urlscan.io logo urlscan.io
SecurityTrails logo

cloud.safeinvestmentsa.ch Open in urlscan Pro
80.88.84.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cloud.safeinvestmentsagl.ch/
Effective URL: https://cloud.safeinvestmentsa.ch/
Submission: On August 15 via automatic, source certstream-suspicious — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 21 HTTP transactions. The main IP is 80.88.84.228, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is cloud.safeinvestmentsa.ch.
TLS certificate: Issued by R10 on June 16th 2024. Valid for: 3 months.
This is the only time cloud.safeinvestmentsa.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.214.160.1 15169 (GOOGLE)
16 80.88.84.228 31034 (ARUBA-ASN)
3 142.250.185.132 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 4
Apex Domain
Subdomains		 Transfer
16 safeinvestmentsa.ch
cloud.safeinvestmentsa.ch
897 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
983 B
1 gstatic.com
www.gstatic.com
212 KB
1 safeinvestmentsagl.ch
cloud.safeinvestmentsagl.ch
171 B
21 4
Domain Requested by
16 cloud.safeinvestmentsa.ch cloud.safeinvestmentsa.ch
3 www.google.com cloud.safeinvestmentsa.ch
www.gstatic.com
1 www.gstatic.com www.google.com
1 cloud.safeinvestmentsagl.ch 1 redirects
21 4

This site contains links to these domains. Also see Links.

Domain
cloud.safeinvestmentsagl.ch
www.xtremelab.it
Subject Issuer Validity Valid
safeinvestmentsa.ch
R10		 2024-06-16 -
2024-09-14		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://cloud.safeinvestmentsa.ch/
Frame ID: 0D1506F24C1A54CFB6FB398E1743DB06
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLOPkdAAAAAJZdv6zhyNdtoTkWUC59AlChHdx5&co=aHR0cHM6Ly9jbG91ZC5zYWZlaW52ZXN0bWVudHNhLmNoOjQ0Mw..&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=cjyhrfpc5uwt
Frame ID: D371D15371DA6F4AD68FBFBC13D2B360
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&k=6LfLOPkdAAAAAJZdv6zhyNdtoTkWUC59AlChHdx5
Frame ID: 965DF861B1ED291ABC6175F887D4937B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

cloud.safeinvestmentsagl.ch

Page URL History Show full URLs

  1. https://cloud.safeinvestmentsagl.ch/ HTTP 301
    https://cloud.safeinvestmentsa.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

21
Requests

95 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

1109 kB
Transfer

2127 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cloud.safeinvestmentsagl.ch/ HTTP 301
    https://cloud.safeinvestmentsa.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cloud.safeinvestmentsa.ch/
Redirect Chain
  • https://cloud.safeinvestmentsagl.ch/
  • https://cloud.safeinvestmentsa.ch/
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed / PHP/8.2.22
Resource Hash
86efeb8e3dceaa1ef40b4173f3954c80c92a92a97f7ffa71c456dd517d352de5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
3406
content-type
text/html; charset=UTF-8
date
Thu, 15 Aug 2024 08:55:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.2.22

Redirect headers

content-length
24
content-type
text/plain
date
Thu, 15 Aug 2024 08:55:35 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
location
https://cloud.safeinvestmentsa.ch
server
nginx
x-proxy-cache-info
DT:1
bootstrap.min.css
cloud.safeinvestmentsa.ch/vfm-admin/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/css/bootstrap.min.css
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
ca6e81cd562347e287c83f829252cc0bfa92f75976885bfb1fd8ee03d8029a6f

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 13:41:03 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18193
expires
Thu, 22 Aug 2024 08:55:35 GMT
vfm-style.css
cloud.safeinvestmentsa.ch/vfm-admin/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/vfm-style.css
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
ca90f792a393b06a3ecc92215aa27fbea10ff0d9bea86ca7c87b366d6179765f

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 13:40:59 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7745
expires
Thu, 22 Aug 2024 08:55:35 GMT
font-awesome.min.css
cloud.safeinvestmentsa.ch/vfm-admin/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/css/font-awesome.min.css
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 13:41:04 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6658
expires
Thu, 22 Aug 2024 08:55:35 GMT
cs-white.css
cloud.safeinvestmentsa.ch/vfm-admin/_content/skins/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/_content/skins/cs-white.css
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
e2a9e6c4dd5ee37559794577d4f49d40f0aeddf0252e2fa357c1bf56304a85e1

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 13:41:24 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1557
expires
Thu, 22 Aug 2024 08:55:35 GMT
jquery-3.3.1.min.js
cloud.safeinvestmentsa.ch/vfm-admin/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/js/jquery-3.3.1.min.js
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 13:41:08 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
29664
api.js
www.google.com/recaptcha/ 		1 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&hl=de-DE
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
97a92f162f8701926997591dcaf5d2ae19a4b2a408f0e6d5783c96464621e5d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 15 Aug 2024 08:55:35 GMT
soundmanager2.min.js
cloud.safeinvestmentsa.ch/vfm-admin/js/soundmanager/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/js/soundmanager/soundmanager2.min.js?v=2.97
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
6d27370c608f6c2a4270394d1554a11b7458af1c92037da913bf77b714d8fccf

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 13:41:13 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
13491
app.min.js
cloud.safeinvestmentsa.ch/vfm-admin/js/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/js/app.min.js?v=3.7.8
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
502755cbc2a6f03dfcad815b2a970636edd02714d7558102903e068f62558649

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 13:41:07 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
10894
bootstrap.min.js
cloud.safeinvestmentsa.ch/vfm-admin/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/js/bootstrap.min.js?v=3.3.7
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 13:41:08 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
9432
video-js.min.css
cloud.safeinvestmentsa.ch/vfm-admin/js/videojs/ 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/js/videojs/video-js.min.css
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 13:41:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9592
expires
Thu, 22 Aug 2024 08:55:35 GMT
video.min.js
cloud.safeinvestmentsa.ch/vfm-admin/js/videojs/ 		486 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/js/videojs/video.min.js?v=7.4.1
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
203899925925bf68a6ecb3a874d51984044d3cc66aff16554570d2a34d03d306

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 13:41:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
131602
de.js
cloud.safeinvestmentsa.ch/vfm-admin/js/videojs/lang/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/js/videojs/lang/de.js
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
dc35b2af475dd8611a973b74cbc9cbd78be6586d7d7c7bc794ad7c43938bb9d2

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 13:41:37 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1732
header-image.jpg
cloud.safeinvestmentsa.ch/vfm-admin/_content/uploads/ 		530 KB
531 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/_content/uploads/header-image.jpg
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
915f1e726afae33ec062bbf43daf23a7d3c99f9747c1739700f710b9782b229f

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
last-modified
Tue, 16 Apr 2024 13:41:29 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
542961
expires
Thu, 22 Aug 2024 08:55:35 GMT
fontawesome-webfont.woff2
cloud.safeinvestmentsa.ch/vfm-admin/fonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/vfm-admin/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://cloud.safeinvestmentsa.ch/vfm-admin/css/font-awesome.min.css
Origin
https://cloud.safeinvestmentsa.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:55:35 GMT
last-modified
Tue, 16 Apr 2024 13:41:04 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
77160
expires
Thu, 22 Aug 2024 08:55:35 GMT
airport-bell.mp3
cloud.safeinvestmentsa.ch/vfm-admin/_content/audio/ 		50 KB
50 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/vfm-admin/_content/audio/airport-bell.mp3
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
035aadfb36a8a28481d974d9526dd2523279838161b8ac4d132be9784c0d883d

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-51078/51079
date
Thu, 15 Aug 2024 08:55:35 GMT
last-modified
Tue, 16 Apr 2024 13:41:15 GMT
server
LiteSpeed
Content-Length
51079
content-type
audio/mpeg
2aba6d91-d16c-4904-b1ac-1fe41aaf5259
https://cloud.safeinvestmentsa.ch/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://cloud.safeinvestmentsa.ch/2aba6d91-d16c-4904-b1ac-1fe41aaf5259
Requested by
Host: cloud.safeinvestmentsa.ch
URL: https://cloud.safeinvestmentsa.ch/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
recaptcha__de.js
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 		533 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit&hl=de-DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
Origin
https://cloud.safeinvestmentsa.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216180
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 04:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Aug 2025 08:21:02 GMT
anchor
www.google.com/recaptcha/api2/ Frame D371 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLOPkdAAAAAJZdv6zhyNdtoTkWUC59AlChHdx5&co=aHR0cHM6Ly9jbG91ZC5zYWZlaW52ZXN0bWVudHNhLmNoOjQ0Mw..&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=normal&cb=cjyhrfpc5uwt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UJaDpnmamwArGCV5ljkV_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UJaDpnmamwArGCV5ljkV_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Aug 2024 08:55:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
cloud.safeinvestmentsa.ch/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cloud.safeinvestmentsa.ch/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
80.88.84.228 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
linc098.arubabusiness.it
Software
LiteSpeed /
Resource Hash
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Aug 2024 08:55:36 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
server
LiteSpeed
content-length
1251
content-type
text/html
bframe
www.google.com/recaptcha/api2/ Frame 965D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&k=6LfLOPkdAAAAAJZdv6zhyNdtoTkWUC59AlChHdx5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2HCyTSwouu-Atm6T4fYwHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cloud.safeinvestmentsa.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2HCyTSwouu-Atm6T4fYwHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Aug 2024 08:55:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery object| audio_ping function| onloadCallback object| VFMinlinePlayer function| SoundManager object| soundManager function| closeAlert function| callClipboards function| checkNextPrev function| randomstring function| passwidget object| selected object| selectedfiles function| checkSelecta function| getHighest function| placeHolderheight function| updateSession function| checkNotiflist function| callTables function| printSearch function| initSearch function| removeQS function| createZipDir function| callBindZip function| createShareLink function| setupDelete function| pupulateMoveCopyform function| setupFolderTree function| treeToggler function| setupMove object| Modernizr object| bootbox string| script_url string| baselink function| b64DecodeUnicode object| vttjs function| WebVTT function| videojs function| loadVid function| loadImg object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_487048

1 Cookies

Domain/Path Name / Value
cloud.safeinvestmentsa.ch/ Name: vfm_933320930
Value: a41uh3rg5urlfl4cm0ppe85tncg026186nra94bgdeptrmfu

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://cloud.safeinvestmentsa.ch/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://cloud.safeinvestmentsa.ch/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.safeinvestmentsa.ch
cloud.safeinvestmentsagl.ch
www.google.com
www.gstatic.com
142.250.185.132
2a00:1450:4001:829::2003
35.214.160.1
80.88.84.228
035aadfb36a8a28481d974d9526dd2523279838161b8ac4d132be9784c0d883d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
203899925925bf68a6ecb3a874d51984044d3cc66aff16554570d2a34d03d306
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
502755cbc2a6f03dfcad815b2a970636edd02714d7558102903e068f62558649
6d27370c608f6c2a4270394d1554a11b7458af1c92037da913bf77b714d8fccf
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
86efeb8e3dceaa1ef40b4173f3954c80c92a92a97f7ffa71c456dd517d352de5
915f1e726afae33ec062bbf43daf23a7d3c99f9747c1739700f710b9782b229f
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
97a92f162f8701926997591dcaf5d2ae19a4b2a408f0e6d5783c96464621e5d3
ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03
ca6e81cd562347e287c83f829252cc0bfa92f75976885bfb1fd8ee03d8029a6f
ca90f792a393b06a3ecc92215aa27fbea10ff0d9bea86ca7c87b366d6179765f
dc35b2af475dd8611a973b74cbc9cbd78be6586d7d7c7bc794ad7c43938bb9d2
e2a9e6c4dd5ee37559794577d4f49d40f0aeddf0252e2fa357c1bf56304a85e1