urlscan.io logo urlscan.io
SecurityTrails logo

restore.aligned.ch Open in urlscan Pro
20.16.118.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://restore.aligned.ch/
Effective URL: https://restore.aligned.ch/Account/LogIn
Submission: On July 03 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 20.16.118.41, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is restore.aligned.ch.
TLS certificate: Issued by R3 on July 3rd 2023. Valid for: 3 months.
This is the only time restore.aligned.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 20.16.118.41 8075 (MICROSOFT...)
8 1
Apex Domain
Subdomains		 Transfer
9 aligned.ch
restore.aligned.ch
4 MB
8 1
Domain Requested by
9 restore.aligned.ch 1 redirects restore.aligned.ch
8 1

This site contains no links.

Subject Issuer Validity Valid
restore.aligned.ch
R3		 2023-07-03 -
2023-10-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://restore.aligned.ch/Account/LogIn
Frame ID: 1E93CB64B81EB3FD515EC963076262B7
Requests: 7 HTTP requests in this frame

Frame: https://restore.aligned.ch/Content/images/aligned-logo.svg
Frame ID: FE1CBB016558270B586BF6342E5AC60F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

aligned elements

Page URL History Show full URLs

  1. https://restore.aligned.ch/ HTTP 302
    https://restore.aligned.ch/Account/LogIn Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

3603 kB
Transfer

3600 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://restore.aligned.ch/ HTTP 302
    https://restore.aligned.ch/Account/LogIn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request LogIn
restore.aligned.ch/Account/
Redirect Chain
  • https://restore.aligned.ch/
  • https://restore.aligned.ch/Account/LogIn
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://restore.aligned.ch/Account/LogIn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.16.118.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1bc708c6e8a4952f402cf40bd6c011997d13d5c9eee4d91ea051e17bf558682f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
https://word-edit.officeapps.live.com
cache-control
private
content-length
4028
content-security-policy
block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
content-type
text/html; charset=utf-8
date
Mon, 03 Jul 2023 09:34:13 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
no-referrer
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-origin
https://word-edit.officeapps.live.com
cache-control
private
content-security-policy
block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
content-type
text/html; charset=utf-8
date
Mon, 03 Jul 2023 09:34:13 GMT
location
/Account/LogIn
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
no-referrer
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
css
restore.aligned.ch/Content/ 		667 KB
668 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://restore.aligned.ch/Content/css?v=nyXHyqGfM2QqFhZwCTXFdqQb7SGxvgANr_9c3fhPCjo1
Requested by
Host: restore.aligned.ch
URL: https://restore.aligned.ch/Account/LogIn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.16.118.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ad4be8255cdd1432689f99dc94592c8f9c3de24cc4c946cb7c413dc29f1118ac
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 09:34:13 GMT
content-length
683117
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 03 Jul 2023 09:34:13 GMT
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
https://word-edit.officeapps.live.com
cache-control
public
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-robots-tag
noindex, nofollow
expires
Tue, 02 Jul 2024 09:34:13 GMT
Layout.js
restore.aligned.ch/Scripts/Views/ 		310 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.aligned.ch/Scripts/Views/Layout.js
Requested by
Host: restore.aligned.ch
URL: https://restore.aligned.ch/Account/LogIn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.16.118.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8be2126f115515de29da6ef6ad81f97477c5113ba2bb84f057e935465e76215f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Wed, 25 Jan 2023 07:36:24 GMT
date
Mon, 03 Jul 2023 09:34:13 GMT
etag
"0cccfb98f30d91:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://word-edit.officeapps.live.com
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
310
x-xss-protection
1; mode=block
vendor
restore.aligned.ch/scripts/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.aligned.ch/scripts/vendor?v=-V_NUYaKKUx06fCjJqP2pXvjlowWVWQoDGzIKIyubSg1
Requested by
Host: restore.aligned.ch
URL: https://restore.aligned.ch/Account/LogIn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.16.118.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5f47907219275ca52a0b8ec8d5c062d4de4d9087bed66e3533f0a7e96c2b2faa
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Mon, 03 Jul 2023 09:34:13 GMT
content-length
2652445
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 03 Jul 2023 09:34:13 GMT
vary
User-Agent
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://word-edit.officeapps.live.com
cache-control
public
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-robots-tag
noindex, nofollow
expires
Tue, 02 Jul 2024 09:34:13 GMT
Login.js
restore.aligned.ch/Scripts/Views/ 		712 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://restore.aligned.ch/Scripts/Views/Login.js
Requested by
Host: restore.aligned.ch
URL: https://restore.aligned.ch/Account/LogIn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.16.118.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f478dd97fc6c57c2c823e85c5c48f89ee50d49607117c309774936d7e6af30ad
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Wed, 25 Jan 2023 07:36:24 GMT
date
Mon, 03 Jul 2023 09:34:13 GMT
etag
"0cccfb98f30d91:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://word-edit.officeapps.live.com
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
712
x-xss-protection
1; mode=block
Inter-Medium.woff2
restore.aligned.ch/fonts/Hinted-Web/ 		171 KB
171 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://restore.aligned.ch/fonts/Hinted-Web/Inter-Medium.woff2?v=3.11
Requested by
Host: restore.aligned.ch
URL: https://restore.aligned.ch/Content/css?v=nyXHyqGfM2QqFhZwCTXFdqQb7SGxvgANr_9c3fhPCjo1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.16.118.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6582b4eebf1b659f5fda5ff956d28be7e59917a401cfec9049e991d79ef2c7f1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://restore.aligned.ch
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Mon, 09 Jan 2023 02:48:20 GMT
date
Mon, 03 Jul 2023 09:34:13 GMT
etag
"0b222d5d423d91:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-allow-origin
https://word-edit.officeapps.live.com
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
174884
x-xss-protection
1; mode=block
Inter-Regular.woff2
restore.aligned.ch/fonts/Hinted-Web/ 		164 KB
164 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://restore.aligned.ch/fonts/Hinted-Web/Inter-Regular.woff2?v=3.11
Requested by
Host: restore.aligned.ch
URL: https://restore.aligned.ch/Content/css?v=nyXHyqGfM2QqFhZwCTXFdqQb7SGxvgANr_9c3fhPCjo1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.16.118.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
74cdbbbadab1ad2b6544dec3032c584c37d0b79765a737ce820e111c20980a69
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://restore.aligned.ch
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer
last-modified
Mon, 09 Jan 2023 02:48:20 GMT
date
Mon, 03 Jul 2023 09:34:13 GMT
etag
"0b222d5d423d91:0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-allow-origin
https://word-edit.officeapps.live.com
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
168224
x-xss-protection
1; mode=block
aligned-logo.svg
restore.aligned.ch/Content/images/ Frame FE1C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://restore.aligned.ch/Content/images/aligned-logo.svg
Requested by
Host: restore.aligned.ch
URL: https://restore.aligned.ch/Account/LogIn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.16.118.41 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
14740ec26e883b88ed4316ea0d2e757944991d7ffb314394268b06d426715325
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://word-edit.officeapps.live.com
content-length
2293
content-security-policy
block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
content-type
image/svg+xml
date
Mon, 03 Jul 2023 09:34:13 GMT
etag
"077caccd423d91:0"
last-modified
Mon, 09 Jan 2023 02:48:06 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
no-referrer
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend undefined| msViewportStyle undefined| mq function| isAEStorageEmpty function| browserStorageAvailable function| tabHandler function| LeaderLine function| Match function| calculate_operations function| consecutive_where function| create_index function| diff function| find_match function| find_matching_blocks function| html_to_tokens function| is_end_of_tag function| is_start_of_tag function| is_tag function| is_whitespace function| isnt_tag object| op_map function| recursively_find_matching_blocks function| render_operations function| wrap function| $ function| jQuery object| returnExports object| memoryStorage object| ko object| toastr function| Q function| URI object| html4 object| html function| html_sanitize object| breeze object| bootstrap-colorpicker function| moment number| mce-data-1h4dhki2p object| tinymce object| tinyMCE function| LeaderLineAttachment function| htmldiff object| __core-js_shared__ object| core function| Driver object| HoeDatapp

2 Cookies

Domain/Path Name / Value
restore.aligned.ch/ Name: ASP.NET_SessionId
Value: oqggwmmsdzjjo1x113r4oje3
restore.aligned.ch/ Name: __RequestVerificationToken
Value: DyRtzNVAHZcYIcyKOj5gF7DYH6QPbQIBqHeWZBJgJ1-crYLGeIxSO0nxUZ3vDPGb4PiSb2zW1OH_cU4USo1Djs9Mfv0B3FzLBqhltcTpKbs1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; default-src 'self';script-src-elem 'self' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; script-src 'self' 'unsafe-eval' 'strict-dynamic' https://appsforoffice.microsoft.com https://www.gstatic.com https://ajax.aspnetcdn.com; style-src-elem 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src-attr 'self' 'unsafe-inline' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; style-src 'self' 'unsafe-inline' 'unsafe-hashes' 'sha256-KyaT+5dgdhQQVkukckDzTwaoKb0++cKjgnXTWW3fquk=' https://appsforoffice.microsoft.com https://www.gstatic.com https://fonts.googleapis.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com https://appsforoffice.microsoft.com ; form-action 'self'; img-src 'self' data:; report-uri https://localhost:44329/elements/CSPReport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block