xoinvestments.ch Open in urlscan Pro
2001:1600:4:13:d294:66ff:fe7c:de54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xoinvestments.ch/
Submission: On March 08 via manual (March 8th 2023, 9:40:46 am UTC) from CH — Scanned from DE

Summary HTTP 43 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 15 domains to perform 43 HTTP transactions. The main IP is 2001:1600:4:13:d294:66ff:fe7c:de54, located in Geneva, Switzerland and belongs to INFOMANIAK-AS, CH. The main domain is xoinvestments.ch.
TLS certificate: Issued by R3 on March 6th 2023. Valid for: 3 months.

This is the only time xoinvestments.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2001:1600:4:1... 2001:1600:4:13:d294:66ff:fe7c:de54	29222 (INFOMANIA...) (INFOMANIAK-AS)
3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:5b6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2a69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
43	16

16 2001:1600:4:13:d294:66ff:fe7c:de54 (Geneva, Switzerland)

ASN29222 (INFOMANIAK-AS, CH)

xoinvestments.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:5b6d (United States)

ASN13335 (CLOUDFLARENET, US)

xoinvestments.activehosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2a69 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	xoinvestments.ch xoinvestments.ch	943 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 maps.googleapis.com — Cisco Umbrella Rank: 354	178 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	36 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	239 B
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 7547 prism.app-us1.com — Cisco Umbrella Rank: 7595	6 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	136 KB
2	gstatic.com fonts.gstatic.com	43 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	122 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 7495	315 B
1	google.de www.google.de — Cisco Umbrella Rank: 6149	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	245 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4370	254 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 761	3 KB
1	activehosted.com xoinvestments.activehosted.com	7 KB
43	15

	Domain	Requested by
16	xoinvestments.ch	xoinvestments.ch
4	maps.googleapis.com	xoinvestments.ch maps.googleapis.com
3	cdn.jsdelivr.net	xoinvestments.ch
2	www.facebook.com	xoinvestments.ch
2	connect.facebook.net	xoinvestments.ch connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	xoinvestments.ch www.googletagmanager.com
2	www.google-analytics.com	xoinvestments.ch www.google-analytics.com
2	fonts.googleapis.com	xoinvestments.ch xoinvestments.activehosted.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	www.google.de	xoinvestments.ch
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	unpkg.com	xoinvestments.activehosted.com
1	diffuser-cdn.app-us1.com	xoinvestments.ch
1	xoinvestments.activehosted.com	xoinvestments.ch
43	17

This site contains links to these domains. Also see Links.

Domain
www.finma.ch
www.unpri.org
citywire.com
lunic.ch

Subject Issuer	Validity	Valid
xoinvestments.ch R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
activehosted.com Cloudflare Inc ECC CA-3	`2022-12-07` - `2023-12-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-15`	2 months	crt.sh
diffuser-cdn.app-us1.com E1	`2023-02-10` - `2023-05-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
prism.app-us1.com E1	`2023-01-31` - `2023-05-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xoinvestments.ch/
Frame ID: B79CFEE98D77A2D30C364A7934C0219D
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XO Investments: Gestion de fortune et conseil à Neuchâtel et Genève

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

43
Requests

100 %
HTTPS

100 %
IPv6

15
Domains

17
Subdomains

16
IPs

5
Countries

1496 kB
Transfer

2896 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.finma.ch/en/

Search URL Search Domain Scan URL

URL: https://www.unpri.org/

Search URL Search Domain Scan URL

URL: https://citywire.com/ch/

Search URL Search Domain Scan URL

URL: https://lunic.ch/
Title: LUNIC

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xoinvestments.ch/ 45 KB
11 KB 697ms
383ms Document
text/html 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

7012e6988dd23ee402a73af5e2f153825a74cfc68715acc6b966a7314c811099

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, no-cache, private
content-encoding: gzip
content-language: fr
content-type: text/html; charset=UTF-8
date: Wed, 08 Mar 2023 09:40:39 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
permissions-policy: interest-cohort=()
server: Apache
strict-transport-security: max-age=16000000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-ua-compatible: IE=edge

GET
H2 200 css_u7eWJQiMVxzhicnNRhMPC79EY5411vLp6oIJZbuw1Ew.css
xoinvestments.ch/sites/default/files/css/ 5 KB
2 KB 22ms
21ms Stylesheet
text/css 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xoinvestments.ch/sites/default/files/css/css_u7eWJQiMVxzhicnNRhMPC79EY5411vLp6oIJZbuw1Ew.css

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

bbb79625088c571ce189c9cd46130f0bbf44639e35d6f2e9ea820965bbb0d44c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Wed, 11 Jan 2023 13:15:33 GMT
server: Apache
content-encoding: gzip
etag: "572-5f1fccba0c2bf"
vary: Accept-encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1394
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/ 119 KB
21 KB 56ms
23ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/bootstrap.min.css

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xoinvestments.ch/
Origin: https://xoinvestments.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1213618
x-jsd-version: 3.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230115-FRA, cache-yyz4578-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1da71-sJcv3M6C/Vg9TCzMPy4990BKGdA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtOBWKpAKHAbqgthLjAQCnhqW%2Bk6KNfb08BqAIsLVUx6HyyInVRJsWSvjVc3B3%2BOw6PgEIijw2y0x54XOrbvMfnnjkzehLr9pIIcUOiYlobRHfBSnCjwAGqb3tqMNyr5n3UDfM1k6zoi1sxV2GQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a4a1e36bb8c2be8-FRA

GET
H2 200 drupal-bootstrap.min.css
cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.4.0/8.x-3.x/ 11 KB
4 KB 60ms
28ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.4.0/8.x-3.x/drupal-bootstrap.min.css

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bb7aeb18f1091a582be621acf512dd276a8c4e0f7c27bfa715795c6aeb1eea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xoinvestments.ch/
Origin: https://xoinvestments.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1213618
x-jsd-version: 0.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230107-FRA, cache-yyz4537-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2ba9-7BZ4Wjo4JdjHlvh1wHU1MeucYhU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEr21lHvEZPged%2BaliuOPUNnmL7R1XlfMcZSKDwExyDohvHYXnBFzgY7X%2Fj7w6Z32L4M2Th6NM%2BkRBvO%2BLLuezYh3N4n0RSdvFUAaazUWdB0t3FZ3oqoamkNg4%2B7WY0wSBkMuigqJyJojWkw5lM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a4a1e36bb8f2be8-FRA

GET
H2 200 css_EKM1NDECt0wEUyG8VTBClID3_7q2qWxBxq5tkuuBciM.css
xoinvestments.ch/sites/default/files/css/ 17 KB
5 KB 20ms
20ms Stylesheet
text/css 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xoinvestments.ch/sites/default/files/css/css_EKM1NDECt0wEUyG8VTBClID3_7q2qWxBxq5tkuuBciM.css

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

10a335343102b74c045321bc5530429480f7ffbab6a96c41c6ae6d92eb817223

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Thu, 12 Jan 2023 08:47:14 GMT
server: Apache
content-encoding: gzip
etag: "111c-5f20d29df1db8"
vary: Accept-encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 4380
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
987 B 125ms
45ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,600,900

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d3fc78f2aabef3a17005791bc7502b66f10451968bed125c52536cafd28fc2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 09:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 09:40:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 09:40:40 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 163 KB
54 KB 167ms
66ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCck2B8gHbPjUDdZXuaNwZ5UadpV2JJHrM

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

e243b834b36c25a5e2f179b1524999f918d4077b494cf4b119abd60b3b30f887

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=28
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54799
x-xss-protection: 0
expires: Wed, 08 Mar 2023 10:10:40 GMT

GET
H2 200 scroll.svg
xoinvestments.ch/themes/bs_subtheme/css/images/ 671 B
949 B 41ms
39ms Image
image/svg+xml 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xoinvestments.ch/themes/bs_subtheme/css/images/scroll.svg

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

d3ef5c7c68010870b65dc8ffc2e217041bd14fc0e17f21ea2045c9230c95b84d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Tue, 05 Mar 2019 09:28:08 GMT
server: Apache
etag: "29f-583557db49a00"
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 671
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 XO_logo.svg
xoinvestments.ch/themes/bs_subtheme/ 3 KB
3 KB 43ms
42ms Image
image/svg+xml 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xoinvestments.ch/themes/bs_subtheme/XO_logo.svg

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

99b99fb7e494d1478276e66a6a81a3eba604491ba2bfd75f433743dd2717b1f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 21:56:02 GMT
server: Apache
etag: "a1b-582464ea04080"
content-type: image/svg+xml
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2587
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 XO-investments-homepage.jpg
xoinvestments.ch/sites/default/files/photos/ 345 KB
346 KB 42ms
41ms Image
image/jpeg 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xoinvestments.ch/sites/default/files/photos/XO-investments-homepage.jpg

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

d28f0b5f4bea49521b928ec8aff140ff283bb422a12fae821e7f5eab89fc07fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 20:58:22 GMT
server: Apache
etag: "563d3-582458064d780"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 353235
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 embed.php Show response
xoinvestments.activehosted.com/f/ 27 KB
7 KB 329ms
279ms Script
text/javascript 2606:4700::6811:5b6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xoinvestments.activehosted.com/f/embed.php?id=1
Requested by: Host: xoinvestments.ch
URL: https://xoinvestments.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:5b6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c23fd486e2ea5e9dc530a316fbc639ac4446c4873bc73ef5725fd5151e45e82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 09:40:40 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 08 Mar 2023 09:40:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 7a4a1e379a8cbb61-FRA
x-request-id: 3df8d4e68f4b7be6c23ef815305c4f9f
expires: Wed, 08 Mar 2023 13:40:40 GMT

GET
H2 200 js_wS0j2ELUX-HPrjg4-mYB4ZfVxoKj2LHlBvNyqlan_Qg.js Show response
xoinvestments.ch/sites/default/files/js/ 137 KB
46 KB 37ms
37ms Script
text/javascript 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xoinvestments.ch/sites/default/files/js/js_wS0j2ELUX-HPrjg4-mYB4ZfVxoKj2LHlBvNyqlan_Qg.js

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

c12d23d842d45fe1cfae3838fa6601e197d5c682a3d8b1e506f372aa56a7fd08

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Wed, 11 Jan 2023 13:27:58 GMT
server: Apache
content-encoding: gzip
etag: "b82f-5f1fcf8033882"
vary: Accept-encoding
content-type: text/javascript
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 47151
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/ 39 KB
11 KB 28ms
26ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xoinvestments.ch/
Origin: https://xoinvestments.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1213618
x-jsd-version: 3.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230057-FRA, cache-yyz4571-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEP1Azb%2Bp4LICDG2UA9LDe3iwOqc%2BqKXzyP9ha27aXsi3w48DEh72hqVvUJwaFODGbScfg4f%2B22h%2BOcvWG3cVIpwgFgIi0Z2Rb0GaT7WhaedyQTjWU6CKtNb4hHYuVZda1KORmph3m7VWpe0wUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a4a1e380dfc2be8-FRA

GET
H2 200 js_44g6W49myPli1dIhq5IY5gP26l6814BM7jgNOgZ-RYA.js Show response
xoinvestments.ch/sites/default/files/js/ 71 KB
18 KB 44ms
42ms Script
text/javascript 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xoinvestments.ch/sites/default/files/js/js_44g6W49myPli1dIhq5IY5gP26l6814BM7jgNOgZ-RYA.js

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

e3883a5b8f66c8f962d5d221ab9218e603f6ea5ebcd7804cee380d3a067e4580

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Wed, 11 Jan 2023 13:27:58 GMT
server: Apache
content-encoding: gzip
etag: "44d6-5f1fcf8037702"
vary: Accept-encoding
content-type: text/javascript
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 17622
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 116ms
35ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 09:19:39 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1261
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 08 Mar 2023 11:19:39 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 133ms
56ms XHR
application/json 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCck2B8gHbPjUDdZXuaNwZ5UadpV2JJHrM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://xoinvestments.ch
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
40 KB 137ms
51ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDD5LL3

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bef823aec9e59ca3d293b6bc4e985d305cdad5566bcd90942a588cecf877b295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40892
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Mar 2023 09:40:40 GMT

GET
H2 200 XO-investments-homepage.jpg
xoinvestments.ch/sites/default/files/styles/max_2600x2600/public/photos/ 383 KB
384 KB 53ms
52ms Image
image/jpeg 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xoinvestments.ch/sites/default/files/styles/max_2600x2600/public/photos/XO-investments-homepage.jpg?itok=JkUCyD4A

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

476d8fe9a8f3c32ff4e3acca8564c26322fe63102a5b47d976b58996710e959a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 20:58:30 GMT
server: Apache
etag: "5fb6c-5824580dee980"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 392044
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 dot.png
xoinvestments.ch/themes/bs_subtheme/css/images/ 928 B
1 KB 53ms
52ms Image
image/png 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xoinvestments.ch/themes/bs_subtheme/css/images/dot.png

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/sites/default/files/css/css_EKM1NDECt0wEUyG8VTBClID3_7q2qWxBxq5tkuuBciM.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

b52a16c0fd701e55ea3bdea4a30dde737283a45809120f59eddf135e8dc6e0ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/sites/default/files/css/css_EKM1NDECt0wEUyG8VTBClID3_7q2qWxBxq5tkuuBciM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 19:09:34 GMT
server: Apache
etag: "3a0-58243fb4b7780"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 928
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 bg_gris_bottom.png
xoinvestments.ch/themes/bs_subtheme/css/images/ 1019 B
1 KB 52ms
52ms Image
image/png 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xoinvestments.ch/themes/bs_subtheme/css/images/bg_gris_bottom.png

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/sites/default/files/css/css_EKM1NDECt0wEUyG8VTBClID3_7q2qWxBxq5tkuuBciM.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

77a758cd4d38c5bd451a8520f769732933402c963152e92412110ea0137c2c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/sites/default/files/css/css_EKM1NDECt0wEUyG8VTBClID3_7q2qWxBxq5tkuuBciM.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Mon, 04 Mar 2019 09:39:28 GMT
server: Apache
etag: "3fb-5834188653400"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1019
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 163ms
47ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,600,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xoinvestments.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 20:35:57 GMT
x-content-type-options: nosniff
age: 47083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 20:35:57 GMT

GET
H2 200 icomoon.ttf
xoinvestments.ch/modules/awesomenews/css/ 2 KB
2 KB 50ms
49ms Font
font/ttf 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://xoinvestments.ch/modules/awesomenews/css/icomoon.ttf?466vzh

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

ea862d16d71785398d0b445d4c2734f049acc3ab123a9501b19ef9e67a9556c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

Referer: https://xoinvestments.ch/
Origin: https://xoinvestments.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Thu, 17 Nov 2022 09:37:26 GMT
server: Apache
etag: "868-5eda756416180"
content-type: font/ttf
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2152
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 vignette-home_1.jpg
xoinvestments.ch/sites/default/files/styles/max_325x325/public/photos/ 60 KB
60 KB 71ms
70ms Image
image/jpeg 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xoinvestments.ch/sites/default/files/styles/max_325x325/public/photos/vignette-home_1.jpg?itok=j9gAkLJp

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

99d407e566f6c0a5661736fccd0af929216ea60a8e7eb00b072e7cd8821daf23

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 10:11:24 GMT
server: Apache
etag: "f0b2-584e86d513b38"
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 61618
expires: Wed, 22 Mar 2023 09:40:40 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 43ms
42ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=2134252964&t=pageview&_s=1&dl=https%3A%2F%2Fxoinvestments.ch%2F&ul=en-us&de=UTF-8&dt=XO%20Investments%3A%20Gestion%20de%20fortune%20et%20conseil%20%C3%A0%20Neuch%C3%A2tel%20et%20Gen%C3%A8ve&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=661004189&gjid=1336123439&cid=927706806.1678268440&tid=UA-137201343-1&_gid=449733214.1678268440&_r=1&_slc=1&z=2094179577

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xoinvestments.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 09:40:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xoinvestments.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Mar 2023 09:40:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: D1MmLgEoLkOJEFr6i+Ain2yamyyVS74fEpxWKhUl2Di32xA7KDzkpDJGYGFBax9TnwuNCkC1vz+mh3HOQIRLww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 48ms
15ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: xoinvestments.ch
URL: https://xoinvestments.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
content-encoding: gzip
via: 1.1 182732bb63f7d4f88e7cac0874b0cfee.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: AMS50-C1
age: 85
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
etag: W/"4d482a43613d3966f353ec9d97452e0c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 7a4a1e397d3a360e-FRA
x-amz-cf-id: vIDNUzb8xoebxxKnEeFBU7c2h7v5J2vLzdjpRg8UMeHOMSOxTWuXdg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
82 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JD84D1LY5C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDD5LL3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2371f0b6c14b8e1a077041310bbb3ee6b790b5518d57ea3e3e4b075eff5587cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83691
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Mar 2023 09:40:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
958 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&family=Montserrat&family=Roboto&family=IBM+Plex+Sans:wght@400;600&display=swap

Requested by

Host: xoinvestments.activehosted.com
URL: https://xoinvestments.activehosted.com/f/embed.php?id=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

687ec51a8f3efb6ebae3f8b4c6b7daf72b615d63e96eac44b419004fec51c76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Mar 2023 09:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 08:32:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Mar 2023 09:40:40 GMT

GET
H2 200 intlTelInput.min.css
unpkg.com/intl-tel-input@17.0.18/build/css/ 19 KB
3 KB 79ms
29ms Stylesheet
text/css 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/intl-tel-input@17.0.18/build/css/intlTelInput.min.css

Requested by

Host: xoinvestments.activehosted.com
URL: https://xoinvestments.activehosted.com/f/embed.php?id=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3037952
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GR5R99XQMAQGTCFNSXXRETWN-fra
server: cloudflare
etag: W/"4ad5-/7iiVjPE3eq4HRsXQqwv0LRCpMY"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a4a1e39afdc3672-FRA

GET
H2 200 finma_0.png
xoinvestments.ch/sites/default/files/inline-images/ 6 KB
6 KB 34ms
28ms Image
image/png 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xoinvestments.ch/sites/default/files/inline-images/finma_0.png

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

840811b8c46df58e16b473fb10d0b5e0d2943b1714b59f839d540be1d22a457f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Thu, 23 Feb 2023 13:31:55 GMT
server: Apache
etag: "17e2-5f55e0953aa26"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 6114
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 xo_pri.png
xoinvestments.ch/sites/default/files/inline-images/ 15 KB
16 KB 33ms
26ms Image
image/png 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xoinvestments.ch/sites/default/files/inline-images/xo_pri.png

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

1428e98447da84a2857079dba1e79f20eaeb983658a1b7b0663cfd91b0d7f83c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Thu, 16 Sep 2021 07:32:29 GMT
server: Apache
etag: "3d49-5cc17d12bcca6"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 15689
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 xo_citywire_top50.png
xoinvestments.ch/sites/default/files/inline-images/ 42 KB
42 KB 32ms
26ms Image
image/png 2001:1600:4:13:d294:66ff:fe7c:de54
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xoinvestments.ch/sites/default/files/inline-images/xo_citywire_top50.png

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:1600:4:13:d294:66ff:fe7c:de54 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

28f7793dc0c3de71fd4de10f39424166de18d98ca7ef797f416af547acb38d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
strict-transport-security: max-age=16000000
x-content-type-options: nosniff
last-modified: Thu, 16 Sep 2021 07:32:44 GMT
server: Apache
etag: "a629-5cc17d215ee26"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 42537
expires: Wed, 22 Mar 2023 09:40:40 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 12 KB
13 KB 49ms
48ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Montserrat&family=Roboto&family=IBM+Plex+Sans:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xoinvestments.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:02:03 GMT
x-content-type-options: nosniff
age: 520717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12708
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 09:02:03 GMT

GET
H2 200 481672957503856 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 339ms
338ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/481672957503856?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec307c1d632a8edad2df715804f031ff72d99893e1551f6288dfbdf74e449384

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Mar 2023 09:40:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FxNJEuNTWhHFCdN0ztyCHdoWQfOilxI65FPssYfELPxtXcZbyBtA3aO23grcXq1ALdAj+YEYZg9UWoDNXtBHTQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 52ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-JD84D1LY5C&gtm=45je3360&_p=2134252964&_gaz=1&cid=927706806.1678268440&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678268440&sct=1&seg=0&dl=https%3A%2F%2Fxoinvestments.ch%2F&dt=XO%20Investments%3A%20Gestion%20de%20fortune%20et%20conseil%20%C3%A0%20Neuch%C3%A2tel%20et%20Gen%C3%A8ve&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JD84D1LY5C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 09:40:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xoinvestments.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 67ms
19ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JD84D1LY5C&cid=927706806.1678268440&gtm=45je3360&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JD84D1LY5C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 09:40:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xoinvestments.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 148ms
62ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JD84D1LY5C&cid=927706806.1678268440&gtm=45je3360&aip=1&z=273982530

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 09:40:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
463 B 197ms
153ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=226203843&u=https%3A%2F%2Fxoinvestments.ch%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ac5950bd1188b3d10e8e7d283d85bc55fa365c77b87d87d66b9bc21c750f5835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.33
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 42
cf-ray: 7a4a1e3ad84630c6-FRA

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 172ms
126ms Script
text/javascript 2606:4700:4400::6812:2a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=226203843&prismid=007ec09e-f6b4-438c-83ec-031c75cc9eb1&url=https%3A%2F%2Fxoinvestments.ch%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:40:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/8.1.16
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-envoy-upstream-service-time: 11
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 7a4a1e3c1932914a-FRA
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 47ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=481672957503856&ev=PageView&dl=https%3A%2F%2Fxoinvestments.ch%2F&rl=&if=false&ts=1678268441056&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678268441056.1833224970&it=1678268440684&coo=false&rqm=GET

Requested by

Host: xoinvestments.ch
URL: https://xoinvestments.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Mar 2023 09:40:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=481672957503856&ev=Microdata&dl=https%3A%2F%2Fxoinvestments.ch%2F&rl=&if=false&ts=1678268442559&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22XO%20Investments%3A%20Gestion%20de%20fortune%20et%20conseil%20%C3%A0%20Neuch%C3%A2tel%20et%20Gen%C3%A8ve%22%2C%22meta%3Adescription%22%3A%22Gestion%20de%20fortune%20et%20conseil%20pour%20investisseurs%20priv%C3%A9s%20et%20institutionnels.%20Comment%20investir%3F%20O%C3%B9%20investir%3F%20Quand%20investir%3F%20Consultez%20XO%20Investments.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.98&r=stable&ec=1&o=30&fbp=fb.1.1678268441056.1833224970&it=1678268440684&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Mar 2023 09:40:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/ 270 KB
67 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCck2B8gHbPjUDdZXuaNwZ5UadpV2JJHrM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8605c23e565a96c1361218762063ecd7fd58df5dd67d2bfae48a07468ac4dc7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 484351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68577
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 22:08:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 19:08:14 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/ 159 KB
55 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/3a/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCck2B8gHbPjUDdZXuaNwZ5UadpV2JJHrM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d49d943267bb71f96aaea5498acb9544fdd427649b9a0b77a590314058669a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xoinvestments.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 19:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 484351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56038
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 22:08:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 19:08:14 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xoinvestments.ch/	1970-01-20 10:12:34	Name: _gid Value: GA1.2.449733214.1678268440
.xoinvestments.ch/	1970-01-20 10:11:08	Name: _gat Value: 1
.xoinvestments.ch/	1970-01-20 19:47:08	Name: _ga_JD84D1LY5C Value: GS1.1.1678268440.1.0.1678268440.60.0.0
.xoinvestments.ch/	1970-01-20 19:47:08	Name: _ga Value: GA1.1.927706806.1678268440
prism.app-us1.com/	1970-01-20 10:54:20	Name: prism_226203843 Value: 007ec09e-f6b4-438c-83ec-031c75cc9eb1
.xoinvestments.ch/	1970-01-20 10:54:20	Name: prism_226203843 Value: 007ec09e-f6b4-438c-83ec-031c75cc9eb1
.xoinvestments.ch/	1970-01-20 12:20:44	Name: _fbp Value: fb.1.1678268441056.1833224970

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16000000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
connect.facebook.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
prism.app-us1.com
region1.analytics.google.com
stats.g.doubleclick.net
trackcmp.net
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
xoinvestments.activehosted.com
xoinvestments.ch
2001:1600:4:13:d294:66ff:fe7c:de54
2001:4860:4802:34::36
2606:4700:4400::6812:2a69
2606:4700::6810:5914
2606:4700::6810:7eaf
2606:4700::6811:5b6d
2606:4700::6811:925b
2a00:1450:4001:80e::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c0a::9c
2a00:1450:400d:80c::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0bb7aeb18f1091a582be621acf512dd276a8c4e0f7c27bfa715795c6aeb1eea8
0c23fd486e2ea5e9dc530a316fbc639ac4446c4873bc73ef5725fd5151e45e82
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
10a335343102b74c045321bc5530429480f7ffbab6a96c41c6ae6d92eb817223
1428e98447da84a2857079dba1e79f20eaeb983658a1b7b0663cfd91b0d7f83c
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d3fc78f2aabef3a17005791bc7502b66f10451968bed125c52536cafd28fc2d
2371f0b6c14b8e1a077041310bbb3ee6b790b5518d57ea3e3e4b075eff5587cc
28f7793dc0c3de71fd4de10f39424166de18d98ca7ef797f416af547acb38d21
3d49d943267bb71f96aaea5498acb9544fdd427649b9a0b77a590314058669a6
476d8fe9a8f3c32ff4e3acca8564c26322fe63102a5b47d976b58996710e959a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
687ec51a8f3efb6ebae3f8b4c6b7daf72b615d63e96eac44b419004fec51c76f
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7012e6988dd23ee402a73af5e2f153825a74cfc68715acc6b966a7314c811099
77a758cd4d38c5bd451a8520f769732933402c963152e92412110ea0137c2c08
840811b8c46df58e16b473fb10d0b5e0d2943b1714b59f839d540be1d22a457f
8605c23e565a96c1361218762063ecd7fd58df5dd67d2bfae48a07468ac4dc7c
99b99fb7e494d1478276e66a6a81a3eba604491ba2bfd75f433743dd2717b1f6
99d407e566f6c0a5661736fccd0af929216ea60a8e7eb00b072e7cd8821daf23
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
ac5950bd1188b3d10e8e7d283d85bc55fa365c77b87d87d66b9bc21c750f5835
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b52a16c0fd701e55ea3bdea4a30dde737283a45809120f59eddf135e8dc6e0ba
bbb79625088c571ce189c9cd46130f0bbf44639e35d6f2e9ea820965bbb0d44c
bef823aec9e59ca3d293b6bc4e985d305cdad5566bcd90942a588cecf877b295
c12d23d842d45fe1cfae3838fa6601e197d5c682a3d8b1e506f372aa56a7fd08
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d28f0b5f4bea49521b928ec8aff140ff283bb422a12fae821e7f5eab89fc07fc
d3ef5c7c68010870b65dc8ffc2e217041bd14fc0e17f21ea2045c9230c95b84d
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
e243b834b36c25a5e2f179b1524999f918d4077b494cf4b119abd60b3b30f887
e3883a5b8f66c8f962d5d221ab9218e603f6ea5ebcd7804cee380d3a067e4580
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea862d16d71785398d0b445d4c2734f049acc3ab123a9501b19ef9e67a9556c2
ec307c1d632a8edad2df715804f031ff72d99893e1551f6288dfbdf74e449384
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

xoinvestments.ch Open in urlscan Pro 2001:1600:4:13:d294:66ff:fe7c:de54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

100 %IPv6

15 Domains

17 Subdomains

16 IPs

5 Countries

1496 kBTransfer

2896 kBSize

7 Cookies

4 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xoinvestments.ch Open in urlscan Pro
2001:1600:4:13:d294:66ff:fe7c:de54 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

100 %
IPv6

15
Domains

17
Subdomains

16
IPs

5
Countries

1496 kB
Transfer

2896 kB
Size

7
Cookies

43 HTTP transactions
0 data transactions