urlscan.io logo urlscan.io
SecurityTrails logo

incomeprotect.cembra.ch Open in urlscan Pro
2620:1ec:bdf::45  Public Scan

Go To Rescan Add Verdict Report
URL: https://incomeprotect.cembra.ch/
Submission: On November 12 via automatic, source certstream-suspicious — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 21 HTTP transactions. The main IP is 2620:1ec:bdf::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is incomeprotect.cembra.ch.
TLS certificate: Issued by SwissSign RSA TLS DV ICA 2022 - 1 on April 30th 2024. Valid for: a year.
This is the only time incomeprotect.cembra.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 51.107.42.231 8075 (MICROSOFT...)
2 146.75.119.18 54113 (FASTLY)
21 3
Apex Domain
Subdomains		 Transfer
18 cembra.ch
incomeprotect.cembra.ch
3 MB
2 contentful.com
cdn.contentful.com — Cisco Umbrella Rank: 8493
7 KB
1 t-d-ares.com
prod-services.t-d-ares.com
2 KB
21 3
Domain Requested by
18 incomeprotect.cembra.ch incomeprotect.cembra.ch
2 cdn.contentful.com incomeprotect.cembra.ch
1 prod-services.t-d-ares.com incomeprotect.cembra.ch
21 3

This site contains links to these domains. Also see Links.

Domain
www.cembra.ch
www.axa.ch
tonidigital.com
Subject Issuer Validity Valid
incomeprotect.cembra.ch
SwissSign RSA TLS DV ICA 2022 - 1		 2024-04-30 -
2025-04-30		 a year crt.sh
*.t-d-ares.com
Sectigo RSA Organization Validation Secure Server CA		 2024-08-22 -
2025-09-21		 a year crt.sh
cdn.contentful.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-03 -
2025-05-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://incomeprotect.cembra.ch/
Frame ID: 3097D44AC582EA3A181D000A88C55FA0
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CembraOnboarding

Page Statistics

21
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

2631 kB
Transfer

2648 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
incomeprotect.cembra.ch/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b552490d6e434ae3942ddfa9a6a0ac03c3303ad52f0853b4196cd1e8256798ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
7400
content-md5
tCgA7aN3pOX+OpWrosFpFQ==
content-type
text/html
date
Tue, 12 Nov 2024 10:32:07 GMT
etag
"0x8DC89F2AF4D9D33"
last-modified
Tue, 11 Jun 2024 08:44:19 GMT
x-azure-ref
20241112T103207Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u92v
x-cache
CONFIG_NOCACHE
x-ms-request-id
ccc50660-101e-002a-5aee-34ffd3000000
x-ms-version
2018-03-28
chunk-YKNY5OVD.js
incomeprotect.cembra.ch/ 		227 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/chunk-YKNY5OVD.js
Requested by
Host: incomeprotect.cembra.ch
URL: https://incomeprotect.cembra.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
db0af164c6684c0e22a4869f40ecf728e23757a8a293ab5402a8c56f6586d1f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://incomeprotect.cembra.ch
Referer
https://incomeprotect.cembra.ch/

Response headers

content-md5
8bxceuTqvfAdnPf6Tcs58A==
x-ms-version
2018-03-28
etag
"0x8DC89F2AF4539EF"
x-ms-request-id
ccc50779-101e-002a-66ee-34ffd3000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
232745
date
Tue, 12 Nov 2024 10:32:07 GMT
content-type
application/javascript
last-modified
Tue, 11 Jun 2024 08:44:19 GMT
x-azure-ref
20241112T103207Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u94g
chunk-G3VZXUSM.js
incomeprotect.cembra.ch/ 		284 KB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/chunk-G3VZXUSM.js
Requested by
Host: incomeprotect.cembra.ch
URL: https://incomeprotect.cembra.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7139365530d58312e7c4cea4355c6f15ea0f1866be7a4631761db49fe0f8d90a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://incomeprotect.cembra.ch
Referer
https://incomeprotect.cembra.ch/

Response headers

content-md5
W4vr/yZ8XwurPvV39sdwjw==
x-ms-version
2018-03-28
etag
"0x8DC89F2AF575FBF"
x-ms-request-id
23ca3d1a-d01e-0068-56ee-344653000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
291087
date
Tue, 12 Nov 2024 10:32:07 GMT
content-type
application/javascript
last-modified
Tue, 11 Jun 2024 08:44:19 GMT
x-azure-ref
20241112T103207Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u94h
polyfills-4R6E2C5Q.js
incomeprotect.cembra.ch/ 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/polyfills-4R6E2C5Q.js
Requested by
Host: incomeprotect.cembra.ch
URL: https://incomeprotect.cembra.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7bfebf828dde6f8694bc94cc0a2e9009d5cdbac32c62cd33bf1bd4fbaaf8b04d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://incomeprotect.cembra.ch
Referer
https://incomeprotect.cembra.ch/

Response headers

content-md5
1Ve3Nts61dMHhIwJjF5WGg==
x-ms-version
2018-03-28
etag
"0x8DC89F2AF47357C"
x-ms-request-id
61920540-901e-001b-44ee-341ec0000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
35421
date
Tue, 12 Nov 2024 10:32:07 GMT
content-type
application/javascript
last-modified
Tue, 11 Jun 2024 08:44:19 GMT
x-azure-ref
20241112T103207Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u94k
main-VLFRE5CE.js
incomeprotect.cembra.ch/ 		302 KB
303 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/main-VLFRE5CE.js
Requested by
Host: incomeprotect.cembra.ch
URL: https://incomeprotect.cembra.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bdc84b18a2b180ba0807f4203a0678fb48c4f2940916279324e382e9b55183db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://incomeprotect.cembra.ch
Referer
https://incomeprotect.cembra.ch/

Response headers

content-md5
qiTJZdPyW8ylKY1OZ2am4A==
x-ms-version
2018-03-28
etag
"0x8DC89F2AF516D22"
x-ms-request-id
e2f83d82-201e-0043-2eee-34c69f000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
309476
date
Tue, 12 Nov 2024 10:32:07 GMT
content-type
application/javascript
last-modified
Tue, 11 Jun 2024 08:44:19 GMT
x-azure-ref
20241112T103207Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u94m
styles-ZJRRQOSN.css
incomeprotect.cembra.ch/ 		231 KB
232 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/styles-ZJRRQOSN.css
Requested by
Host: incomeprotect.cembra.ch
URL: https://incomeprotect.cembra.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
be67284d950d5fb0fc0ab168562215825c43c42e763d5ff14d9ede11fa8cacde

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://incomeprotect.cembra.ch/

Response headers

content-md5
e+GEQ/IaAmyap3YQkMw7TQ==
x-ms-version
2018-03-28
etag
"0x8DC89F2AF542BE5"
x-ms-request-id
640173f3-701e-005e-32ee-34cb23000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
236674
date
Tue, 12 Nov 2024 10:32:07 GMT
content-type
text/css
last-modified
Tue, 11 Jun 2024 08:44:19 GMT
x-azure-ref
20241112T103207Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u94r
FiraSans-Regular.ttf
incomeprotect.cembra.ch/assets/fonts/ 		431 KB
431 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/assets/fonts/FiraSans-Regular.ttf
Requested by
Host: incomeprotect.cembra.ch
URL: https://incomeprotect.cembra.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3dabf3d48bf4599f95cffd92f99ea426a014d5311f52a5eb5ec3af265e97cd97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://incomeprotect.cembra.ch
Referer
https://incomeprotect.cembra.ch/

Response headers

content-md5
UOeAtFZ4rjTO9S0+URK9DQ==
x-ms-version
2018-03-28
etag
"0x8DC89F2AF64F258"
x-ms-request-id
662bcc16-701e-0003-7bee-34c1a7000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
440984
date
Tue, 12 Nov 2024 10:32:07 GMT
content-type
font/ttf
last-modified
Tue, 11 Jun 2024 08:44:19 GMT
x-azure-ref
20241112T103207Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u94y
staticConfig.json
incomeprotect.cembra.ch/assets/config/ 		121 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/assets/config/staticConfig.json?v=1.01
Requested by
Host: incomeprotect.cembra.ch
URL: https://incomeprotect.cembra.ch/polyfills-4R6E2C5Q.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ccb183ebf8cb67458d50c9c869c9e0063dbb64e330f34cf9483e1a709f12bc9f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://incomeprotect.cembra.ch/

Response headers

content-md5
s3wz0tr7rk5OJiPPxcY4sw==
x-ms-version
2018-03-28
etag
"0x8DC89F2AFB661DB"
x-ms-request-id
640175fa-701e-005e-23ee-34cb23000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
121
date
Tue, 12 Nov 2024 10:32:08 GMT
content-type
application/json
last-modified
Tue, 11 Jun 2024 08:44:20 GMT
x-azure-ref
20241112T103208Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u978
favicon.ico
incomeprotect.cembra.ch/ 		11 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3012e820fef550ae91fcc2f4b23d4246af1c98d778f9c3b9ae33d1a61ab7b5bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://incomeprotect.cembra.ch/

Response headers

content-md5
+iv526XVtunyFOe4D5/ncQ==
x-ms-version
2018-03-28
etag
"0x8DC89F2AF48BBDC"
x-ms-request-id
6401761d-701e-005e-34ee-34cb23000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
11023
date
Tue, 12 Nov 2024 10:32:08 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 11 Jun 2024 08:44:19 GMT
x-azure-ref
20241112T103208Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u97g
incomeprotect.cembra.ch
prod-services.t-d-ares.com/api/configurations/applicationsettings/app/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-services.t-d-ares.com/api/configurations/applicationsettings/app/incomeprotect.cembra.ch
Requested by
Host: incomeprotect.cembra.ch
URL: https://incomeprotect.cembra.ch/polyfills-4R6E2C5Q.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.107.42.231 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5add2be42b8019b16ec4098d0dacdd5f15bbbcf56d86a4a305c04c9b43e29ef6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://incomeprotect.cembra.ch/

Response headers

x-correlation-id
53dde452-687b-4c7f-911b-ac6324e035f6
access-control-allow-credentials
true
access-control-allow-origin
https://incomeprotect.cembra.ch
content-length
1907
date
Tue, 12 Nov 2024 10:32:08 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
Kestrel
entries
cdn.contentful.com/spaces/z9vs7g1w3xss/environments/master/ 		22 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.contentful.com/spaces/z9vs7g1w3xss/environments/master/entries?content_type=translations&fields.type=Cembra_Onboarding&locale=de
Requested by
Host: incomeprotect.cembra.ch
URL: https://incomeprotect.cembra.ch/polyfills-4R6E2C5Q.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.119.18 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
47dd2416771c20cba5107daa8ba3b68bbc5bf83402095a7332bc8a3ae685a347
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Authorization
Bearer _XjzJ618_cia-ACvD3DvQII3FAMe-Kw1_WUwkT9pBAY
Referer
https://incomeprotect.cembra.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-Contentful-User-Agent
sdk contentful.js/10.11.8; platform browser; os Linux;

Response headers

cf-environment-id
master
access-control-max-age
86400
x-contentful-region
us-east-1
cf-environment-uuid
7282aa7a-3773-429c-ab32-d58beaa2f607
content-encoding
gzip
access-control-expose-headers
Etag
etag
W/"5740284715689059674"
age
121817
cf-organization-id
2CricfVWjZlAlzoyZr2hxh
x-content-type-options
nosniff
access-control-allow-methods
GET,HEAD,OPTIONS
x-cache
HIT
date
Tue, 12 Nov 2024 10:32:08 GMT
cf-space-id
z9vs7g1w3xss
content-type
application/vnd.contentful.delivery.v1+json
x-served-by
cache-ewr-kewr1740041-EWR, cache-fra-eddf8230133-FRA
x-cache-hits
1, 1
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route
/spaces/:space/environments/:environment/entries
contentful-api
cda
x-timer
S1731407529.601707,VS0,VE3
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
7156
x-contentful-request-id
d44be5d0-0b7b-4847-86f6-8d0ccd83e4d2
server
Contentful
entries
cdn.contentful.com/spaces/z9vs7g1w3xss/environments/master/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.contentful.com/spaces/z9vs7g1w3xss/environments/master/entries?content_type=translations&fields.type=Cembra_Onboarding&locale=de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.119.18 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-contentful-user-agent
Access-Control-Request-Method
GET
Origin
https://incomeprotect.cembra.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Etag
access-control-max-age
86400
age
0
date
Tue, 12 Nov 2024 10:32:08 GMT
server
Contentful
via
1.1 varnish, 1.1 varnish
x-cache
HIT
x-cache-hits
1, 0
x-content-type-options
nosniff
x-contentful-region
us-east-1
x-contentful-request-id
b650fefc-b136-458a-a86a-8c719238c3d1
x-served-by
cache-ewr-kewr1740041-EWR, cache-fra-eddf8230133-FRA
x-timer
S1731407528.487674,VS0,VE84
chunk-T4RR2AVH.js
incomeprotect.cembra.ch/ 		560 B
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/chunk-T4RR2AVH.js
Requested by
Host: incomeprotect.cembra.ch
URL: https://incomeprotect.cembra.ch/main-VLFRE5CE.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5112f9abd9c1a00b0b190d73ad50e6dc51bd8dbd0d66bf3b79172dfb0d22a35f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://incomeprotect.cembra.ch
Referer
https://incomeprotect.cembra.ch/main-VLFRE5CE.js

Response headers

content-md5
gsSJBMxeXCemaqY9JFTARQ==
x-ms-version
2018-03-28
etag
"0x8DC89F2AF4BEFB1"
x-ms-request-id
6401783b-701e-005e-28ee-34cb23000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
560
date
Tue, 12 Nov 2024 10:32:08 GMT
content-type
application/javascript
last-modified
Tue, 11 Jun 2024 08:44:19 GMT
x-azure-ref
20241112T103208Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u99n
chunk-QT6CR6ZV.js
incomeprotect.cembra.ch/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/chunk-QT6CR6ZV.js
Requested by
Host: incomeprotect.cembra.ch
URL: https://incomeprotect.cembra.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b7dcad6562d2c831710b8e9ecfea3ab42f0daf53c08cda692a81d899c522bd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://incomeprotect.cembra.ch
Referer
https://incomeprotect.cembra.ch/chunk-T4RR2AVH.js

Response headers

content-md5
nIBXXK2XpNYXK65BHic7vQ==
x-ms-version
2018-03-28
etag
"0x8DC89F2AF4A694B"
x-ms-request-id
6401787c-701e-005e-44ee-34cb23000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
1077
date
Tue, 12 Nov 2024 10:32:08 GMT
content-type
application/javascript
last-modified
Tue, 11 Jun 2024 08:44:19 GMT
x-azure-ref
20241112T103208Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u99w
chunk-VXRX36XQ.js
incomeprotect.cembra.ch/ 		181 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/chunk-VXRX36XQ.js
Requested by
Host: incomeprotect.cembra.ch
URL: https://incomeprotect.cembra.ch/chunk-T4RR2AVH.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
319fa3b4ff10c52aadfb273cde65f26b7cc2e7b4f564f603582d410aae7ad79c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://incomeprotect.cembra.ch
Referer
https://incomeprotect.cembra.ch/chunk-T4RR2AVH.js

Response headers

content-md5
hoBLPj+HGjWrDvIMA9dbZw==
x-ms-version
2018-03-28
etag
"0x8DC89F2AF59A958"
x-ms-request-id
640178c4-701e-005e-65ee-34cb23000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
184949
date
Tue, 12 Nov 2024 10:32:08 GMT
content-type
application/javascript
last-modified
Tue, 11 Jun 2024 08:44:19 GMT
x-azure-ref
20241112T103208Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u9a4
income-protect.png
incomeprotect.cembra.ch/assets/images/ 		328 KB
329 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incomeprotect.cembra.ch/assets/images/income-protect.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c8a45264033902a85ea384313162910c67572b9d96b8d20566f21e35108d205c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://incomeprotect.cembra.ch/de/onboarding/income

Response headers

content-md5
K+JA+H9urFF478xsNnIWKQ==
x-ms-version
2018-03-28
etag
"0x8DC89F2AFC7EB89"
x-ms-request-id
64017984-701e-005e-48ee-34cb23000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
336185
date
Tue, 12 Nov 2024 10:32:08 GMT
content-type
image/png
last-modified
Tue, 11 Jun 2024 08:44:20 GMT
x-azure-ref
20241112T103208Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u9aq
valid.svg
incomeprotect.cembra.ch/assets/images/icons/ 		149 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incomeprotect.cembra.ch/assets/images/icons/valid.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eb059ba61c9c60a670e67477feecbc2e8fad2d59bcb9b14416f77bb06aa2e58a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://incomeprotect.cembra.ch/de/onboarding/income

Response headers

content-md5
ire5A6jE6lORY0f14ZDDSQ==
x-ms-version
2018-03-28
etag
"0x8DC89F2AFD92709"
x-ms-request-id
662bd17d-701e-0003-74ee-34c1a7000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
149
date
Tue, 12 Nov 2024 10:32:08 GMT
content-type
image/svg+xml
last-modified
Tue, 11 Jun 2024 08:44:20 GMT
x-azure-ref
20241112T103208Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u9ar
cembra-logo.svg
incomeprotect.cembra.ch/assets/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incomeprotect.cembra.ch/assets/images/cembra-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c30909cbbf4a0a20c273796a3aff98d5572df88044fab9c6f204983b28d08e13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://incomeprotect.cembra.ch/de/onboarding/income

Response headers

content-md5
ptGU9hyJ0AxVe9xVmDnO7Q==
x-ms-version
2018-03-28
etag
"0x8DC89F2AFBC065C"
x-ms-request-id
e2f8415d-201e-0043-7bee-34c69f000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
73279
date
Tue, 12 Nov 2024 10:32:08 GMT
content-type
image/svg+xml
last-modified
Tue, 11 Jun 2024 08:44:20 GMT
x-azure-ref
20241112T103208Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u9as
mobile-logo.svg
incomeprotect.cembra.ch/assets/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://incomeprotect.cembra.ch/assets/images/mobile-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5fa059614d5ae63548949bfe32b03b4974a2cc9870360ba72a0baece87984858

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://incomeprotect.cembra.ch/de/onboarding/income

Response headers

content-md5
gDBk44uEoqKnksA2ivUbYw==
x-ms-version
2018-03-28
etag
"0x8DC89F2AFD2984D"
x-ms-request-id
23ca41f2-d01e-0068-11ee-344653000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
73312
date
Tue, 12 Nov 2024 10:32:08 GMT
content-type
image/svg+xml
last-modified
Tue, 11 Jun 2024 08:44:20 GMT
x-azure-ref
20241112T103208Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u9at
FiraSans-Medium.ttf
incomeprotect.cembra.ch/assets/fonts/ 		431 KB
432 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/assets/fonts/FiraSans-Medium.ttf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7c2d4961dd4a2dbe3ec9c6a2fc60d7ee21f44dfa7c5c71256b28d15e8af89535

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://incomeprotect.cembra.ch
Referer
https://incomeprotect.cembra.ch/

Response headers

content-md5
+XljxZXorLhwE8HU4cPJ+Q==
x-ms-version
2018-03-28
etag
"0x8DC89F2AFA351C9"
x-ms-request-id
ccc50d17-101e-002a-53ee-34ffd3000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
441384
date
Tue, 12 Nov 2024 10:32:08 GMT
content-type
font/ttf
last-modified
Tue, 11 Jun 2024 08:44:20 GMT
x-azure-ref
20241112T103208Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u9av
favicon.ico
incomeprotect.cembra.ch/ 		11 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://incomeprotect.cembra.ch/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3012e820fef550ae91fcc2f4b23d4246af1c98d778f9c3b9ae33d1a61ab7b5bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://incomeprotect.cembra.ch/de/onboarding/income

Response headers

content-md5
+iv526XVtunyFOe4D5/ncQ==
x-ms-version
2018-03-28
etag
"0x8DC89F2AF48BBDC"
x-ms-request-id
6401761d-701e-005e-34ee-34cb23000000
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
11023
date
Tue, 12 Nov 2024 10:32:08 GMT
content-type
image/vnd.microsoft.icon
last-modified
Tue, 11 Jun 2024 08:44:19 GMT
x-azure-ref
20241112T103208Z-r1cc7858649dpqnkhC1FRA3grc000000080g00000001u97g

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched boolean| __zone_symbol__ononscrollsnapchangepatched boolean| __zone_symbol__ononscrollsnapchangingpatched function| __zone_symbol__queueMicrotask function| $localize object| regeneratorRuntime object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.contentful.com
incomeprotect.cembra.ch
prod-services.t-d-ares.com
146.75.119.18
2620:1ec:bdf::45
51.107.42.231
3012e820fef550ae91fcc2f4b23d4246af1c98d778f9c3b9ae33d1a61ab7b5bb
319fa3b4ff10c52aadfb273cde65f26b7cc2e7b4f564f603582d410aae7ad79c
3b7dcad6562d2c831710b8e9ecfea3ab42f0daf53c08cda692a81d899c522bd0
3dabf3d48bf4599f95cffd92f99ea426a014d5311f52a5eb5ec3af265e97cd97
47dd2416771c20cba5107daa8ba3b68bbc5bf83402095a7332bc8a3ae685a347
5112f9abd9c1a00b0b190d73ad50e6dc51bd8dbd0d66bf3b79172dfb0d22a35f
5add2be42b8019b16ec4098d0dacdd5f15bbbcf56d86a4a305c04c9b43e29ef6
5fa059614d5ae63548949bfe32b03b4974a2cc9870360ba72a0baece87984858
7139365530d58312e7c4cea4355c6f15ea0f1866be7a4631761db49fe0f8d90a
7bfebf828dde6f8694bc94cc0a2e9009d5cdbac32c62cd33bf1bd4fbaaf8b04d
7c2d4961dd4a2dbe3ec9c6a2fc60d7ee21f44dfa7c5c71256b28d15e8af89535
b552490d6e434ae3942ddfa9a6a0ac03c3303ad52f0853b4196cd1e8256798ef
bdc84b18a2b180ba0807f4203a0678fb48c4f2940916279324e382e9b55183db
be67284d950d5fb0fc0ab168562215825c43c42e763d5ff14d9ede11fa8cacde
c30909cbbf4a0a20c273796a3aff98d5572df88044fab9c6f204983b28d08e13
c8a45264033902a85ea384313162910c67572b9d96b8d20566f21e35108d205c
ccb183ebf8cb67458d50c9c869c9e0063dbb64e330f34cf9483e1a709f12bc9f
db0af164c6684c0e22a4869f40ecf728e23757a8a293ab5402a8c56f6586d1f8
eb059ba61c9c60a670e67477feecbc2e8fad2d59bcb9b14416f77bb06aa2e58a