amazingplacesonearth.com Open in urlscan Pro
108.179.200.163 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fitoru.com/patrick.filas/swissphone/com
Effective URL:
https://amazingplacesonearth.com/xero/aspx1.php
Submission: On February 03 via api (February 3rd 2022, 10:48:04 pm UTC) from CH — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 41 HTTP transactions. The main IP is 108.179.200.163, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is amazingplacesonearth.com.
TLS certificate: Issued by R3 on December 16th 2021. Valid for: 3 months.

This is the only time amazingplacesonearth.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Outlook Web Access (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.165.241.225 54.165.241.225	14618 (AMAZON-AES) (AMAZON-AES)
1 3	108.179.200.163 108.179.200.163	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	13.32.99.33 13.32.99.33	16509 (AMAZON-02) (AMAZON-02)
17	3.126.160.151 3.126.160.151	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:5f80:a::... 2a03:5f80:a::b212:e7d1	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
41	14

1 54.165.241.225 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-241-225.compute-1.amazonaws.com

fitoru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.179.200.163 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: cs367.bluehost.com

amazingplacesonearth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-33.fra60.r.cloudfront.net

logo.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 3.126.160.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com

www.swissphone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:5f80:a::b212:e7d1 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	swissphone.com www.swissphone.com	1 MB
8	gstatic.com www.gstatic.com fonts.gstatic.com	427 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 546 www.linkedin.com — Cisco Umbrella Rank: 647 px4.ads.linkedin.com — Cisco Umbrella Rank: 5501	3 KB
4	google.com www.google.com — Cisco Umbrella Rank: 13	39 KB
3	amazingplacesonearth.com 1 redirects amazingplacesonearth.com	25 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	313 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	114 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1098	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	60 KB
1	clearbit.com logo.clearbit.com — Cisco Umbrella Rank: 28071	3 KB
1	fitoru.com 1 redirects fitoru.com	177 B
41	13

	Domain	Requested by
17	www.swissphone.com	amazingplacesonearth.com www.swissphone.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.swissphone.com www.gstatic.com www.google.com
3	amazingplacesonearth.com	1 redirects amazingplacesonearth.com
2	px.ads.linkedin.com	2 redirects
2	www.facebook.com	www.swissphone.com
2	connect.facebook.net	amazingplacesonearth.com connect.facebook.net
1	px4.ads.linkedin.com	www.swissphone.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	www.swissphone.com
1	www.googletagmanager.com	www.swissphone.com
1	logo.clearbit.com	amazingplacesonearth.com
1	fitoru.com	1 redirects
41	16

This site contains no links.

Subject Issuer	Validity	Valid
mail.nutcheese.site R3	`2021-12-16` - `2022-03-16`	3 months	crt.sh
clearbit.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
www.swissphone.com Amazon	`2021-12-18` - `2023-01-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-13` - `2022-02-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://amazingplacesonearth.com/xero/aspx1.php
Frame ID: DF72EB17C19612528BCAF54A1565C9B4
Requests: 7 HTTP requests in this frame

Frame: https://www.swissphone.com/
Frame ID: 661E15FBDDCC4D3EC21F04FA101F53EB
Requests: 49 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D&co=aHR0cHM6Ly93d3cuc3dpc3NwaG9uZS5jb206NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=zand7h9ku0cy
Frame ID: E7C3E91B491A49D66A4BC607B062DE1F
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F4158DC5F9D46C7CA96C40F631D0496B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to Swissphone Security and Quarantine Center

Page URL History Show full URLs

https://fitoru.com/patrick.filas/swissphone/com HTTP 302
https://amazingplacesonearth.com/xero/?domain=c3dpc3NwaG9uZS5jb20=&&client-request-id=cGF0cmljay5maWxhc0Bzd2l... HTTP 302
https://amazingplacesonearth.com/xero/aspx1.php Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

41
Requests

98 %
HTTPS

67 %
IPv6

13
Domains

16
Subdomains

14
IPs

3
Countries

1782 kB
Transfer

5518 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fitoru.com/patrick.filas/swissphone/com HTTP 302
https://amazingplacesonearth.com/xero/?domain=c3dpc3NwaG9uZS5jb20=&&client-request-id=cGF0cmljay5maWxhc0Bzd2lzc3Bob25lLmNvbQ== HTTP 302
https://amazingplacesonearth.com/xero/aspx1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928480766&url=https%3A%2F%2Famazingplacesonearth.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2038641%26time%3D1643928480766%26url%3Dhttps%253A%252F%252Famazingplacesonearth.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928480766&url=https%3A%2F%2Famazingplacesonearth.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928480766&url=https%3A%2F%2Famazingplacesonearth.com%2F&liSync=true&e_ipv6=AQLNace_9H7EYgAAAX7Bxe1c2c4ntFH52nghBSD0SBp-bb8nByWChLXkjBCPLyOSDno7A6BC

41 HTTP transactions
24 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request aspx1.php Show response
amazingplacesonearth.com/xero/
Redirect Chain

https://fitoru.com/patrick.filas/swissphone/com
https://amazingplacesonearth.com/xero/?domain=c3dpc3NwaG9uZS5jb20=&&client-request-id=cGF0cmljay5maWxhc0Bzd2lzc3Bob25lLmNvbQ==
https://amazingplacesonearth.com/xero/aspx1.php

51 KB
24 KB

299ms
298ms

Document
text/html

108.179.200.163
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://amazingplacesonearth.com/xero/aspx1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.179.200.163 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: cs367.bluehost.com
Software: Apache /
Resource Hash: e297dbe3b9e3bc0561eccaf3d0902377905b95da3edb6c6c543fd4d8d58f4c06

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 03 Feb 2022 22:47:59 GMT
server: Apache
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
host-header: Y2xvdWQuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false

Redirect headers

date: Thu, 03 Feb 2022 22:47:59 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: aspx1.php
host-header: Y2xvdWQuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false

GET
H2 200 swissphone.com
logo.clearbit.com/ 3 KB
3 KB 56ms
8ms Image
image/png 13.32.99.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logo.clearbit.com/swissphone.com
Requested by: Host: amazingplacesonearth.com
URL: https://amazingplacesonearth.com/xero/aspx1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-33.fra60.r.cloudfront.net
Software: envoy /
Resource Hash: 3377eb13c917e09a515a3215d824109ae9f331ed268cd72eca4b5dc1e7d0ecd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://amazingplacesonearth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 01:21:30 GMT
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
server: envoy
age: 336389
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: AEpaZD9O_x6Ls1afL3Bs514iuZ6bGuQACxHNf1z5GGO7UBIfm4P7ew==

GET
H2 200 / Show response
www.swissphone.com/ Frame 661E 356 KB
52 KB 66ms
33ms Document
text/html 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swissphone.com/

Requested by

Host: amazingplacesonearth.com
URL: https://amazingplacesonearth.com/xero/aspx1.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-160-151.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.43 () OpenSSL/1.0.2k-fips /

Resource Hash

9ebdce358cc5551b15795a3fb31b5cb0c29bff862b55cf598b8da514a0a60873

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://expo-ip.com https://www.expo-ip.com
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://amazingplacesonearth.com/

Response headers

date: Thu, 03 Feb 2022 22:47:59 GMT
content-type: text/html; charset=UTF-8
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
x-cache-handler: cache-enabler-engine
content-encoding: gzip
x-content-type-options: nosniff
cache-control: max-age=0
expires: Thu, 03 Feb 2022 22:47:59 GMT
age: 3600
strict-transport-security: max-age=63072000
x-ua-compatible: IE=edge,chrome=1
content-security-policy: block-all-mixed-content; upgrade-insecure-requests
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://expo-ip.com https://www.expo-ip.com
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 404 segoeui-regular.ttf
amazingplacesonearth.com/owa/auth/15.1.2242/themes/resources/ 0
0 1245ms
1245ms Font
text/html 108.179.200.163
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://amazingplacesonearth.com/owa/auth/15.1.2242/themes/resources/segoeui-regular.ttf
Requested by: Host: amazingplacesonearth.com
URL: https://amazingplacesonearth.com/xero/aspx1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.179.200.163 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: cs367.bluehost.com
Software: Apache /
Resource Hash

Request headers

Referer: https://amazingplacesonearth.com/xero/aspx1.php
Origin: https://amazingplacesonearth.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:59 GMT
content-encoding: gzip
x-nginx-cache: WordPress
server: Apache
vary: Origin,Accept-Encoding
x-endurance-cache-level: 2
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amazingplacesonearth.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
server-timing: amp_sanitizer;dur="78.6",amp_style_sanitizer;dur="38.9",amp_tag_and_attribute_sanitizer;dur="13.9",amp_optimizer;dur="19.9"
host-header: Y2xvdWQuYmx1ZWhvc3QuY29t
link: <https://amazingplacesonearth.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 jquery.js Show response
www.swissphone.com/wp-includes/js/jquery/ Frame 661E 282 KB
83 KB 35ms
35ms Script
application/javascript 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-includes/js/jquery/jquery.js
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:59 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:32:43 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "46758-5cac6de2cc79c-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 22:47:59 GMT

GET
H2 200 autoptimize_85dac9dcfdf1410bc8f8b9e180f7e678.css
www.swissphone.com/wp-content/cache/autoptimize/1/css/ Frame 661E 1 MB
181 KB 56ms
56ms Stylesheet
text/css 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_85dac9dcfdf1410bc8f8b9e180f7e678.css
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: f88aac0ed939fa97a40ea8d050eb9ad3cc4b0b2a4e7fd6c783db06a500270c88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:59 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 20:58:16 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "1486a3-5d72364aca196-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 22:47:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 661E 171 KB
60 KB 172ms
74ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NG5QTV5

Requested by

Host: www.swissphone.com
URL: https://www.swissphone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c693b6cedaab8d1fcf62971e9acf4db7bd133661e3ef9436ab252ceac73380ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60493
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 21:55:46 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Feb 2022 22:48:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 661E 30 KB
2 KB 146ms
49ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7COpen+Sans%3A600%2C400%2C700%2C400italic%2C300%7COpen+Sans:700%2C800%2C400%2C600%7CRoboto:400%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=latin%2Clatin-ext%2Clatin&display=swap

Requested by

Host: www.swissphone.com
URL: https://www.swissphone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9751741bf4e4c7b5e4c0b3c9b869d8e8b960da41a951bf2e0df1e83270b7c82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 22:48:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Feb 2022 22:48:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Feb 2022 22:48:00 GMT

GET
H2 200 autoptimize_541e2ced151704f4ff1844c6de47ec02.css
www.swissphone.com/wp-content/cache/autoptimize/1/css/ Frame 661E 7 KB
1 KB 75ms
74ms Stylesheet
text/css 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_541e2ced151704f4ff1844c6de47ec02.css
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 2e05a099697256c998974e9155f9d6c2c2df700504628e7cb30977fe773eb63c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 20:58:16 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "1b6d-5d72364acc0d6-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1170
expires: Tue, 24 Jan 2023 22:48:00 GMT

GET
H2 200 autoptimize_single_69a0022c4348cbd4d3c50a78a62e90ac.css
www.swissphone.com/wp-content/cache/autoptimize/1/css/ Frame 661E 3 KB
996 B 50ms
49ms Stylesheet
text/css 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_single_69a0022c4348cbd4d3c50a78a62e90ac.css
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 3c48fb0c3a465fa4f611d0127b5823a690c747834acd5e6a4b08b2db247fac52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:59 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 20:58:15 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "da7-5d72364a08be7-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 732
expires: Tue, 24 Jan 2023 22:47:59 GMT

GET
H2 200 jquery.min.js Show response
www.swissphone.com/wp-includes/js/jquery/ Frame 661E 87 KB
30 KB 48ms
47ms Script
application/javascript 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:59 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:32:43 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "15db1-5cac6de2cc79c-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30908
expires: Sat, 05 Mar 2022 22:47:59 GMT

GET
H2 200 Swissphone-Logo_rgb_400-pixel_save.png
www.swissphone.com/wp-content/uploads/2018/06/ Frame 661E 9 KB
9 KB 65ms
64ms Image
image/png 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.swissphone.com/wp-content/uploads/2018/06/Swissphone-Logo_rgb_400-pixel_save.png
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 4c55c400cf785b8e1cf66a6e0c98f1a1e3d59f4fd92d81e627c4ead572ba1d7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
last-modified: Tue, 04 Feb 2020 15:40:51 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "2251-59dc1dd52e6c0-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8608
expires: Sat, 05 Mar 2022 22:48:00 GMT

GET
H2 200 LP_sGUARD_Header-1.jpg
www.swissphone.com/wp-content/uploads/2021/10/ Frame 661E 132 KB
130 KB 25ms
24ms Image
image/jpeg 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.swissphone.com/wp-content/uploads/2021/10/LP_sGUARD_Header-1.jpg
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: f6c128638385955032a340765d21b6181b070fcdf65618dd88737aba4762068d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 12:58:48 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "20f01-5cdc2d2d65fe4-gzip"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 22:48:00 GMT

GET
H2 200 Header_SOS-Button_neu.jpg
www.swissphone.com/wp-content/uploads/2021/03/ Frame 661E 136 KB
136 KB 58ms
57ms Image
image/jpeg 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.swissphone.com/wp-content/uploads/2021/03/Header_SOS-Button_neu.jpg
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 80ad2b2796fa8203a03ac3add947efd914c3bb53c01c94fd30a575aed76970f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 10:00:28 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "22041-5be6d9a0758f4-gzip"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 22:48:00 GMT

GET
H2 200 lazysizes.min.js Show response
www.swissphone.com/wp-content/plugins/autoptimize/classes/external/js/ Frame 661E 10 KB
4 KB 68ms
67ms Script
application/javascript 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.1
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:32:40 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "2655-5cac6de0317c3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4122
expires: Sat, 05 Mar 2022 22:48:00 GMT

GET
H2 200 regenerator-runtime.min.js Show response
www.swissphone.com/wp-includes/js/dist/vendor/ Frame 661E 6 KB
3 KB 25ms
25ms Script
application/javascript 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:59 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:32:43 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "1906-5cac6de2ca85c-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2398
expires: Sat, 05 Mar 2022 22:47:59 GMT

GET
H2 200 wp-polyfill.min.js Show response
www.swissphone.com/wp-includes/js/dist/vendor/ Frame 661E 16 KB
6 KB 29ms
29ms Script
application/javascript 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:32:43 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "4056-5cac6de2ca85c-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6031
expires: Sat, 05 Mar 2022 22:47:59 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 661E 884 B
998 B 139ms
49ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D

Requested by

Host: www.swissphone.com
URL: https://www.swissphone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c92532788d2d81546b7a6aee6339cbccae5f39fada5b41b3bf6033006fbdd228

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 22:48:00 GMT

GET
H2 200 autoptimize_2b71a763c032b87d4ec18d586f28a480.js Show response
www.swissphone.com/wp-content/cache/autoptimize/1/js/ Frame 661E 1 MB
341 KB 94ms
93ms Script
application/javascript 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/js/autoptimize_2b71a763c032b87d4ec18d586f28a480.js
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: d9c28135dce56386a74085405f81c4b81befda43be63c65dd0a17830d2fc6a1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 20:58:15 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "150d3b-5d72364a02e28-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 22:48:00 GMT

GET
DATA 200
OK truncated
/ Frame 661E 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fontawesome-webfont.woff
www.swissphone.com/wp-content/themes/salient/css/fonts/ Frame 661E 96 KB
96 KB 56ms
56ms Font
application/font-woff 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_85dac9dcfdf1410bc8f8b9e180f7e678.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_85dac9dcfdf1410bc8f8b9e180f7e678.css
Origin: https://www.swissphone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
last-modified: Sun, 16 Feb 2020 16:46:17 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "17ee8-59eb42d71c6a2-gzip"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 22:48:00 GMT

GET
H2 200 icomoon.woff
www.swissphone.com/wp-content/themes/salient/css/fonts/ Frame 661E 20 KB
11 KB 55ms
55ms Font
application/font-woff 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/themes/salient/css/fonts/icomoon.woff?v=1.1
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_85dac9dcfdf1410bc8f8b9e180f7e678.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 2af6ccbee0a1b6080db4aa581b1cec2d6d41d53daeee65280afc061ba77009e7

Request headers

Referer: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_85dac9dcfdf1410bc8f8b9e180f7e678.css
Origin: https://www.swissphone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:32:42 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "4e54-5cac6de20447e-gzip"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10690
expires: Sat, 05 Mar 2022 22:48:00 GMT

GET
DATA 200
OK truncated
/ Frame 661E 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61d314c923005869cca32b10dee91bcac610a9b25958d618879de9c794d6c167

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17cd8098feb91a69d8e37f0854afc427a46cda431ddd845cae49494bb628640b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6ce68345eae894026d9c6c896d57a6493d96bbcee909bd15e7c8a3c1c935a55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a9f09226ab04e562e290afd3edbe93887ae12bc15c29317b72dccb74fd87a75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70603249e5fbdd3626974b991e7077931b5384a686d9a420e0fe91463069b3b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab3a4f490d691a7e866181f4200bbad90fec72c65a677a58b9d9cde785665773

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac15f33aef72d070b61deab8e5a0a806a0420b6b0725994c760da55bdf788e4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54e43e5e10e88ff1ca8d063bcd013ace3b9a492e04580c6c2196f516f8470717

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 661E 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aea8b18fbab2fe88ebd3d33c5c413e56cbc894baa1665bff5fb905f465a2078d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f58e772e2d0445fb2dc8a4b39024c25972001f9ab36630ad6991dc73e022568a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 331237713cb134dbcbbbd3867c0a5c1153b8dbc28324e3163a64ae3b8077d931

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1e2243c9773c5eee7ca12ce9a8f31124476995b47ea63135a7170611a3da136

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c9385c67c60ef4003b19645b552ac101f8ae7f6c79069397e8e6be7dd229e0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f9a1f6492c842951464ac3c8b65199769907026b0d257f04cafbbdf75be3749

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a7cb59b3449427881e63e984f9baf50c27c6946a2f64c6c96eca42fd75ce2c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82fa43eb86da42e7122175e8fea9b1c4b5fa7ee57d485ebfc9436c16aa706a1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4234c4f36d1eb0b18cef1f1b68748d270bed41e00a17e12f6c4266753d4f7b44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d1e311415e3168202ae0855dc12da1b99df08ad8c3a1cf5411d727623ca26e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 661E 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 661E 356 KB
140 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.swissphone.com/
Origin: https://www.swissphone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 20:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143107
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 05:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 20:55:08 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 661E 44 KB
44 KB 123ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7COpen+Sans%3A600%2C400%2C700%2C400italic%2C300%7COpen+Sans:700%2C800%2C400%2C600%7CRoboto:400%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=latin%2Clatin-ext%2Clatin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.swissphone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 167606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 00:14:34 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 661E 47 KB
47 KB 158ms
84ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.swissphone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:03:59 GMT
x-content-type-options: nosniff
age: 215041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 11:03:59 GMT

GET
H2 200 banner-1-optin.css
www.swissphone.com/wp-content/uploads/complianz/css/ Frame 661E 16 KB
3 KB 21ms
21ms Stylesheet
text/css 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/uploads/complianz/css/banner-1-optin.css?v=12
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/js/autoptimize_2b71a763c032b87d4ec18d586f28a480.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-160-151.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 91152b52c2cba4febb09b588c2d1c4275e559aac8315916278c0043eb3811604

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 19:47:01 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "3eb5-5d72265e49325-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3028
expires: Sat, 05 Mar 2022 22:48:00 GMT

POST
H2 200 / Show response
www.swissphone.com/ Frame 661E 708 B
855 B 601ms
601ms XHR
application/json 3.126.160.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swissphone.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: www.swissphone.com
URL: https://www.swissphone.com/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.160.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-160-151.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.43 () OpenSSL/1.0.2k-fips /

Resource Hash

79a54e092e0021c14c67ddcd588d461ae8188ca3b19cacb4a9b6a0c2bc8900e7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://expo-ip.com https://www.expo-ip.com
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.swissphone.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3600
vary: Accept-Encoding
content-length: 323
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
x-frame-options: ALLOW-FROM https://expo-ip.com https://www.expo-ip.com
strict-transport-security: max-age=63072000
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.swissphone.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-security-policy: block-all-mixed-content; upgrade-insecure-requests
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 661E 49 KB
20 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG5QTV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4386
date: Thu, 03 Feb 2022 21:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 03 Feb 2022 23:34:54 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 661E 5 KB
2 KB 261ms
66ms Script
application/x-javascript 2a03:5f80:a::b212:e7d1
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG5QTV5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7d1 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 22:48:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=16478
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 661E 99 KB
27 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: amazingplacesonearth.com
URL: https://amazingplacesonearth.com/xero/aspx1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: OwPp7xzfr8LIoenj4uSIFqA8nfjYlxVTUJrv6rdtcfi/WpBUAgbLoei/piX2B+EisYPHDqVSmWZdBqPgUzXJSg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 03 Feb 2022 22:48:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E7C3 40 KB
21 KB 63ms
62ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D&co=aHR0cHM6Ly93d3cuc3dpc3NwaG9uZS5jb206NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=zand7h9ku0cy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f20efcb85da8f7b2733799efa463f7386d53aa95d5df40e44e9c8af0be82c813

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ajqcmRDcGMlO+EUDmkWaTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 03 Feb 2022 22:48:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-ajqcmRDcGMlO+EUDmkWaTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21000
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2473074122940090 Show response
connect.facebook.net/signals/config/ Frame 661E 307 KB
88 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2473074122940090?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c9f471d2df503943a37646d41f509c382ad53615fdf7bc855341b75d987c259

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89116
x-xss-protection: 0
pragma: public
x-fb-debug: X3FspN9afq30PyGDQU4WNzFSSvr425fWH6y8b07av8iYxXhVifrU6kG4A/HX8sU9VaN8j5/5F4A525IV8j1E+A==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 03 Feb 2022 22:48:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 661E 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2473074122940090&ev=PageView&dl=https%3A%2F%2Fwww.swissphone.com%2F&rl=https%3A%2F%2Famazingplacesonearth.com%2F&if=true&ts=1643928480599&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&it=1643928480560&coo=false&exp=p1&rqm=GET

Requested by

Host: www.swissphone.com
URL: https://www.swissphone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 03 Feb 2022 22:48:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame E7C3 51 KB
24 KB 86ms
39ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D&co=aHR0cHM6Ly93d3cuc3dpc3NwaG9uZS5jb206NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=zand7h9ku0cy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 18:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 05:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 18:34:47 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame E7C3 356 KB
140 KB 105ms
58ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 20:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143107
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 05:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 20:55:08 GMT

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 661E
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928480766&url=https%3A%2F%2Famazingplacesonearth.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2038641%26time%3D1643928480766%26url%3Dhttps%253A%252F%252Famazingplacesonearth.c...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928480766&url=https%3A%2F%2Famazingplacesonearth.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928480766&url=https%3A%2F%2Famazingplacesonearth.com%2F&liSync=true&e_ipv6=AQLNace_9H7EYgAAAX7Bxe1c2c4ntFH52nghBSD0SBp-bb8nByWCh...

0
155 B

306ms
113ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928480766&url=https%3A%2F%2Famazingplacesonearth.com%2F&liSync=true&e_ipv6=AQLNace_9H7EYgAAAX7Bxe1c2c4ntFH52nghBSD0SBp-bb8nByWChLXkjBCPLyOSDno7A6BC
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:01 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: Y1pycj5o0BYQMsXb2ioAAA==

Redirect headers

date: Thu, 03 Feb 2022 22:48:01 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3F439380D6D64C248926C4102D084D8A Ref B: FRAEDGE0916 Ref C: 2022-02-03T22:48:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928480766&url=https%3A%2F%2Famazingplacesonearth.com%2F&liSync=true&e_ipv6=AQLNace_9H7EYgAAAX7Bxe1c2c4ntFH52nghBSD0SBp-bb8nByWChLXkjBCPLyOSDno7A6BC
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXXJO0m8FB5qpADH0rfRw==

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E7C3 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 186492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 08 Feb 2022 18:59:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E7C3 15 KB
15 KB 89ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 214195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E7C3 15 KB
15 KB 86ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 186492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E7C3 102 B
134 B 49ms
49ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D&co=aHR0cHM6Ly93d3cuc3dpc3NwaG9uZS5jb206NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=zand7h9ku0cy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 22:48:00 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame E7C3 30 KB
17 KB 84ms
83ms XHR
application/json 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dc7db0d51a040c87da6856420bf94ecec88252e57b3a35dbbe8396b3b9f217e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D&co=aHR0cHM6Ly93d3cuc3dpc3NwaG9uZS5jb206NDQz&hl=de&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=zand7h9ku0cy
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 03 Feb 2022 22:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17112
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 22:48:01 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F415 0
18 B 17ms
8ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.swissphone.com
URL: https://www.swissphone.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.swissphone.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.swissphone.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Thu, 03 Feb 2022 22:48:01 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Outlook Web Access (Online)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 04:58:00	Name: _GRECAPTCHA Value: 09APj96hR9mgD6-B2wv5UFtw0UKDXVz4jXn5qXgh8oSTSn17RoH_IjWntSf49Bhj6LaRa1Rr7smTXwPS8V4HPElzE
amazingplacesonearth.com/xero	1969-12-31 23:59:59	Name: cookieTest Value: 1
amazingplacesonearth.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 07039f64bd66a493d2113ff405715ec6
.linkedin.com/	1970-01-20 01:22:00	Name: UserMatchHistory Value: AQKeKmmZmkx4pgAAAX7BxexonajmOv9NEx4NsWL-0QvUmgDz4DQVO5y4x24XgNa7JahHxj0eCeVkQw
.linkedin.com/	1970-01-20 01:22:00	Name: AnalyticsSyncHistory Value: AQL6npVYTHMDoQAAAX7BxexopJssJH61nUeS5mUM9K8m_KPkHegbTgwef9dDaFt15v6LRgStN4fwFfvZXQKd1A
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:10:42	Name: bcookie Value: "v=2&6bb1fd18-de4a-4b7d-8df9-83be2908bc7c"
.linkedin.com/	1970-01-20 00:40:14	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2539:u=1:x=1:i=1643928480:t=1644014880:v=2:sig=AQEhlSl7y_qgrlNYI_L8Cl0czorFeeyR"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:10:42	Name: bscookie Value: "v=1&20220203224800c2d4860d-f758-4306-8584-dc0999e6a894AQHBF3IFASUHgy7zO3u-TZHHQRfOHRne"
.linkedin.com/	1970-01-20 17:58:24	Name: li_gc Value: MTswOzE2NDM5Mjg0ODA7MjswMjEnV5/CqrUYa6rA1Bg2XnEKbDL+bj6n83rGxMgiNqcOUw==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://www.swissphone.com/ Message: Invalid 'X-Frame-Options' header encountered when loading 'https://www.swissphone.com/': 'ALLOW-FROM https://expo-ip.com https://www.expo-ip.com' is not a recognized directive. The header will be ignored.
network	error	URL: https://amazingplacesonearth.com/owa/auth/15.1.2242/themes/resources/segoeui-regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.swissphone.com/ Message: The resource https://www.swissphone.com/wp-includes/js/jquery/jquery.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazingplacesonearth.com
connect.facebook.net
fitoru.com
fonts.googleapis.com
fonts.gstatic.com
logo.clearbit.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.swissphone.com
108.174.10.14
108.179.200.163
13.32.99.33
2620:1ec:21::14
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::200a
2a00:1450:4001:831::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:5f80:a::b212:e7d1
3.126.160.151
54.165.241.225
07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17cd8098feb91a69d8e37f0854afc427a46cda431ddd845cae49494bb628640b
1a9f09226ab04e562e290afd3edbe93887ae12bc15c29317b72dccb74fd87a75
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c9f471d2df503943a37646d41f509c382ad53615fdf7bc855341b75d987c259
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2af6ccbee0a1b6080db4aa581b1cec2d6d41d53daeee65280afc061ba77009e7
2d1e311415e3168202ae0855dc12da1b99df08ad8c3a1cf5411d727623ca26e3
2e05a099697256c998974e9155f9d6c2c2df700504628e7cb30977fe773eb63c
2f9a1f6492c842951464ac3c8b65199769907026b0d257f04cafbbdf75be3749
331237713cb134dbcbbbd3867c0a5c1153b8dbc28324e3163a64ae3b8077d931
3377eb13c917e09a515a3215d824109ae9f331ed268cd72eca4b5dc1e7d0ecd7
3c48fb0c3a465fa4f611d0127b5823a690c747834acd5e6a4b08b2db247fac52
3c9385c67c60ef4003b19645b552ac101f8ae7f6c79069397e8e6be7dd229e0d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4234c4f36d1eb0b18cef1f1b68748d270bed41e00a17e12f6c4266753d4f7b44
4c55c400cf785b8e1cf66a6e0c98f1a1e3d59f4fd92d81e627c4ead572ba1d7b
4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a
54e43e5e10e88ff1ca8d063bcd013ace3b9a492e04580c6c2196f516f8470717
5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce
5a7cb59b3449427881e63e984f9baf50c27c6946a2f64c6c96eca42fd75ce2c6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61d314c923005869cca32b10dee91bcac610a9b25958d618879de9c794d6c167
6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a
70603249e5fbdd3626974b991e7077931b5384a686d9a420e0fe91463069b3b4
79a54e092e0021c14c67ddcd588d461ae8188ca3b19cacb4a9b6a0c2bc8900e7
80ad2b2796fa8203a03ac3add947efd914c3bb53c01c94fd30a575aed76970f2
82fa43eb86da42e7122175e8fea9b1c4b5fa7ee57d485ebfc9436c16aa706a1e
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
91152b52c2cba4febb09b588c2d1c4275e559aac8315916278c0043eb3811604
9751741bf4e4c7b5e4c0b3c9b869d8e8b960da41a951bf2e0df1e83270b7c82f
9ebdce358cc5551b15795a3fb31b5cb0c29bff862b55cf598b8da514a0a60873
a008730522299bbac4765f675e7c08282ce7e440c55fcf93c59edc8d12be3851
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6ce68345eae894026d9c6c896d57a6493d96bbcee909bd15e7c8a3c1c935a55
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
ab3a4f490d691a7e866181f4200bbad90fec72c65a677a58b9d9cde785665773
ac15f33aef72d070b61deab8e5a0a806a0420b6b0725994c760da55bdf788e4b
aea8b18fbab2fe88ebd3d33c5c413e56cbc894baa1665bff5fb905f465a2078d
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c1e2243c9773c5eee7ca12ce9a8f31124476995b47ea63135a7170611a3da136
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c693b6cedaab8d1fcf62971e9acf4db7bd133661e3ef9436ab252ceac73380ab
c92532788d2d81546b7a6aee6339cbccae5f39fada5b41b3bf6033006fbdd228
d9c28135dce56386a74085405f81c4b81befda43be63c65dd0a17830d2fc6a1a
d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b
dc7db0d51a040c87da6856420bf94ecec88252e57b3a35dbbe8396b3b9f217e3
e297dbe3b9e3bc0561eccaf3d0902377905b95da3edb6c6c543fd4d8d58f4c06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
ebc6ea0f875078e989460766ea6ae585b43650cb2408daf4183e72a4101881f0
f20efcb85da8f7b2733799efa463f7386d53aa95d5df40e44e9c8af0be82c813
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f58e772e2d0445fb2dc8a4b39024c25972001f9ab36630ad6991dc73e022568a
f6c128638385955032a340765d21b6181b070fcdf65618dd88737aba4762068d
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f88aac0ed939fa97a40ea8d050eb9ad3cc4b0b2a4e7fd6c783db06a500270c88
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

amazingplacesonearth.com Open in urlscan Pro 108.179.200.163 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

67 %IPv6

13 Domains

16 Subdomains

14 IPs

3 Countries

1782 kBTransfer

5518 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 24 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

amazingplacesonearth.com Open in urlscan Pro
108.179.200.163 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

67 %
IPv6

13
Domains

16
Subdomains

14
IPs

3
Countries

1782 kB
Transfer

5518 kB
Size

11
Cookies

41 HTTP transactions
24 data transactions