoding: gzip
via: 1.1 cb8e2cd001e8928a49dc551941d5c7da.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR50-P1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 21282
x-amz-cf-id: VKUB4jg86kfCewUOseo9mfhdhHSj4S78uptYlSwL4c4eO2Tj0Krcvw==

GET
H3 200 587343958853100 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 25ms
25ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/587343958853100?v=2.9.165&r=stable&domain=win4win.ch&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C130%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C123%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

0bc4f2cb356a0002f323557c757d91e3ad56ac5a91c141e881217a1305aa51e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 06:05:46 GMT
document-policy: force-load-at-top
x-fb-server-load: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2896
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=1, c=69, mss=1232, tbw=82554, tp=84, tpl=1, uplat=2, ullat=-1
pragma: public
x-fb-debug: FC7qP/iySXL1g/Y/f5ySShmGF+DQKjrGf5RtvA2QE+tD5Uq13hf9h7VtvNfI1ZMjM0MgISaClkr7wOlH+MNPUw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 175ms
125ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CP85PDBC77UBS72H2H0G&lib=ttq
Requested by: Host: r.win4win-news.com
URL: https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfy8QtVKnTX8NIDheZf5zRi/bihzCwnfeNjU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cdfa44dcd0c9411507ca9a34e6994047aac3868dbc1f025c3cc769eba24b83a0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: ceb1211.edcb6d9d
date: Sun, 25 Aug 2024 06:05:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408250605462708A5019C8407DE0173-4CD99CE7F38EA9F5-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 95,2.20.179.79
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=7, inner; dur=4
content-length: 2003
pragma: no-cache
server: nginx
x-tt-logid: 202408250605462708A5019C8407DE0173
x-cache-remote: TCP_MISS from a23-218-223-84.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.218.223.84
x-tt-trace-host: 01668225b9d696caafcca6e2035ca1f22149b2ad23a3e78373304ab2f48ca329e9cf0265f7a73bc810082d11d1f9aa777e74522e4f4cf88911d8342ec5c26ab1dae5005677b0c3980de9bc8e7c65548355f4905e36ea5f6731bf5b169efc22b7545606efaa7346ed24575c5ecfadfb67fb
expires: Sun, 25 Aug 2024 06:05:46 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 89ms
29ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YBNHKJ18XT&gtm=45be48l0v9125827129za200&_p=1724565945650&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=328210265.1724565946&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724565946&sct=1&seg=0&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&dr=https%3A%2F%2Fr.win4win-news.com%2F&dt=Helsana%20verlost%20iPhone%2015%20Pro&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=862
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-805112524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win4win.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 87ms
29ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YBNHKJ18XT&cid=328210265.1724565946&gtm=45be48l0v9125827129za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-805112524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win4win.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.fr/ads/ 42 B
63 B 74ms
38ms Image
image/gif 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YBNHKJ18XT&cid=328210265.1724565946&gtm=45be48l0v9125827129za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=999827038

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
218 B 35ms
34ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=563881760&t=pageview&_s=1&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&dr=https%3A%2F%2Fr.win4win-news.com%2F&ul=fr-fr&de=UTF-8&dt=Helsana%20verlost%20iPhone%2015%20Pro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1883057893&gjid=145254578&cid=328210265.1724565946&tid=UA-98379578-2&_gid=600459420.1724565946&_r=1&_slc=1&z=46224262

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

62da855e1370b3f736975cc1da5a0906a391c374d24febdfdb17c0dad4a062a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win4win.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 28ms
27ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=587343958853100&ev=PageView&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565946388&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1724565946256.748617935223553334&ler=other&cdl=API_unavailable&it=1724565946096&coo=false&rqm=GET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=14, mss=1297, tbw=3195, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 06:05:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
852 B 160ms
160ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=587343958853100&ev=PageView&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565946388&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1724565946256.748617935223553334&ler=other&cdl=API_unavailable&it=1724565946096&coo=false&rqm=FGET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 25 Aug 2024 06:05:46 GMT
document-policy: force-load-at-top
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406954338220082471", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=14, mss=1297, tbw=6178, tp=-1, tpl=-1, uplat=101, ullat=0
pragma: no-cache
x-fb-debug: quiIuCRoOKaajOewuXGB9TnAGBpbE0gAZVxkKeB25Hq/aXxkpEMlhCz+b7tlLxgMGiGbP5wkLxwkw5tZoG6nRA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406954338220082471"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 23ms
23ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-V0NHQB0T8H&gtm=45je48l0v9116050500z8831758034za200zb831758034&_p=1724565945650&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=328210265.1724565946&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724565946&sct=1&seg=0&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&dr=https%3A%2F%2Fr.win4win-news.com%2F&dt=Helsana%20verlost%20iPhone%2015%20Pro&en=page_view&_fv=1&_ss=1&tfd=939
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V0NHQB0T8H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win4win.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 23ms
23ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V0NHQB0T8H&cid=328210265.1724565946&gtm=45je48l0v9116050500z8831758034za200zb831758034&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V0NHQB0T8H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win4win.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.fr/ads/ 42 B
63 B 38ms
38ms Image
image/gif 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V0NHQB0T8H&cid=328210265.1724565946&gtm=45je48l0v9116050500z8831758034za200zb831758034&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1087398717

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 339 KB
114 KB 62ms
61ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YBNHKJ18XT&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5ba69a9f9f22676521bda979d4231cdc3f2b465823196296df04ceb4f2e2440e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 116475
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 06:05:46 GMT

GET
H2 200 main.MTcwODM0ODQ4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 331 KB
93 KB 26ms
25ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CP85PDBC77UBS72H2H0G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: de0a685865e11857eb59fc72c7bc426af104c0307e099ba7377d4afe6503058d

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: edcb6f36
date: Sun, 25 Aug 2024 06:05:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024082300562430C4BA27D8F1A3EA46B0
x-tt-trace-id: 00-24082300562430C4BA27D8F1A3EA46B0-29E8C6D0336C4138-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014c0ca1a7ea70026e1cd7c38782c1b167c7b474a5a7e6059314969298bde5ae3503fa789a8598a9cecb97c10d3710f449411b542c1aab34a80fc3f7804a032c39105b7d03661d346534020c146fe2278971772677c8fa683542bc32234f835b36
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 95066

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.MtA0XocprA0.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo90Qw_OxY6asHlYoeK8rr6SbH-ghg/ 173 KB
60 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.MtA0XocprA0.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo90Qw_OxY6asHlYoeK8rr6SbH-ghg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b65e5cd6afcb656302e8ea12209515c350feb3c2596dd1bbebc0a65194813d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60662
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 18:55:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Aug 2025 14:08:20 GMT

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 539 KB
215 KB 113ms
31ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90b093d0632304ca9774e284386055b0ed71a42c06749090619f15977999e32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
Origin: https://win4win.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 18:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 219419
x-xss-protection: 0
last-modified: Mon, 19 Aug 2024 04:00:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Aug 2025 18:29:19 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 33ms
32ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wp-content/themes/win4win/js/script.js?ver=1724331036

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

9f8fdf924a95b17a65177aa5aa4b8e0279dd3e1a3033ea3500b7793af46a1b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Aug 2024 06:05:46 GMT
content-md5: 2ABCsX3BVWCVYlhp8v+0Xg==
document-policy: force-load-at-top
x-fb-server-load: 50
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=1, c=69, mss=1232, tbw=85882, tp=90, tpl=1, uplat=0, ullat=-1
x-fb-debug: gy4UZAilHPagwGF/RQdfCmpanRg7Sl+HpCZWQLaRppeWTpHfNtZBPq3x2iOhON9RSJwx85YWW37lpE12KWLOGg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: bb11590436eda5fe04a62750e23caab5
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "8e20d2f5c7e16f4dadd76bb196c23184"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 25 Aug 2024 06:19:49 GMT

GET
H2 204 1769474 Show response
vc.hotjar.io/sessions/ 0
233 B 194ms
71ms XHR
text/plain 65.9.95.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1769474?s=0.25&r=0.08943983591589522
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565945992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-52.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 25 Aug 2024 06:05:46 GMT
cache-control: no-store
via: 1.1 2a5c925255bb252ff0ed65977311f74e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: rlpPp6x6Q-DBH_0SIsTQJE_yCmmBVxjBQqNFAc8PNZnMdka5jWZq3g==
x-cache: Miss from cloudfront

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 220ms
70ms XHR
application/json 54.216.135.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=1769474&gzip=1
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565945992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.216.135.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-135-50.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: de85f7dc0b224db738889895614d5a5c7f90edece0adfaa85edaa3fdd50e882f

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 25 Aug 2024 06:05:46 GMT
content-length: 56
access-control-max-age: 86400
content-type: application/json

GET
H2 200 identify_c2008b8c.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 29ms
28ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: edcb71e1
date: Sun, 25 Aug 2024 06:05:46 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202407291241428A0637CBFAAEB41DCF01
x-tt-trace-id: 00-2407291241428A0637CBFAAEB41DCF01-5E518F47C6012312-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e33994960eedba4d9d64bb2cce523cc44cf9a1ceb6067a86a86c193f5f828f28bdf557cde35992181eb3e1ed8857856db1b699a90312147d7379f71cee1d04dd01e66feac1f106f50fe3bcde315804ca4d23cf41cda1e80b4cdebaad1c4e97a7
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 39594

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
878 B 153ms
152ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b1a83891.edcb71f2
date: Sun, 25 Aug 2024 06:05:46 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240825060546B40D3CE2752CC5EA407C-339E12C7C2EC6BC9-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 119,2.20.179.79
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=32, inner; dur=29
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240825060546B40D3CE2752CC5EA407C
x-cache-remote: TCP_MISS from a23-218-223-78.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.218.223.78
x-tt-trace-host: 01668225b9d696caafcca6e2035ca1f22149b2ad23a3e78373304ab2f48ca329e9ab35fe9efe9d44ad32909422042569a08d765ebe4f7064f40e98a630d3cbbb3065782260bc1f689631eeb826a79968fc8fdf153f244b1c9b5b37ed17e5768596c03679bccacd374929c88ce8c2fd5239
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 06:05:46 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 131ms
25ms Script
application/javascript 2a02:26f0:480:591::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: win4win.ch
URL: https://win4win.ch/wp-content/plugins/pixelyoursite-pinterest/dist/scripts/public.js?ver=2.0.17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:591::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 98ea26191ffc6155103762f2a7205b0b1af5f0e8d4e26cb4b539e581e2e48686

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "e5ca9645e8d8c8a937d77f8658e7bab1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1880

GET
H2 200 fontello.woff2
win4win.ch/wp-content/themes/win4win/fonts/fontello/ 5 KB
5 KB 197ms
197ms Font
application/font-woff2 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/fonts/fontello/fontello.woff2?54489214

Requested by

Host: win4win.ch
URL: https://win4win.ch/wp-content/themes/win4win/css/fontello.css?ver=6.2.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b5c2c907dbb18de704c191d9bcd96b9e296715948ab9ccbb634b9fa27a93012b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wp-content/themes/win4win/css/fontello.css?ver=6.2.6
Origin: https://win4win.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"
date: Sun, 25 Aug 2024 06:05:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy
x-content-type-options: nosniff
server: nginx
etag: "1238-650c17f9-0;;;"
content-type: application/font-woff2
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4664
x-xss-protection: 1; mode=block
expires: Mon, 25 Aug 2025 06:05:46 GMT

GET
H2 200 flags.png
win4win.ch/wp-content/themes/win4win/images/ 69 KB
70 KB 131ms
130ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/flags.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wp-content/themes/win4win/css/intlTelInput.min.css?ver=6.2.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wp-content/themes/win4win/css/intlTelInput.min.css?ver=6.2.6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:46 GMT
date: Sun, 25 Aug 2024 06:05:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 70857
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:21 GMT
server: nginx
etag: "114c9-650c17f5-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
91 KB 52ms
51ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-628473700&l=dataLayer&cx=c

Requested by

Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3004cc937914d7048fdd1e5b875f2b41a773104d01236063ba5dd7d546481cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92912
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 06:05:46 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 25ms
24ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=920079845401155&ev=CHEQ&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565946722&sw=1600&sh=1200&v=2.9.165&r=stable&ec=1&o=12318&fbp=fb.1.1724565946256.748617935223553334&ler=other&cdl=API_unavailable&it=1724565946096&coo=false&rqm=GET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4326, tp=9, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 06:05:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 538ms
535ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=920079845401155&ev=CHEQ&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565946722&sw=1600&sh=1200&v=2.9.165&r=stable&ec=1&o=12318&fbp=fb.1.1724565946256.748617935223553334&ler=other&cdl=API_unavailable&it=1724565946096&coo=false&rqm=FGET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 25 Aug 2024 06:05:47 GMT
document-policy: force-load-at-top
x-fb-server-load: 26
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406954338799086964", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=24, mss=1232, tbw=5030, tp=17, tpl=0, uplat=511, ullat=0
pragma: no-cache
x-fb-debug: 3YC5Vkgu0fiGG4hY/HRVI4fnG75nGiRvl4+T4LxuObfnPrm7GPL8cGLGjFy0+/N3Q8HO/CdrgHeuRAezAX7vnQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406954338799086964"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 31ms
28ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=587343958853100&ev=CHEQ&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565946723&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1724565946256.748617935223553334&ler=other&cdl=API_unavailable&it=1724565946096&coo=false&rqm=GET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4790, tp=14, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 06:05:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 572ms
570ms Image
image/png 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=587343958853100&ev=CHEQ&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565946723&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1724565946256.748617935223553334&ler=other&cdl=API_unavailable&it=1724565946096&coo=false&rqm=FGET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 25 Aug 2024 06:05:47 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406954339629436912", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=26, mss=1232, tbw=8310, tp=20, tpl=0, uplat=546, ullat=0
pragma: no-cache
x-fb-debug: 4vSNankjTKh4/loMQo/Kv61Xv7xquvcUP13lvXqfnA/mSWmjZrYQmqkq6Y7hIoPAQTWjEI9Yzj6WzNX/h0YvBw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406954339629436912"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.google.fr/pagead/1p-conversion/628473700/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1256841628&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI...
https://www.google.com/pagead/1p-conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1256841628&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIg_WZ5byPiAMV1CFVCB3Be...
https://www.google.fr/pagead/1p-conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1256841628&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIg_WZ5byPiAMV1CFVCB3BeB...

42 B
64 B

41ms
40ms

Image
image/gif

172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1256841628&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIg_WZ5byPiAMV1CFVCB3BeBV7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSGwDpaXnfKW8eBPYPFFzfkkYl9IoJqZ3xE-qeNg&random=122522373&ipr=y

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fr/pagead/1p-conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1256841628&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIg_WZ5byPiAMV1CFVCB3BeBV7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSGwDpaXnfKW8eBPYPFFzfkkYl9IoJqZ3xE-qeNg&random=122522373&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc_imp.gif
obs.du89buildings.com/tracker/ 43 B
79 B 105ms
103ms Image
image/gif 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.du89buildings.com/tracker/tc_imp.gif?e=37dfbd8ee84e001268eac233ef4e8e9b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5b13846a2317071a10acf9f29f67408382da51796a4ff92c73018e3ede36c352320670c106045c30510cc5eb694c77be26bb25cb43e2913bf05365a80c797a1bda53ec4ef4c3d6da39bb2807ff7ecaa8556d8e0e3143714493d60265f460b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf7268ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e828ab63d93345a84f99c2f1f11fe6667fb904762bdd1af758903f814ba811fc11ed9d36d9a6d279c9822dd6699cefab6cdb3f11338ae6bf2fbb9234e2bfb8a3d94f31bed5b1559c81a0fc19483cfd4fb95308520d790a48b74ed336e33926e2b9381965e279da83deb07e0d315c539ef6d454845c13aff558d96f531f886789f5cc3bf9c95278e191c3eb31e03503e112d89ec73b341d3dc9723b5de3dbd9a3acc90f8a630c2a0ab4a6d72defc554894bb0e4f13b8edef3bbb2886f80fb7f224a06ebc23cb02924d80f9789e4579f6a480382d2372547b78004effbfc8158610bd57535135eae21dacc44159a0fca6eeae66d0f0f6e094baf3e341243ff84e9ab55b689f42651bd76341706cf67bac6a18c2ebc1659661d7258bac30ccb80d9a7b132020027f1280c1e4db387d4999045896dbdaa7adc9540c82adbc7e94d36e7dd8d37f207badd4800233bd3584419e1de13b9e14dec117fea45284e1d7a9db1438b08a732bd70ac1f8a2b704df296d42179e7a424eb0a45d8be912cf909fce4aabf1e5560b4633fe63ea56f01dcedd0b842e51650463296deb488f9f3252bb6bc5a1f03cddc953ee2f14f6781456ebb98e4e3aee0b82c602c61573401cae3147efb3c52a8f0e2c90840fb38b8cbbd13e850e04664cad294707cbc95302a836e5e2d379da91fe045e7fab763248599e055ae785fc584cc52063d9948448d5c6fa921b30b030a71535159f1f3175d4cc161ec885b694f0b810e233ba7c8a6692cd10ceede4396eb9d352c89fa2a095b0c4c735448ee123498966d173dd2cbdbb78f396938263b8d084a4b81336&cri=VhJgDewCzd&ts=490&cb=1724565946726
Requested by: Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 25 Aug 2024 06:05:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 61ms
32ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d5a6283b0b016e705bdcaad53f08420b

Requested by

Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

f9437f01848605b1eb0a0e0e630556eceb8322283898249f9acf1f7a899d14a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://win4win.ch/
Origin: https://win4win.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Aug 2024 06:05:46 GMT
content-md5: jCOnqxJQHKk0KLgujLSNXA==
document-policy: force-load-at-top
x-fb-server-load: 47
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89221
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4281, tp=8, tpl=0, uplat=0, ullat=-1
x-fb-debug: XHRbEhz1nX+9u03rcZ2++6k/53Llko+pwGhF8NGIWXHvrtF00mIybbt3A8Z4UK5Uzu+zojpG0DZKRidWG6jICg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 5e6420ddd289d08f59c7f6e15ed90f7f
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "d8863ac632dbe9a3b530aeb5476053a0"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 25 Aug 2025 04:39:23 GMT

GET 9bfafafc-d9e6-433a-aed6-56f66be134e6
https://win4win.ch/ Frame 0
0

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame 6522 0
0 100ms
32ms Document
text/html 2a00:1450:4013:c14::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.MtA0XocprA0.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo90Qw_OxY6asHlYoeK8rr6SbH-ghg/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c14::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-acKzmreNN7yrRQQal-cH8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-acKzmreNN7yrRQQal-cH8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 06:05:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/IdpIFrameHttp/web-reports?context=eJzj8tHikmLw15BikPj6kkkNiJ3SZ7AGALFP_QzWKCBuvXmOdTIQW988z5r07zxrARAvibjIeiDxIquhwiVWeyBW7bnEagzEQjwcuyav3sYm8GL6plXMSmpJ-YXxmSmpeSWZJZW6-YmlJRm6GSUlBfFGBkYmBhaGFnoGFvEFBgAYZjGi"
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
718 B 138ms
135ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: edcb74b0
date: Sun, 25 Aug 2024 06:05:47 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240825060546EB9FB213DF8E6CE56B0B-39509EFA1360B9E0-00
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=8, origin; dur=107
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240825060546EB9FB213DF8E6CE56B0B
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 107,2.20.179.79
x-tt-trace-host: 01668225b9d696caafcca6e2035ca1f2218c4546f0a2c12be79fbce1c44d4cf61ebbd3357f3ff9f6ce24d003e52e2ebe4cd5011f6933af3559ca78ca67ffc020830fcf8e49e52f51eaab15a4eb29a3cff3360db5cf4b48e858b75bd9aeef8923a8
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 06:05:47 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/628473700/ 3 KB
2 KB 45ms
44ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/628473700/?random=1724565946942&cv=11&fst=1724565946942&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&ref=https%3A%2F%2Fr.win4win-news.com%2F&label=rsGbCJeb6okZEOT-1qsC&hn=www.googleadservices.com&frm=0&tiba=Helsana%20verlost%20iPhone%2015%20Pro&gtm_ee=1&npa=1&pscdl=noapi&auid=312957301.1724565946&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e8029341f0309187c79110c8f26cd5f05b82a1a0033a11aaa33d470cbc2d9fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1581
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.1b182128.js Show response
s.pinimg.com/ct/lib/ 81 KB
23 KB 24ms
24ms Script
application/javascript 2a02:26f0:480:591::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.1b182128.js
Requested by: Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:591::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6515981ad814530ea37bc6838f8d8cc3074eaf22dffef1b8f207959afd0a492b

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "2ede1d70eab18c6ab52837a878fb9264"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 23553

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
330 B 212ms
39ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614044924560&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&cb=1724565946987&dep=2%2CPAGE_LOAD
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565945992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:47 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 2719108240195711
content-length: 188
pin-unauth: dWlkPU1tRTBNalJsTkdVdFlqVmlaQzAwTTJGaUxXRTNZalF0TXpVeFpqSXpNekE1WTJZeA
pragma: no-cache
referrer-policy: origin
x-pinterest-rid-128bit: 7412e22d2cb66b4203c605742c4531a0
content-type: application/json; charset=utf-8
access-control-allow-origin: https://win4win.ch
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 3241ae12ecef327d6ee2618dd13bec9ec9710d0c
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
672 B 209ms
37ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=GeneralEvent&ed=%7B%22domain%22%3A%22win4win.ch%22%2C%22user_roles%22%3A%22guest%22%2C%22plugin%22%3A%22PixelYourSite%22%2C%22event_id%22%3A%229f46c6e8-05a8-44c8-b89f-648c191efaff%22%7D&tid=2614044924560&cb=1724565946989&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565945992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:47 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1408028960239654
content-length: 188
pin-unauth: dWlkPU56WXpaREJsTVdFdFpEZGpOQzAwTm1aaUxXSXdZbVF0Tm1ZMk4yUTBPR1U1WkRWbA
pragma: no-cache
referrer-policy: origin
x-pinterest-rid-128bit: 0dde404b2cbe3696c3673ccaf578e565
content-type: application/json; charset=utf-8
access-control-allow-origin: https://win4win.ch
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 3241ae12ecef327d6ee2618dd13bec9ec9710d0c
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
207 B 210ms
39ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2614044924560&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fr.win4win-news.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%221b182128%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1724565946990
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565945992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:47 GMT
referrer-policy: origin
x-cdn: fastly
x-pinterest-rid-128bit: 5bbf57ad073894dde86be179c2b41435
content-type: image/gif
access-control-allow-origin: https://win4win.ch
pinterest-version: 3241ae12ecef327d6ee2618dd13bec9ec9710d0c
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1674772755238119
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

/
www.google.fr/pagead/1p-conversion/628473700/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628473700/?random=344283332&cv=11&fst=1724565946942&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=...
https://www.google.com/pagead/1p-conversion/628473700/?random=344283332&cv=11&fst=1724565946942&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp...
https://www.google.fr/pagead/1p-conversion/628473700/?random=344283332&cv=11&fst=1724565946942&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=...

42 B
64 B

52ms
52ms

Image
image/gif

172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-conversion/628473700/?random=344283332&cv=11&fst=1724565946942&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&ref=https%3A%2F%2Fr.win4win-news.com%2F&label=rsGbCJeb6okZEOT-1qsC&hn=www.googleadservices.com&frm=0&tiba=Helsana%20verlost%20iPhone%2015%20Pro&gtm_ee=1&npa=1&pscdl=noapi&auid=312957301.1724565946&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI0rKk5byPiAMVtOkRCB3yQxM3MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSKQDpaXnf6cdS_m-kyrzELDpbrqq8AKR8h5CF_ojmRYgp06no2hzlZ_ve&random=2807504238&ipr=y

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fr/pagead/1p-conversion/628473700/?random=344283332&cv=11&fst=1724565946942&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&ref=https%3A%2F%2Fr.win4win-news.com%2F&label=rsGbCJeb6okZEOT-1qsC&hn=www.googleadservices.com&frm=0&tiba=Helsana%20verlost%20iPhone%2015%20Pro&gtm_ee=1&npa=1&pscdl=noapi&auid=312957301.1724565946&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI0rKk5byPiAMVtOkRCB3yQxM3MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSKQDpaXnf6cdS_m-kyrzELDpbrqq8AKR8h5CF_ojmRYgp06no2hzlZ_ve&random=2807504238&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
359 B 42ms
40ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=GeneralEvent&ed=%7B%22domain%22%3A%22win4win.ch%22%2C%22user_roles%22%3A%22guest%22%2C%22plugin%22%3A%22PixelYourSite%22%2C%22event_id%22%3A%229f46c6e8-05a8-44c8-b89f-648c191efaff%22%7D&tid=2614044924560&cb=1724565947210&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22pixelyoursite%22%2C%22aem_eligible_list%22%3A%5B%22ge%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fr.win4win-news.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%221b182128%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565945992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:47 GMT
referrer-policy: origin
x-cdn: fastly
x-pinterest-rid-128bit: 80806520dd8bda7ed6a1f7cd02541ee1
content-type: image/gif
access-control-allow-origin: https://win4win.ch
pinterest-version: 3241ae12ecef327d6ee2618dd13bec9ec9710d0c
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1546591505524641
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 login_button.php
www.facebook.com/v5.0/plugins/ Frame D76E 0
0 161ms
116ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/login_button.php?app_id=2453031748306293&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa3b030b2a20f57ba%26domain%3Dwin4win.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwin4win.ch%252Ff7e0312fdef5e1b0b%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d5a6283b0b016e705bdcaad53f08420b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-origin
date: Sun, 25 Aug 2024 06:05:47 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406954342161880741"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406954342161880741", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=14, mss=1297, tbw=20164, tp=-1, tpl=-1, uplat=87, ullat=0
x-fb-debug: 8HFxU7lYyb7jI0tLxS9/y4QaBiCNKi1+xfYIfXugw1jxqrHIvukpd/r7hpeemCSbO1aqrx6r5ctcg1adXTdfKQ==
x-fb-server-load: 37
x-xss-protection: 0

GET
H2 200 login_button.php
www.facebook.com/v5.0/plugins/ Frame FF28 0
0 131ms
89ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/login_button.php?app_id=2453031748306293&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df737cc6971c8281d0%26domain%3Dwin4win.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwin4win.ch%252Ff7e0312fdef5e1b0b%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d5a6283b0b016e705bdcaad53f08420b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-origin
date: Sun, 25 Aug 2024 06:05:47 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406954342957760932"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406954342957760932", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=64, ullat=0
x-fb-debug: SnEs5VPqz4htOCnR4tR4NNrhR7zmCJF35yrxVEf/FhCndfYMpD6I35xVtxd8bjigu4hosZCyl+I2Ec5qwPkr0w==
x-fb-server-load: 17
x-xss-protection: 0

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 27ms
26ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:47 GMT
x-cdn: fastly
age: 1966
etag: "16d5d552603d86726ae439fc61299d42"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4103

GET
H2 200 ct.html
ct.pinterest.com/ Frame B706 0
0 84ms
42ms Document
text/html 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://win4win.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 25 Aug 2024 06:05:47 GMT
pinterest-version: 3241ae12ecef327d6ee2618dd13bec9ec9710d0c
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1142422209581896
x-pinterest-rid-128bit: faf98ec9128b9ce99e8afd77d075484e

GET
H2 200 1cdb7c83-6b94-4de3-8d9d-6a5c277bfa5c.json Show response
tr.snapchat.com/config/ch/ 263 B
545 B 176ms
132ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/ch/1cdb7c83-6b94-4de3-8d9d-6a5c277bfa5c.json?v=3.25.1-2408082241

Requested by

Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565945992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

fed188be9388b5012169ecb411b4f769de8e30be8c10f0d9c17ba9329760c7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept: application/json
Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://win4win.ch
x-envoy-upstream-service-time: 94
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263

GET
H2 200 i
tr.snapchat.com/cm/ Frame 0C35 0
0 74ms
33ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=1cdb7c83-6b94-4de3-8d9d-6a5c277bfa5c&u_scsid=4ed61e0b-8536-4522-80ec-ec5730215dfa&u_sclid=fc371890-0b32-4b3e-aa83-c02960a86c60

Requested by

Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 25 Aug 2024 06:05:47 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
445 B 69ms
28ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=1cdb7c83-6b94-4de3-8d9d-6a5c277bfa5c&ev=PAGE_VIEW&intg=gtm&pids=1cdb7c83-6b94-4de3-8d9d-6a5c277bfa5c&u_c1=1e0a838f-83e8-4492-95fd-01c5277c7283&cdid=%40-d7ea70d1-8355-4686-8128-5a2efd2f9985&u_sclid=fc371890-0b32-4b3e-aa83-c02960a86c60&u_scsid=4ed61e0b-8536-4522-80ec-ec5730215dfa&bg=false&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=0&m_fcps=368&m_pi=0&m_pl=0&m_pv=2&m_rd=2122&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rf=https%3A%2F%2Fr.win4win-news.com%2F&trackId=ba0725ee-d886-4f02-8ebe-9e93ccdbc868&ts=1724565947617&v=3.25.1-2408082241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

POST
H2 200 mon Show response
obs.du89buildings.com/ 0
144 B 102ms
97ms XHR
application/json 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.du89buildings.com/mon
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565945992
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://win4win.ch
date: Sun, 25 Aug 2024 06:05:47 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.du89buildings.com/ 0
16 B 104ms
101ms XHR
application/json 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.du89buildings.com/mon
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565945992
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://win4win.ch
date: Sun, 25 Aug 2024 06:05:47 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 p
tr6.snapchat.com/ 0
47 B 29ms
26ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 25 Aug 2024 06:05:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 favicon.png
win4win.ch/wp-content/themes/win4win/images/ 10 KB
10 KB 31ms
31ms Other
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/images/favicon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

c1d71b63f9bde9b4d2f4621c7ff0718ab3c2b6404332b0e5bee99113d3324056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:47 GMT
date: Sun, 25 Aug 2024 06:05:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 9966
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:21 GMT
server: nginx
etag: "26ee-650c17f5-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

POST
H2 200 p
tr.snapchat.com/ 0
86 B 31ms
28ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 25 Aug 2024 06:05:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://win4win.ch
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 mon Show response
obs.du89buildings.com/ 0
39 B 98ms
96ms XHR
application/json 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.du89buildings.com/mon
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565945992
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://win4win.ch
date: Sun, 25 Aug 2024 06:05:49 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.du89buildings.com/ 0
39 B 105ms
103ms XHR
application/json 2600:1f18:e8a:cd08:3437:aff5:50c:d298
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.du89buildings.com/mon
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565945992
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://win4win.ch
date: Sun, 25 Aug 2024 06:05:51 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: win4win.ch
URL: blob:https://win4win.ch/9bfafafc-d9e6-433a-aed6-56f66be134e6

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 23:04:12	Name: X-AB Value: 3c1412b8a0a94f31a19b66f8b63dbed5
sibautomation.com/	1970-01-21 03:24:25	Name: uuid Value: a71ffd9d-0f02-4c92-bf97-b47be624a483
.win4win.ch/	1970-01-21 01:14:09	Name: _cq_duid Value: 1.1724565946.PVJoKscjoZxxeLWE
.win4win.ch/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1724565946.VFRU5ADpnqcjxLlR
.win4win.ch/	1970-01-21 01:12:21	Name: _fbp Value: fb.1.1724565946256.748617935223553334
.win4win.ch/	1970-01-20 23:45:57	Name: pageviewCount Value: 1
.win4win.ch/	1970-01-21 08:38:45	Name: _ga_YBNHKJ18XT Value: GS1.1.1724565946.1.0.1724565946.60.0.0
.win4win.ch/	1970-01-21 01:12:21	Name: _gcl_au Value: 1.1.312957301.1724565946
.win4win.ch/	1970-01-20 23:04:12	Name: _gid Value: GA1.2.600459420.1724565946
.win4win.ch/	1970-01-20 23:02:46	Name: _gat Value: 1
.win4win.ch/	1970-01-21 08:32:32	Name: _scid Value: 1e0a838f-83e8-4492-95fd-01c5277c7283
.win4win.ch/	1970-01-21 08:32:32	Name: _scid_r Value: 1e0a838f-83e8-4492-95fd-01c5277c7283
.win4win.ch/	1970-01-21 08:38:45	Name: _ga_V0NHQB0T8H Value: GS1.1.1724565946.1.0.1724565946.60.0.0
.win4win.ch/	1970-01-21 08:38:45	Name: _ga Value: GA1.1.328210265.1724565946
.tiktok.com/	1970-01-21 08:24:21	Name: _ttp Value: 2l8e5LAgWUzybclKjLu6vInDVr3
obs.du89buildings.com/	1970-01-21 07:06:36	Name: cg_uuid Value: 911cfeed7d45951d4f23cbd435ec3e23
.win4win.ch/	1970-01-21 07:48:21	Name: _hjSessionUser_1769474 Value: eyJpZCI6IjgzOTRiMDU0LTM3OGItNWZlNi1hM2VmLTkyMDljZTEzYjMyZCIsImNyZWF0ZWQiOjE3MjQ1NjU5NDY1ODksImV4aXN0aW5nIjp0cnVlfQ==
.win4win.ch/	1970-01-20 23:02:47	Name: _hjSession_1769474 Value: eyJpZCI6IjE0Yzg1MjgyLWY5NWQtNGYxMC05ZWMwLTQ4MGM1NGUwYmY2NCIsImMiOjE3MjQ1NjU5NDY1OTAsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.win4win.ch/	1970-01-21 08:24:21	Name: _tt_enable_cookie Value: 1
.win4win.ch/	1970-01-21 08:24:21	Name: _ttp Value: Ljje8yAwX-3FUB3DVeyScvO0BAb
.win4win.ch/	1970-01-20 23:04:12	Name: _cq_pxg Value: 3\|b7224789213148\|628473700\|event=conversion
.win4win.ch/	1970-01-21 08:38:45	Name: G_ENABLED_IDPS Value: google
.doubleclick.net/	1970-01-21 08:24:21	Name: IDE Value: AHWqTUmL6sPjUKb_CCbIUlv26FtB6WAQhou6wmsKAGgIWrujaAm_yLn4vp4ss7Te
.pinterest.com/	1970-01-21 07:48:21	Name: ar_debug Value: 1
.win4win.ch/	1970-01-21 07:48:21	Name: _pin_unauth Value: dWlkPU1tRTBNalJsTkdVdFlqVmlaQzAwTTJGaUxXRTNZalF0TXpVeFpqSXpNekE1WTJZeA
.ct.pinterest.com/	1970-01-21 07:48:21	Name: _pinterest_ct_ua Value: "TWc9PSY3d1RJQXhUSXJtcGNPaVk2T25zekhpRDhlWXdKd2RXWEVrNGdXam5CK0ZJa1ZSN0p0bURnVFRlL2NyTUQxaEpJMk9QTElvUHphSDVuQzlseHlIMWROODBqY1dlZ3BaR0wzYUw5azQwUWkwMD0mUnZPOW9BUUhMMWxmSXVzMERnSlNpUlgxUkVjPQ=="
.snapchat.com/	1970-01-21 08:24:21	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBCQ0AMAgEMEUkPMcAOWSPCsSvdbvpUkV9ogmxlbLN6IGRuhkmOSOh8OWFGP4Kj5WOMgAAAA==
.win4win.ch/	1970-01-20 23:12:50	Name: _ScCbts Value: %5B%5D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
security	warning	URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	error	URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
analytics.tiktok.com
apis.google.com
cdnjs.cloudflare.com
connect.facebook.net
content.hotjar.io
ct.pinterest.com
esputnik.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ob.du89buildings.com
obs.du89buildings.com
promo.checkout-panda.ch
r.win4win-news.com
region1.analytics.google.com
s.pinimg.com
sc-static.net
script.hotjar.com
sdk.checkout-panda.ch
sibautomation.com
static.hotjar.com
stats.g.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
vc.hotjar.io
win4win.ch
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
win4win.ch
1.179.112.195
104.17.24.14
142.250.184.228
142.250.185.104
142.250.185.98
151.101.0.84
157.240.0.6
157.240.252.35
172.217.16.131
18.66.102.51
2.18.64.26
2001:4860:4802:34::36
216.58.212.162
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2600:9000:2057:8000:1d:87b1:e480:93a1
2606:4700:4400::ac40:9473
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:81c::2003
2a00:1450:400c:c04::9a
2a00:1450:4013:c14::54
2a01:4a0:17::1:f800
2a02:26f0:480:591::1931
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:ac8:b920:dd40:ba35:8719:9f90
3.163.248.4
35.190.43.134
46.101.217.240
54.216.135.50
65.9.95.52
65.9.95.80
047d84c27851de37909199aa500b248940b50d806497197d405d0398c1f22740
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0bc4f2cb356a0002f323557c757d91e3ad56ac5a91c141e881217a1305aa51e1
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69
176c57f5621456e48b9cd437462145b426bdaf91673cec3e6de86b79292380d4
1ecb6f95059703c992766b3b3ceef6c17b31e3a5c648343e069d637b746933d8
1fbae76075c291126d0358aa627f3001f2624ac8e07ef113a99c6f9758a7c048
2514c6c83638d066a64044f01a050a9f6a40e34d4f28b88bbe002e605d53e503
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2af0f5c12099fb857aeda94a926b0ab19f253b649b4b159f04f0f9e342de2d9f
2c558433f31467de73d0da85a16fe44db6a58f9cfccbd0061ad4d4ff6cb51f3f
2c88a11c8087ce4c87d7e6f1fc8bdac822ee09a7400565c058c89e03df8b5c10
3004cc937914d7048fdd1e5b875f2b41a773104d01236063ba5dd7d546481cdf
34460dcaea00c8a53d84b7d6e630deef8cb1dd07e9c99420f178c56b37727253
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3801892e3e472faf7c234a8cc90981a1c15eba0458cec51274979f51f9ca49ba
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
41f98207a2bcab9d5f7da91c377ed204bac8cb702530f3b6e564447cfc4a6b5f
45ee22f61a84fb36cce1717c1f08cba04ac6590543cdedee9b691f0e2557d296
46977089b698cb83d11e559cea0366e56bfc0328611fb4d6ee885884c652bcc1
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4d868e8f60da7be6c160c964a5c47ed02e409abf0f9c13b65a15840bf32d717a
4f29717fd49e6c77be44043c0a196f74adb314aed0ef3c71964fff83c94933ad
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
5358d52e0c51328692627f14b34cb706b8426b1bc4281ab55dd06b01fcbdc76d
53f62af044f11f04fd583b5e6af56516d898e3e8de0bc5db656cbd0926530af7
546563b2127208f386e87a2a9408e8df00c8ead92181e22a6824d823be57827f
5ba69a9f9f22676521bda979d4231cdc3f2b465823196296df04ceb4f2e2440e
61ac8d1132905ced04a756b27b2b9149ed4cc35ac9cb04c9b24606d02f7b2bfb
62da855e1370b3f736975cc1da5a0906a391c374d24febdfdb17c0dad4a062a8
6515981ad814530ea37bc6838f8d8cc3074eaf22dffef1b8f207959afd0a492b
6f12865fd04625331257e28d725dd0bb71426f9c16568997f57e0d794966cd48
6f916c93d60afa8634855848aa4273e8032393562abe6b37f8b4ea5f2d8f4afa
700c8bd73d93522ca53cdc35e2a71e96caf7c344bc7a8391f3af90c10b917033
753b6da6d4ab99217d7b21623591f3b3e4b54c712f01fb80d898a412a6ad502f
7555e222251b2447fb5904611f5543f0335765a95807cea8ec3df992dd97142a
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
7f6a762a7e6247be81722a92c5c7ecb3fb7336b8126a97c5863286ee4090fe03
81c33672d192732fd5591050eb92255404dec032d950e06340220ce3bd4c1c77
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
9011cc3e35968d04dcaa3cb8f48afdf51e3cae17e0e631ba5ab019e8f18ae6b8
90b093d0632304ca9774e284386055b0ed71a42c06749090619f15977999e32a
959fb278a61b3a670f053b53771f696c936ab8c14a9fb87c2caeb383a5c4f7fc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ea26191ffc6155103762f2a7205b0b1af5f0e8d4e26cb4b539e581e2e48686
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
9f8fdf924a95b17a65177aa5aa4b8e0279dd3e1a3033ea3500b7793af46a1b1f
a7fadd48caf40975fd83278c5ffe403f8fb906d35ea0c28fe291348c1cf3ac3f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
b14eaeddc99b48d46555f3c800db25b490688ada43b089a3477a633dae9cc56f
b1a358fb3138ddc55239faf121e297470da161e6c1d0bee44079ebb7a8a754c7
b439917bec713319595d8c307b0498b9e5454447074d60362a0321ab3e97319e
b5c2c907dbb18de704c191d9bcd96b9e296715948ab9ccbb634b9fa27a93012b
b63d4fba35ebc3fa5ed0bf3b04b8bff0694c39ac41569552142036a0b5ace965
b65e5cd6afcb656302e8ea12209515c350feb3c2596dd1bbebc0a65194813d8b
b8100300782c3996df589115a277f672d840d7701a8afa6bb22aa985b5812a2d
b8e9b6f51f0a6014b39060747a6a7fb66c842442e3f0fa04202df5862665efdf
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c1d71b63f9bde9b4d2f4621c7ff0718ab3c2b6404332b0e5bee99113d3324056
c6ffcf1486c217e3188fe288b8d88aa8ddb757ed7733c5408f0031a9bb0c9687
cdfa44dcd0c9411507ca9a34e6994047aac3868dbc1f025c3cc769eba24b83a0
d88a0785cb66c8653970ead767959158ae58ea3022fb69912763aa5a95373016
dc52a1b197d39b12ee2340c85f7e2c5560cb7ff9262f760e78a60227dbf9c234
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de0a685865e11857eb59fc72c7bc426af104c0307e099ba7377d4afe6503058d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de50168bdf739fd3af791bb4c463d2386e9c266ef3c6c1033dedcf9695628fbe
de85f7dc0b224db738889895614d5a5c7f90edece0adfaa85edaa3fdd50e882f
e294e848e32473a56985bd55d8b084fb501a8fe4f66b0e11597870e711804ca1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71ea0e0b3afe1fbcecccf194b54de5d0741c9889ce6c76f6b6ac00f8d2bdfd9
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621
e8029341f0309187c79110c8f26cd5f05b82a1a0033a11aaa33d470cbc2d9fed
eeadabe52147b776a531b385b2af1c633bb67ff8032af5c16f718140cc22f94a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef32182597ff24ee15b7bea8e09c5e9a325ae31152149ce1908fc584096037ed
f040e77b8264be8887ce6b69b83480c46926230d99d844a5ffc1893b5c9dc748
f9437f01848605b1eb0a0e0e630556eceb8322283898249f9acf1f7a899d14a3
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342
fca1eca3767fe91982bb7fbb94921f46677e5911b3ba76b24bc1dac67dad32ab
fed188be9388b5012169ecb411b4f769de8e30be8c10f0d9c17ba9329760c7ab

win4win.ch Open in urlscan Pro 2a01:4a0:17::1:f800 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

97 %HTTPS

49 %IPv6

24 Domains

35 Subdomains

35 IPs

7 Countries

9494 kBTransfer

13276 kBSize

28 Cookies

4 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

win4win.ch Open in urlscan Pro
2a01:4a0:17::1:f800 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

97 %
HTTPS

49 %
IPv6

24
Domains

35
Subdomains

35
IPs

7
Countries

9494 kB
Transfer

13276 kB
Size

28
Cookies

117 HTTP transactions
1 data transactions