www.firmen.ch Open in urlscan Pro
194.230.72.36  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request portrait.htm Show response www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/	47 KB 13 KB	234ms 61ms	Document text/html	194.230.72.36 SUNRISE
General Check archive.org Show headers Download Go to Full URL https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.230.72.36 Regensdorf, Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS 36-72-230-194.vadian.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash bacaf3a2350d0c09e6da0525ecc8b8e00207b6ea741552003ccd306dc8dfc3bc Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control private Content-Encoding gzip Content-Length 12786 Content-Type text/html; charset=utf-8 Date Fri, 13 May 2022 17:16:28 GMT Server Microsoft-IIS/10.0 Vary Accept-Encoding X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET
GET H2	200	preload_BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css stat1.firmen.ch/tmpl/bundles/	55 KB 12 KB	173ms 97ms	Stylesheet text/css	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stat1.firmen.ch/tmpl/bundles/preload_BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e2ca4d4aa991b3aa076a24a86ccb89c54f20c2326b03185f0c289447686c2a74 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 04 Jan 2022 14:47:18 GMT server cloudflare etag W/"faa4f9791d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uN8QTYUd0J0hIgcOI0LlGc5UqxLSm1QgQ5HYGmk%2FNx23BmMBCBz%2BwhsfgvuME3smlDqDGVXxZgBUVMZ6LCVgzAWT%2BBhxMlhzBixjYmWiJEKJ9GX4IHGztph2gQeEeYSE8l5GvFkIG70do4dowIY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * vary Accept-Encoding cache-control no-cache,max-age=31536000 cf-ray 70ad0ac6d87a0bed-AMS
GET H2	200	BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css stat1.firmen.ch/tmpl/bundles/	53 KB 12 KB	139ms 64ms	Stylesheet text/css	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stat1.firmen.ch/tmpl/bundles/BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e75a1a7ec3a701c0ea0a549f8451ff6e2d19c62eea2967ad91984f6ea84761a0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 04 Jan 2022 14:47:18 GMT server cloudflare etag W/"b46fff8791d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPkPjNGVUnnO8gUD0zYUcUlfmnJxm3604Ds44UoE7tdE8eDZ%2Fyud6yYgEfkxZplR4u6BhrhacxwBpUIWAI5r%2FhAna3njpi%2FxikaLkCdMnxH5BAED8phFC3x0PA10q1cv7VIeOEmIWam7ucao%2FDg%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * vary Accept-Encoding cache-control no-cache,max-age=31536000 cf-ray 70ad0ac6d87b0bed-AMS
GET H2	200	body_BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css stat1.firmen.ch/tmpl/bundles/	20 KB 4 KB	140ms 65ms	Stylesheet text/css	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stat1.firmen.ch/tmpl/bundles/body_BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 4699f6ffea9f357ae1fc2aed9339c1b95664619505286a9b6b835ad86c97b44d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 04 Jan 2022 14:47:18 GMT server cloudflare etag W/"4d6d6f9791d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Jxpz2uW8%2BiNJ61MxW%2BkyFRrflxmhVIMfZqaVCeJjxIuLAYSUcAoZEqLaNkegPoDQ8WnAaJhGyE3a3HYKpBOc06KYJhKlRg1Ck6PtBJ%2FYqWyY3hBQkcIZacQdnwBYwQHzOrkMaXOm4aa4yN700k%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * vary Accept-Encoding cache-control no-cache,max-age=31536000 cf-ray 70ad0ac6d87e0bed-AMS
GET H2	200	firmen.png stat0.firmen.ch/img/logo/	921 B 1 KB	241ms 160ms	Image image/png	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://stat0.firmen.ch/img/logo/firmen.png Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 3e296118a0b176bcf1e043990d6acfa5b5bdf6114743e5b35670f3c10ee13385 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:28 GMT x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET strict-transport-security max-age=15552000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 921 last-modified Mon, 12 Jun 2017 07:14:26 GMT server cloudflare etag "77f96f864be3d21:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWZ2rlrraIDcYqr3atLPNpFlMctEPeMMPq5G%2B8aDagcgvwfs%2BWYJJkVf46b4LhUauh%2Bf9VlnBoTMlMS71H%2Fpsnvh4NP4jaEAy8fynUtRlvPjEsy1Y1lBkq5mNKB7BBYTyowiL9ZDM9uQwDTedo0%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control no-cache,max-age=31536000 accept-ranges bytes cf-ray 70ad0ac6eb449764-AMS
GET H2	200	00138436-goldwechselhaus_logo_300.jpg stat1.firmen.ch/img/kompetenzmarkt/150/156000/	2 KB 2 KB	232ms 160ms	Image image/jpeg	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://stat1.firmen.ch/img/kompetenzmarkt/150/156000/00138436-goldwechselhaus_logo_300.jpg Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash f639cb6a2a4860a162ffbf5e5d4c9ed36b088c3878bb4cdd06f13344c708442a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:28 GMT x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET strict-transport-security max-age=15552000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2022 last-modified Fri, 13 May 2022 16:13:52 GMT server cloudflare etag W/"6a6bde6fe466d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDBCuEZ3M%2FbRwZiVBCq0vCdK6UFcr5AJm2BQkYVDsVF2Mj336jUE%2BZzfo5GQBKvGdpPdLHH64w86k4tF6Torp%2FyAND3W16r4EzRAufLKk62KEUYysKC6CNRSvhXUP0HAWjok9YyP58sN0d3b8s4%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control no-cache,max-age=31536000 accept-ranges bytes cf-ray 70ad0ac6d8800bed-AMS
GET H/1.1	200 OK	cp.aspx www.firmen.ch/ajax2/	0 236 B	49ms 49ms	Image text/html	194.230.72.36 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://www.firmen.ch/ajax2/cp.aspx?ID=156718&cID=134&ts=20220513_071628 Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.230.72.36 Regensdorf, Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS 36-72-230-194.vadian.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Fri, 13 May 2022 17:16:28 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Content-Type text/html Access-Control-Allow-Origin * Cache-Control private Content-Length 0
GET H2	200	BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.js Show response stat0.firmen.ch/tmpl/bundles/	416 KB 124 KB	215ms 133ms	Script application/javascript	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stat0.firmen.ch/tmpl/bundles/BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.js Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 4dc187985ddc1f130f41d28ef41e84e1829f9f13e24177b0553fd9c7a6c2a0c1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 04 Jan 2022 14:47:19 GMT server cloudflare etag W/"4c1b55f9791d81:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKRF%2FNarY6kIsvV76t0F8D%2BxMddnAalymj7hpnsgFxMWEcq9qHhNI7mpW0Z22lggrE5QNoGOrXI4ltuLOFhJpLtLgTq2k8Mv7Qhq3sMvM7JJ5stHxPCxABDMUF%2FUsYfDpszMSR7RIbQj2oZi4uA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control no-cache,max-age=31536000 cf-ray 70ad0ac6eb429764-AMS
GET H2	200	dict.aspx Show response stat1.firmen.ch/tmpl/	0 0	204ms 131ms	Script text/html	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stat1.firmen.ch/tmpl/dict.aspx?f=contactform.js Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers
GET H2	200	api.js Show response www.google.com/recaptcha/	909 B 994 B	110ms 39ms	Script text/javascript	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 030a7d106b3d5ad910196055ba5cd739ac22a93f40ddd9ed2e2352a33cf2152a Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:28 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 581 x-xss-protection 1; mode=block expires Fri, 13 May 2022 17:16:28 GMT
GET H2	200	addthis_widget.js Show response s7.addthis.com/js/300/	353 KB 114 KB	316ms 37ms	Script application/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/js/300/addthis_widget.js Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag "5f971164-5834c" vary Accept-Encoding x-distribution 99 content-type application/javascript cache-control public, max-age=600 date Fri, 13 May 2022 17:16:28 GMT x-host s7.addthis.com content-length 116423
GET H2	200	firmen.jpg stat0.firmen.ch/img/bg/	234 KB 235 KB	120ms 120ms	Image image/jpeg	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://stat0.firmen.ch/img/bg/firmen.jpg Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 4b28d63737fbab2b8a6d80c39165b6f1020c0e198dbe7b1dc4686e007c232439 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:28 GMT x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET strict-transport-security max-age=15552000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 239782 last-modified Tue, 12 Nov 2019 14:36:49 GMT server cloudflare etag "9e54379e6699d51:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cwJFqAOS7xJPU0B6wRfy0KkSaBcrkG8KNEZfZoOBBbOAXLUg5hwVxPnyuIv5pwG8JrK6k6nAXpVFRUigSkcFRhJpRecALOpOTZGDgzotqZye3rghVcNcbXY%2BmjU8BLw1%2FWlfHa9agQSB20gZng%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control no-cache,max-age=31536000 accept-ranges bytes cf-ray 70ad0ac74be09764-AMS
GET H2	200	cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2 fonts.gstatic.com/s/opensans/v15/	14 KB 14 KB	137ms 65ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2 Requested by Host: stat1.firmen.ch URL: https://stat1.firmen.ch/tmpl/bundles/BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://stat1.firmen.ch/ Origin https://www.firmen.ch accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 09 May 2022 21:23:28 GMT x-content-type-options nosniff age 330780 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14048 x-xss-protection 0 last-modified Wed, 11 Oct 2017 21:49:45 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 09 May 2023 21:23:28 GMT
GET H2	200	DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2 fonts.gstatic.com/s/opensans/v15/	14 KB 14 KB	113ms 42ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2 Requested by Host: stat1.firmen.ch URL: https://stat1.firmen.ch/tmpl/bundles/BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://stat1.firmen.ch/ Origin https://www.firmen.ch accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 01:41:37 GMT x-content-type-options nosniff age 56091 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14564 x-xss-protection 0 last-modified Wed, 11 Oct 2017 21:49:34 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 13 May 2023 01:41:37 GMT
GET H2	200	MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2 fonts.gstatic.com/s/opensans/v15/	14 KB 15 KB	103ms 32ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2 Requested by Host: stat1.firmen.ch URL: https://stat1.firmen.ch/tmpl/bundles/BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://stat1.firmen.ch/ Origin https://www.firmen.ch accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 10 May 2022 06:52:34 GMT x-content-type-options nosniff age 296634 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14544 x-xss-protection 0 last-modified Wed, 11 Oct 2017 21:49:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 May 2023 06:52:34 GMT
GET H3	200	fa-solid-900.woff2 stat1.firmen.ch/tmpl/webfonts/	76 KB 77 KB	93ms 62ms	Font application/font-woff2	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stat1.firmen.ch/tmpl/webfonts/fa-solid-900.woff2 Requested by Host: stat1.firmen.ch URL: https://stat1.firmen.ch/tmpl/bundles/preload_BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://stat1.firmen.ch/tmpl/bundles/preload_BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css Origin https://www.firmen.ch accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:28 GMT x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET strict-transport-security max-age=15552000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 78268 last-modified Wed, 04 Aug 2021 15:25:46 GMT server cloudflare etag "0b94ff4489d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrWTHownarXCwL88DGeRHAuF8lQWtqF3rOOv21U0nCdPm7VRtEi03JRPskWaW93kSzs1mMRrIc59Rtb35FNfgzWx2pjVIq%2BTYlMWeTISb3oAEdhpw8aeQFh%2BWpGbMj8XTZF46muqNDgLkBMBi7o%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff2 access-control-allow-origin * cache-control no-cache,max-age=31536000 accept-ranges bytes cf-ray 70ad0ac7be414230-AMS
GET H3	200	fa-regular-400.woff2 stat1.firmen.ch/tmpl/webfonts/	13 KB 14 KB	168ms 138ms	Font application/font-woff2	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stat1.firmen.ch/tmpl/webfonts/fa-regular-400.woff2 Requested by Host: stat1.firmen.ch URL: https://stat1.firmen.ch/tmpl/bundles/preload_BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://stat1.firmen.ch/tmpl/bundles/preload_BootstrapJQuery_FontAwesome_JQuerySkyForms_Base.min.css Origin https://www.firmen.ch accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:28 GMT x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET strict-transport-security max-age=15552000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13224 last-modified Wed, 04 Aug 2021 15:25:46 GMT server cloudflare etag "0b94ff4489d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HOz9K1tpTPyfjKwrvWT1KdioRyOu0RoBVBb5RE5js52TUk8NpjefN%2FVO0MsEhR5ccEFwr62e%2FypGsEAZ9h9VePN%2F1N7WZMTDlgZVg9gT%2BVlc6tFXN%2B0PLpK6e2smsA6dt5GEXha63ZswbXoOB0%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff2 access-control-allow-origin * cache-control no-cache,max-age=31536000 accept-ranges bytes cf-ray 70ad0ac7be434230-AMS
GET H/1.1	200 OK	matomo.js Show response analytics.vadian.net/	69 KB 23 KB	202ms 50ms	Script application/javascript	194.230.72.174 SUNRISE
General Check archive.org Show headers Download Go to Full URL https://analytics.vadian.net/matomo.js Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 194.230.72.174 Regensdorf, Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS 174-72-230-194.vadian.net Software Apache/2.4.10 (Debian) / Resource Hash 0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Fri, 13 May 2022 17:16:20 GMT Content-Encoding gzip Last-Modified Thu, 10 Sep 2020 22:55:10 GMT Server Apache/2.4.10 (Debian) ETag "1131c-5aefd75cecf80-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 23691
GET H3	200	ga.js Show response stat0.firmen.ch/	35 KB 15 KB	98ms 66ms	Script application/javascript	2a06:98c1:3121::a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stat0.firmen.ch/ga.js Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash f6b650d2de3c26c83ca5100ccd01a7f4e0f47b5b932e0eae92135c53aa265728 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:28 GMT content-encoding br x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 19 Sep 2019 11:22:13 GMT server cloudflare etag W/"802077cdc6ed51:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68RI2nhP3CWl1kZeypAY3zEyWF5bZDBOSikR1X08IEzWaX3s1FlCIfk32T4pib5sfKsSTxcqVIMr%2BplV20WCMshwLis4%2B%2F4a2Hrz8z%2Fs6fJgXB0xsD8DJqF0ajIACC0xb7MFa3fUq%2BMwSFQ%2FLxs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control no-cache,max-age=31536000 cf-ray 70ad0ac87e0e00a3-AMS
GET H2	200	recaptcha__nl.js Show response www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/	363 KB 364 KB	111ms 33ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/0aeEuuJmrVqDrEL39Fsg5-UJ/recaptcha__nl.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0270b1768ac5ea174ebe10960ecca0a4d89312bdc469e156a843f1828fb71928 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.firmen.ch/ Origin https://www.firmen.ch accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 09 May 2022 23:37:52 GMT x-content-type-options nosniff age 322716 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 371510 x-xss-protection 0 last-modified Mon, 09 May 2022 19:02:03 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 09 May 2023 23:37:52 GMT
GET H2	200	moatframe.js Show response z.moatads.com/addthismoatframe568911941483/	2 KB 1 KB	133ms 31ms	Script application/x-javascript	23.35.237.151 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/addthismoatframe568911941483/moatframe.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-151.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:29 GMT content-encoding gzip last-modified Fri, 08 Nov 2019 20:13:52 GMT server AmazonS3 x-amz-request-id D5503D14AA2F06AA etag "f14b4e1f799b14f798a195f43cf58376" vary Accept-Encoding content-type application/x-javascript cache-control max-age=56221 accept-ranges bytes content-length 948 x-amz-id-2 JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
GET H2	200	collect www.google-analytics.com/r/	35 B 396 B	115ms 43ms	Image image/gif	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j66&aip=1&a=560610839&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firmen.ch%2Fde%2FEssen%2FGoldwechselhaus%2BEssen%2F156718%2Fportrait.htm&ul=en-us&de=UTF-8&dt=Goldwechselhaus%20Essen%2C%2045130%20Essen%20-%20Portr%C3%A4t%20-%20firmen.ch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1804915207&gjid=1475407417&cid=1832964020.1652462189&tid=UA-598015-54&_gid=1199769266.1652462189&_r=1&z=1372798312 Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Fri, 13 May 2022 17:16:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	matomo.php analytics.vadian.net/	43 B 256 B	142ms 142ms	Image image/gif	194.230.72.174 SUNRISE
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.vadian.net/matomo.php?action_name=Goldwechselhaus%20Essen%2C%2045130%20Essen%20-%20Portr%C3%A4t%20-%20firmen.ch&idsite=43&rec=1&r=751560&h=17&m=16&s=29&url=https%3A%2F%2Fwww.firmen.ch%2Fde%2FEssen%2FGoldwechselhaus%2BEssen%2F156718%2Fportrait.htm&_id=42de91f30fcd1476&_idts=1652462189&_idvc=1&_idn=1&_refts=0&_viewts=1652462189&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=62&pv_id=kihJ4r Requested by Host: www.firmen.ch URL: https://www.firmen.ch/de/Essen/Goldwechselhaus+Essen/156718/portrait.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 194.230.72.174 Regensdorf, Switzerland, ASN6730 (SUNRISE, CH), Reverse DNS 174-72-230-194.vadian.net Software Apache/2.4.10 (Debian) / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Fri, 13 May 2022 17:16:20 GMT Cache-Control no-store Server Apache/2.4.10 (Debian) Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 43 Content-Type image/gif
GET H2	200	_ate.track.config_resp Show response v1.addthisedge.com/live/boost/vadian/	2 KB 721 B	284ms 256ms	Script application/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://v1.addthisedge.com/live/boost/vadian/_ate.track.config_resp Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software / Resource Hash a24c1a84d948b3cf7675aab2be00e91585406455ffafc8b343443dad7147a8e2 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Fri, 13 May 2022 17:16:29 GMT content-encoding gzip etag -403263466--gzip vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control public, max-age=55, s-maxage=86400 content-disposition attachment; filename=1.txt content-length 545
GET H2	200	300lo.json Show response m.addthis.com/live/red_lojson/	91 B 251 B	386ms 199ms	Script application/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://m.addthis.com/live/red_lojson/300lo.json?si=627e926c5fc98f2a&bkl=0&bl=1&pdt=256&sid=627e926c5fc98f2a&pub=vadian&rev=v8.28.8-wp&ln=de&pc=men&cb=0&ab=-&dp=www.firmen.ch&fp=de%2FEssen%2FGoldwechselhaus%2BEssen%2F156718%2Fportrait.htm&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Goldwechselhaus%20Essen%2CEssen%2CBoutiquen%20%26%20Mode%2CSilber-%20und%20Goldwaren%2CShopping%2CGold-%20und%20Silberwaren%2CGoldschmied%20Silberschmied%2Cgold%20verkaufen%2Csilber%20verkaufen%2Cgold%20kaufen%2Csilber%20kaufen&colc=1652462189251&jsl=1&uvs=627e926c20134b3b000&skipb=1&callback=addthis.cbs.jsonp__0532843600590335860 Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software / Resource Hash 660a5361d79503ef1c71a14a20920efa93f53fef5655b2d7e4cd913cd4379886 Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Fri, 13 May 2022 17:16:29 GMT cache-control max-age=0, no-cache, no-store, no-transform content-disposition attachment; filename=1.txt content-length 91 content-type application/javascript;charset=utf-8
GET		sh.f48a1a04fe8dbf021b4cda1d.html s7.addthis.com/static/ Frame 818F	0 0
GET H2	200	sh.f48a1a04fe8dbf021b4cda1d.html Show response s7.addthis.com/static/ Frame D44A	71 KB 26 KB	35ms 35ms	Document text/html	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.firmen.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control public, max-age=86313600 content-encoding gzip content-length 26421 content-type text/html date Fri, 13 May 2022 17:16:29 GMT etag W/"5f971164-11adc" last-modified Mon, 26 Oct 2020 18:11:48 GMT p3p CP="NON ADM OUR DEV IND COM STA" server nginx/1.15.8 strict-transport-security max-age=15724800; includeSubDomains timing-allow-origin * vary Accept-Encoding x-host s7.addthis.com
GET H2	200	client.de.min.json Show response s7.addthis.com/l10n/	3 KB 2 KB	120ms 32ms	XHR application/json	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/l10n/client.de.min.json Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 14884600e50a1b1674027761700ee08ef921fc9fed8e76945e73b5ff9b69b34e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Tue, 10 Sep 2019 15:15:17 GMT server nginx/1.15.8 etag W/"5d77be05-df3" vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control public, s-maxage=604800 date Fri, 13 May 2022 17:16:29 GMT x-host s7.addthis.com timing-allow-origin * content-length 1751
GET H2	200	layers.fa6cd1947ce26e890d3d.js Show response s7.addthis.com/static/	263 KB 76 KB	47ms 46ms	Script application/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag W/"5f971164-41cf5" vary Accept-Encoding content-type application/javascript cache-control public, max-age=86313600 date Fri, 13 May 2022 17:16:29 GMT x-host s7.addthis.com timing-allow-origin * content-length 77617
GET H2	200	150.c3bdd8bfd8e39be66584.js Show response s7.addthis.com/static/	2 KB 1 KB	39ms 38ms	Script application/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/150.c3bdd8bfd8e39be66584.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 8fab2f72b012664672b0c6636988502b02e808cb387ce6ec0e024ced809572ed Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag W/"5f971164-79d" vary Accept-Encoding content-type application/javascript cache-control public, max-age=86313600 date Fri, 13 May 2022 17:16:29 GMT x-host s7.addthis.com timing-allow-origin * content-length 1009
GET H2	200	83.29d188c4b362a69ea20a.js Show response s7.addthis.com/static/	248 B 466 B	45ms 45ms	Script application/javascript	104.75.88.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s7.addthis.com/static/83.29d188c4b362a69ea20a.js Requested by Host: s7.addthis.com URL: https://s7.addthis.com/js/300/addthis_widget.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-75-88-126.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 8ca9bb4d1475b64bb61fc5ee63d0e7cf3ecda19529d3997be28b015c49fcc192 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.firmen.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip last-modified Mon, 26 Oct 2020 18:11:48 GMT server nginx/1.15.8 etag "5f971164-f8" vary Accept-Encoding content-type application/javascript cache-control public, max-age=86313600 date Fri, 13 May 2022 17:16:29 GMT x-host s7.addthis.com accept-ranges bytes timing-allow-origin * content-length 222

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s7.addthis.com

URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| ReloadJobiFrame function| $ function| jQuery object| _paq string| GoogleAnalyticsObject function| ga object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onSubmit function| clearForm function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| gaplugins object| gaGlobal object| gaData object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log boolean| __@@##MUH object| addthis_config object| addthis_share string| addthis_services_loc string| addthis_services_loc_mob object| addthis_translations object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.firmen.ch/	1970-01-20 20:32:14	Name: _ga Value: GA1.2.1832964020.1652462189
			.firmen.ch/	1970-01-20 03:02:28	Name: _gid Value: GA1.2.1199769266.1652462189
			.firmen.ch/	1970-01-20 03:01:02	Name: _gat Value: 1
			www.firmen.ch/	1970-01-20 12:26:57	Name: _pk_id.43.12a0 Value: 42de91f30fcd1476.1652462189.1.1652462189.1652462189.
			www.firmen.ch/	1970-01-20 03:01:03	Name: _pk_ses.43.12a0 Value: 1
			www.firmen.ch/	1970-01-20 12:31:16	Name: __atuvc Value: 1%7C19
			www.firmen.ch/	1970-01-20 03:01:03	Name: __atuvs Value: 627e926c20134b3b000
			.addthis.com/	1970-01-20 12:31:16	Name: uvc Value: 1%7C19
			.addthis.com/	1970-01-20 12:31:16	Name: loc Value: MDAwMDBFVU5MWkgyMzE5MTg0NjAwMDAwMDBDSA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.vadian.net
fonts.gstatic.com
m.addthis.com
s7.addthis.com
stat0.firmen.ch
stat1.firmen.ch
v1.addthisedge.com
www.firmen.ch
www.google-analytics.com
www.google.com
www.gstatic.com
z.moatads.com
s7.addthis.com
104.75.88.126
194.230.72.174
194.230.72.36
23.35.237.151
2a00:1450:4001:803::2004
2a00:1450:4001:809::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a06:98c1:3121::a
0270b1768ac5ea174ebe10960ecca0a4d89312bdc469e156a843f1828fb71928
030a7d106b3d5ad910196055ba5cd739ac22a93f40ddd9ed2e2352a33cf2152a
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0995371a359a4a701d66f8b183de6144de9a042e5bac84b6f920968f51567742
14884600e50a1b1674027761700ee08ef921fc9fed8e76945e73b5ff9b69b34e
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
3e296118a0b176bcf1e043990d6acfa5b5bdf6114743e5b35670f3c10ee13385
4699f6ffea9f357ae1fc2aed9339c1b95664619505286a9b6b835ad86c97b44d
4b28d63737fbab2b8a6d80c39165b6f1020c0e198dbe7b1dc4686e007c232439
4dc187985ddc1f130f41d28ef41e84e1829f9f13e24177b0553fd9c7a6c2a0c1
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
660a5361d79503ef1c71a14a20920efa93f53fef5655b2d7e4cd913cd4379886
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ca9bb4d1475b64bb61fc5ee63d0e7cf3ecda19529d3997be28b015c49fcc192
8fab2f72b012664672b0c6636988502b02e808cb387ce6ec0e024ced809572ed
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
a24c1a84d948b3cf7675aab2be00e91585406455ffafc8b343443dad7147a8e2
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
bacaf3a2350d0c09e6da0525ecc8b8e00207b6ea741552003ccd306dc8dfc3bc
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
e2ca4d4aa991b3aa076a24a86ccb89c54f20c2326b03185f0c289447686c2a74
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e75a1a7ec3a701c0ea0a549f8451ff6e2d19c62eea2967ad91984f6ea84761a0
f639cb6a2a4860a162ffbf5e5d4c9ed36b088c3878bb4cdd06f13344c708442a
f6b650d2de3c26c83ca5100ccd01a7f4e0f47b5b932e0eae92135c53aa265728