meine-ruckerstattung.swisskomm.ch Open in urlscan Pro
103.39.135.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.ecu.edu.au/3wdeeGq
Effective URL:
https://meine-ruckerstattung.swisskomm.ch/captcha
Submission: On February 07 via automatic, source openphish (February 7th 2024, 1:17:02 am UTC) — Scanned from AU

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 19 HTTP transactions. The main IP is 103.39.135.51, located in India and belongs to EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN. The main domain is meine-ruckerstattung.swisskomm.ch.
TLS certificate: Issued by R3 on February 4th 2024. Valid for: 3 months.

This is the only time meine-ruckerstattung.swisskomm.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.12 67.199.248.12	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	188.166.204.185 188.166.204.185	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	35.213.179.238 35.213.179.238	15169 (GOOGLE) (GOOGLE)
5	103.39.135.51 103.39.135.51	133694 (EMAXGLOBA...) (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.147.188 172.64.147.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.19.219.90 104.19.219.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.64.128.7 172.64.128.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	6

1 67.199.248.12 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com

s.ecu.edu.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.204.185 (Singapore, Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

go.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.213.179.238 (Singapore, Singapore) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 238.179.213.35.bc.googleusercontent.com

clicka.tel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.39.135.51 (India)

ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN)
PTR: produs02.webhost365.net

meine-ruckerstattung.swisskomm.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.147.188 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api2.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.128.7 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	hcaptcha.com js.hcaptcha.com — Cisco Umbrella Rank: 10372 newassets.hcaptcha.com — Cisco Umbrella Rank: 7041 api2.hcaptcha.com — Cisco Umbrella Rank: 14986	500 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1448 ka-f.fontawesome.com — Cisco Umbrella Rank: 3140	35 KB
5	swisskomm.ch meine-ruckerstattung.swisskomm.ch	215 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	38 KB
1	clicka.tel 1 redirects clicka.tel	536 B
1	go.my 1 redirects go.my	130 B
1	ecu.edu.au 1 redirects s.ecu.edu.au	228 B
19	7

	Domain	Requested by
5	newassets.hcaptcha.com	js.hcaptcha.com newassets.hcaptcha.com
5	meine-ruckerstattung.swisskomm.ch	meine-ruckerstattung.swisskomm.ch
4	ka-f.fontawesome.com	kit.fontawesome.com
2	cdnjs.cloudflare.com	meine-ruckerstattung.swisskomm.ch
1	api2.hcaptcha.com	newassets.hcaptcha.com
1	js.hcaptcha.com	meine-ruckerstattung.swisskomm.ch
1	kit.fontawesome.com	meine-ruckerstattung.swisskomm.ch
1	clicka.tel	1 redirects
1	go.my	1 redirects
1	s.ecu.edu.au	1 redirects
19	10

This site contains no links.

Subject Issuer	Validity	Valid
meine-ruckerstattung.swisskomm.ch R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://meine-ruckerstattung.swisskomm.ch/captcha
Frame ID: CB17D3936D597B148C066ABFC7B18F51
Requests: 13 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=l9t115cyu5
Frame ID: 15DF0D975FCA6D751373B97611B9C89C
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html
Frame ID: 03682732B43E0202900C1D1285E6B901
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Swisscom - Roboter Verifizierung

Page URL History Show full URLs

https://s.ecu.edu.au/3wdeeGq HTTP 301
https://go.my/enxvZYd HTTP 301
https://clicka.tel/5sfvoki HTTP 301
https://meine-ruckerstattung.swisskomm.ch/captcha Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

6
IPs

4
Countries

788 kB
Transfer

2517 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.ecu.edu.au/3wdeeGq HTTP 301
https://go.my/enxvZYd HTTP 301
https://clicka.tel/5sfvoki HTTP 301
https://meine-ruckerstattung.swisskomm.ch/captcha Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request captcha Show response
meine-ruckerstattung.swisskomm.ch/
Redirect Chain

https://s.ecu.edu.au/3wdeeGq
https://go.my/enxvZYd
https://clicka.tel/5sfvoki
https://meine-ruckerstattung.swisskomm.ch/captcha

2 KB
2 KB

2067ms
1094ms

Document
text/html

103.39.135.51
EMAXGLOBAL-AS EMA...

General

Check archive.org

Show headers Download Go to

Full URL: https://meine-ruckerstattung.swisskomm.ch/captcha
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 103.39.135.51 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN),
Reverse DNS: produs02.webhost365.net
Software: LiteSpeed /
Resource Hash: 44900c23ec0819ee85c9ca46adfb5da55b28b052a6b6183b569eda9289314553

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-cache, private
content-encoding: gzip
content-length: 927
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 01:16:55 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 01:16:53 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
location: https://meine-ruckerstattung.swisskomm.ch/captcha
pragma: no-cache
server: nginx
x-httpd-modphp: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0301 NC:000000 UP:SKIP_CACHE_SET_COOKIE

GET
H2 200 antibot.css
meine-ruckerstattung.swisskomm.ch/dinzab/ 683 B
424 B 301ms
299ms Stylesheet
text/css 103.39.135.51
EMAXGLOBAL-AS EMA...

General

Check archive.org

Show headers Download Go to

Full URL: https://meine-ruckerstattung.swisskomm.ch/dinzab/antibot.css
Requested by: Host: meine-ruckerstattung.swisskomm.ch
URL: https://meine-ruckerstattung.swisskomm.ch/captcha
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 103.39.135.51 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN),
Reverse DNS: produs02.webhost365.net
Software: LiteSpeed /
Resource Hash: 47510f2a94e3af78d2ccb8bf3a911b2c0b392faa669308627d5e9b914d809526

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://meine-ruckerstattung.swisskomm.ch/captcha
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:56 GMT
content-encoding: br
last-modified: Mon, 04 Sep 2023 01:07:15 GMT
server: LiteSpeed
etag: "2ab-64f52dc3-a6d21;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 261
expires: Wed, 14 Feb 2024 01:16:56 GMT

GET
H2 200 god.css
meine-ruckerstattung.swisskomm.ch/dinzab/ 636 KB
84 KB 301ms
300ms Stylesheet
text/css 103.39.135.51
EMAXGLOBAL-AS EMA...

General

Check archive.org

Show headers Download Go to

Full URL: https://meine-ruckerstattung.swisskomm.ch/dinzab/god.css
Requested by: Host: meine-ruckerstattung.swisskomm.ch
URL: https://meine-ruckerstattung.swisskomm.ch/captcha
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 103.39.135.51 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN),
Reverse DNS: produs02.webhost365.net
Software: LiteSpeed /
Resource Hash: 58c75f8337d2242d4512b01ada4975082f2b0c7e7ce41a8a0abfaf0264bcff5b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://meine-ruckerstattung.swisskomm.ch/captcha
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:56 GMT
content-encoding: br
last-modified: Tue, 19 Dec 2023 11:03:25 GMT
server: LiteSpeed
etag: "9ee9f-6581787d-a6d10;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 85922
expires: Wed, 14 Feb 2024 01:16:56 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/ 85 KB
27 KB 23ms
10ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js

Requested by

Host: meine-ruckerstattung.swisskomm.ch
URL: https://meine-ruckerstattung.swisskomm.ch/captcha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://meine-ruckerstattung.swisskomm.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4785744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27437
last-modified: Tue, 01 Aug 2023 17:19:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93eb6-6b2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OtxEuRA4t5bgGmC1THjJcARj2DRKw6SX25ugR5D8ew%2Bl5l2%2B4CnMI1Kgj8dyBj6PZDCrwfjSep3ecakRAcp8P3%2FLjyUfBaJD4o4Spp6TrMkAkdh1la4S8e3qsQxsOSo%2BKq9Pm16"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8517ca51da15a947-SYD
expires: Mon, 27 Jan 2025 01:16:55 GMT

GET
H2 200 axios.min.js Show response
cdnjs.cloudflare.com/ajax/libs/axios/1.4.0/ 31 KB
11 KB 24ms
12ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/axios/1.4.0/axios.min.js

Requested by

Host: meine-ruckerstattung.swisskomm.ch
URL: https://meine-ruckerstattung.swisskomm.ch/captcha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://meine-ruckerstattung.swisskomm.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6413087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10759
last-modified: Tue, 01 Aug 2023 15:02:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c91e74-2a07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FFcGYLMLERuP5x%2FunG3xgEQ1blb24gxYB9pqIIx2JP444PKjz1DYCMszyDeU3TIWcYj6j%2BBP21h4cs2SJQFsxMj1ig9D3A%2FljbLBSeKLFBaFBtjGV1TB4zTGT80Dvz9x09y12wI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8517ca51da17a947-SYD
expires: Mon, 27 Jan 2025 01:16:55 GMT

GET
H2 200 363d4a4d7b.js Show response
kit.fontawesome.com/ 12 KB
5 KB 296ms
280ms Script
text/javascript 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/363d4a4d7b.js
Requested by: Host: meine-ruckerstattung.swisskomm.ch
URL: https://meine-ruckerstattung.swisskomm.ch/captcha
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d3b01b78fb61713a45fa37896b83cf7ad43d39c98bdc35718a6098f7a20e769

Request headers

Referer: https://meine-ruckerstattung.swisskomm.ch/
Origin: https://meine-ruckerstattung.swisskomm.ch
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:56 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8517ca51de985d30-SYD
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F7Fvwsm_bknzcdkanGDB

GET
H2 200 api.js Show response
js.hcaptcha.com/1/ 326 KB
92 KB 54ms
39ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hcaptcha.com/1/api.js?hl=en

Requested by

Host: meine-ruckerstattung.swisskomm.ch
URL: https://meine-ruckerstattung.swisskomm.ch/captcha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://meine-ruckerstattung.swisskomm.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 1b76276e9fd9c7bd637ed463cc0a5976.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: EWHNDPoE5ftpmErhJIwmGeaNXj5HLxHT
age: 0
x-amz-cf-pop: SFO20-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
etag: W/"fbd0e8fceba7f4b3dee625e845b0fbdf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 8517ca578d445d22-SYD
x-amz-cf-id: NdogExYjMYY4a4UWCPcUrWG13txsNelgrfI52VMIQwoR-NY2Ti5cXA==

GET
H2 200 bot.png
meine-ruckerstattung.swisskomm.ch/dinzab/ 53 KB
53 KB 901ms
901ms Image
image/png 103.39.135.51
EMAXGLOBAL-AS EMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meine-ruckerstattung.swisskomm.ch/dinzab/bot.png
Requested by: Host: meine-ruckerstattung.swisskomm.ch
URL: https://meine-ruckerstattung.swisskomm.ch/captcha
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 103.39.135.51 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN),
Reverse DNS: produs02.webhost365.net
Software: LiteSpeed /
Resource Hash: bf432257b47f8e6f1744841140eb963794c7427abd3f2edcc85ecce2875d1f67

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://meine-ruckerstattung.swisskomm.ch/captcha
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:56 GMT
last-modified: Tue, 04 Jul 2023 20:23:28 GMT
server: LiteSpeed
etag: "d242-64a47fc0-a6d14;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 53826
expires: Wed, 14 Feb 2024 01:16:56 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.5.1/css/ 101 KB
23 KB 606ms
106ms Fetch
text/css 172.64.128.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=363d4a4d7b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/363d4a4d7b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.128.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://meine-ruckerstattung.swisskomm.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:57 GMT
via: 1.1 a9fb1933765b2e0a17ee7cee382c4058.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
etag: W/"edc53d8d44037708e54122b9e30bb2a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krrLui2RQDvOTcwqjnZVpNCNyZoHVC7kjYgGdhn%2FAsIeWaMdoKhz5yKDT89eCe8PAUm6eXV3481a408OiTzomzQb%2FF8%2FWOm323Jd2iPjKveKkxjdRJEKkwXhF7Euh4l30vodHgXwvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8517ca5b0a914977-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: J0Kgbc6yIRGg0pfZJ3zzqSv-SNVniRx9aia-JQcndG0m5S4n0oV3sw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.5.1/css/ 27 KB
5 KB 625ms
126ms Fetch
text/css 172.64.128.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=363d4a4d7b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/363d4a4d7b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.128.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://meine-ruckerstattung.swisskomm.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:57 GMT
via: 1.1 96284f61084e7118716cb8c5c34dd7a0.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: W/"604d6da359831b0dc67e0f522f1ff94d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CArBWRlJSKElIV3aC9pzjIsT7AH34ncWvzn%2BukdzAfhaTFgGW4G%2BtVN9wQSNT%2BEnp3g0PTZJgh5LcTiylYKMK5lcbtC4YpjG3WeksYjpR4zlFGbC3sPe2f8iB0Wez2Y9jszTh8%2FqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8517ca5b0a8e4977-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: qn87js3Sknxq6CdMNJYXmeNpNuekhatdqyqUnS8CF9LFmSarwdXWtQ==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.1/css/ 823 B
710 B 624ms
125ms Fetch
text/css 172.64.128.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=363d4a4d7b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/363d4a4d7b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.128.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://meine-ruckerstattung.swisskomm.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:57 GMT
via: 1.1 1e6c252eb75ca2cd762cd042a9e5c038.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: W/"496965a55b1faa4d5c41073ef276afc0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0DhYWoiI0X%2B6XMHD2qCYp2ldQ96rM0qbnzK%2BxrwXk5XzT9tT%2B4M1%2FYcinmRY68CKiLYdlT%2Fc1mAr6iWB4GhIXN2QIOvIlUU0YXAUmdGkwskf1AKc%2FmKSXAxKLZ8mj4hy9K1uYy0oA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8517ca5b0a8f4977-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: hDtRcexobA-IVsUezWQ-V4lPo6QRTJIC_rpFUGH_osfdvHTMsEJ_8w==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.1/css/ 2 KB
1 KB 603ms
104ms Fetch
text/css 172.64.128.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=363d4a4d7b
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/363d4a4d7b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.128.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://meine-ruckerstattung.swisskomm.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:57 GMT
via: 1.1 edbe37857ecef88edf038f3b8d7d9742.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: W/"cc84affe95dbdd9726525f57d20b4ea6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqZH%2FoNm7kxI8ch7%2BSRkIlULrXu%2BQKO1BEasRas6hj%2FgIcVBxUCduMnaKxqrk%2FrEZnU5tWLHvpn4FCaoSftXAncb0dYV4QkfH2K6SKLIAk7m%2BbeP1Nffe2%2FRCQqo2sFOZ7PsDE9osA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8517ca5b0a904977-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: oWv-R52x8nZcTxUlQj8Zr-SRsUiMwCoFpYs60GaYpO5SCkRfv42U0Q==

GET
H2 200 bg-post.png
meine-ruckerstattung.swisskomm.ch/dinzab/ 76 KB
76 KB 299ms
299ms Image
image/png 103.39.135.51
EMAXGLOBAL-AS EMA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meine-ruckerstattung.swisskomm.ch/dinzab/bg-post.png
Requested by: Host: meine-ruckerstattung.swisskomm.ch
URL: https://meine-ruckerstattung.swisskomm.ch/captcha
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 103.39.135.51 , India, ASN133694 (EMAXGLOBAL-AS EMAX GLOBAL MEDIA PVT. LTD, IN),
Reverse DNS: produs02.webhost365.net
Software: LiteSpeed /
Resource Hash: 2b743217c60cae6994f9bc9637d098685f27808c78b47f995f2ca7a22956eb2e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://meine-ruckerstattung.swisskomm.ch/captcha
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:57 GMT
last-modified: Tue, 19 Dec 2023 11:30:40 GMT
server: LiteSpeed
etag: "1308f-65817ee0-a6d15;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 77967
expires: Wed, 14 Feb 2024 01:16:57 GMT

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/2a00369/static/ Frame 15DF 2 KB
876 B 22ms
14ms Document
text/html 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=l9t115cyu5

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9e0db0bf99a4cbc65672c9db995134fe6f665cd9082dad40a89e338f14c15e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://meine-ruckerstattung.swisskomm.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-origin: *
age: 2073183
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 8517ca57fe145d22-SYD
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 01:16:56 GMT
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 818b6b525d2eddbd06b7b29e74f7b270.cloudfront.net (CloudFront)
x-amz-cf-id: HXiNKPRtBnV6XPDP-G5X0V_qDPFVckItxYq6kDPay_Fa1sa3IE0Q6A==
x-amz-cf-pop: SFO20-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 5seh2Fy1m5uAejWNOpND.L8.XAC93K8_
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/2a00369/static/ Frame 0368 2 KB
944 B 16ms
10ms Document
text/html 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c4bcaf1925ffb9466bb242626f1f2517db245436e2c073d4134a1714ca0b63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://meine-ruckerstattung.swisskomm.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-origin: *
age: 2073183
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 8517ca57fe125d22-SYD
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 01:16:56 GMT
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 818b6b525d2eddbd06b7b29e74f7b270.cloudfront.net (CloudFront)
x-amz-cf-id: HXiNKPRtBnV6XPDP-G5X0V_qDPFVckItxYq6kDPay_Fa1sa3IE0Q6A==
x-amz-cf-pop: SFO20-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 5seh2Fy1m5uAejWNOpND.L8.XAC93K8_
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/2a00369/ Frame 0368 326 KB
92 KB 10ms
9ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 1b76276e9fd9c7bd637ed463cc0a5976.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: EWHNDPoE5ftpmErhJIwmGeaNXj5HLxHT
age: 18550
x-amz-cf-pop: SFO20-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
etag: W/"fbd0e8fceba7f4b3dee625e845b0fbdf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8517ca582e2d5d22-SYD
x-amz-cf-id: NdogExYjMYY4a4UWCPcUrWG13txsNelgrfI52VMIQwoR-NY2Ti5cXA==

GET
H3 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/2a00369/ Frame 15DF 326 KB
92 KB 16ms
15ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=l9t115cyu5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=l9t115cyu5
Origin: https://newassets.hcaptcha.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 a46f7dcdfa7630ab92712a32ece3853c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: EWHNDPoE5ftpmErhJIwmGeaNXj5HLxHT
age: 656873
x-amz-cf-pop: SFO20-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 19:30:31 GMT
server: cloudflare
etag: W/"fbd0e8fceba7f4b3dee625e845b0fbdf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8517ca583ca5a819-SYD
x-amz-cf-id: lV31JQ2myG9_e3XzWGxLRMx5MYJfdU8kJQ3Ov9w7cxpgYwSSMRrZEw==

GET
DATA 200
OK truncated
/ Frame 0368 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 checksiteconfig Show response
api2.hcaptcha.com/ Frame 15DF 700 B
1006 B 168ms
160ms XHR
application/json 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.hcaptcha.com/checksiteconfig?v=2a00369&host=meine-ruckerstattung.swisskomm.ch&sitekey=b87beb46-758a-4999-ab2c-41b9630f4b6e&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51fbedb8abaa2e7c3a47a79d29b0c703e77c7d2e2ce3bb05e2837eefaeaf0b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 01:16:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 8517ca58beab5d22-SYD
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc: h3=":443"; ma=86400

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/e67200e/ Frame 15DF 509 KB
222 KB 18ms
18ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/e67200e/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2a00369/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c67c76c1ca4e1e469a736d4c81348ae145d9fc5fd19d200ec1966ec9bcba32b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/2a00369/static/hcaptcha.html?_v=l9t115cyu5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:16:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 12f10b9e24f9ba8391bdd5a5e055c81c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: A5L5z8Oz6O42Yp_wi8nWm7EBl2CC5art
age: 7200
x-amz-cf-pop: SFO20-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 Jan 2024 16:02:42 GMT
server: cloudflare
etag: W/"6e552010526dc6155b99fd5e8192a877"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 8517ca59bdfda819-SYD
x-amz-cf-id: HKu02vrY8khr6jtxCpCcUQOPx7pklHrylQkywNbfi6iRu15cmc-dbg==

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.s.ecu.edu.au/	1970-01-20 22:33:40	Name: _bit Value: o171gQ-765758ca2abe05fc7a-00x
clicka.tel/	1969-12-31 23:59:59	Name: PHPSESSID Value: ead56a01a46c23768b7aef27b20d2b85
clicka.tel/	1970-01-20 18:15:55	Name: s_statistics_95131 Value: 0
meine-ruckerstattung.swisskomm.ch/	1970-01-20 18:14:35	Name: XSRF-TOKEN Value: eyJpdiI6InZCL1BzanRRS2hHMHFrKzlRakc2SGc9PSIsInZhbHVlIjoiS25iQ2dVNTJBVnZxK2NKMWkwNlZUYlFMSEpheWxXT2c5Zk1rakhCRXdyMTdlMGJKMkIwSERMSjlrdUJsWEVYUUVyZXZEU0JzQUxtVE5GdllHcmNReEliWVdVMHp0VC8yaFE5bTZZYlN2b2tlT0k3c25sQmRocEw4ZmpPMU9NdHEiLCJtYWMiOiJiM2IzNDFkOTBmNjI1NmZmMTliNTQ4YTgxMjc1NzdjOTUyM2E3ZTQ4NDc1MTdiMzJmYWM0ZjQ5MTA3NjVhZWI5IiwidGFnIjoiIn0%3D
meine-ruckerstattung.swisskomm.ch/	1970-01-20 18:14:35	Name: laravel_session Value: eyJpdiI6IkdIUlhXaDVHQW9mWDZMeFA1VW15R0E9PSIsInZhbHVlIjoiN2ZvT0I5c0VNMGJLR0RCVXlJRVJlYnhMZWh6cFBESG9LalYrSmZxeEYwOW1Oc0JPdWxuM0lyRzBxMUxXdkJWR1B5cTZtWUpPRGJJaTdMYWFhYXBlQk5NZG5xbnJ4bmdWK1RPSVNNdlM4NVVBQzZSV25jUGVkVlVWNlBJSzVRVW8iLCJtYWMiOiIyNzM3MGQ2ZmE1ZGZkZTAzMjA0Nzk3YTk4Mjc2ODg0YzExMmRhZmU5YzhjYWUzMzBkMjJkYTA3NjliOGQ0NjUzIiwidGFnIjoiIn0%3D
api2.hcaptcha.com/	1970-01-20 18:14:30	Name: __cflb Value: 0H28vk2VKwPbLoawFinKp3ZFiJS6XviSErjtyGFoKaV

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://meine-ruckerstattung.swisskomm.ch/captcha Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.hcaptcha.com
cdnjs.cloudflare.com
clicka.tel
go.my
js.hcaptcha.com
ka-f.fontawesome.com
kit.fontawesome.com
meine-ruckerstattung.swisskomm.ch
newassets.hcaptcha.com
s.ecu.edu.au
103.39.135.51
104.17.24.14
104.19.219.90
172.64.128.7
172.64.147.188
188.166.204.185
35.213.179.238
67.199.248.12
0d3b01b78fb61713a45fa37896b83cf7ad43d39c98bdc35718a6098f7a20e769
2b743217c60cae6994f9bc9637d098685f27808c78b47f995f2ca7a22956eb2e
44900c23ec0819ee85c9ca46adfb5da55b28b052a6b6183b569eda9289314553
47510f2a94e3af78d2ccb8bf3a911b2c0b392faa669308627d5e9b914d809526
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
58c75f8337d2242d4512b01ada4975082f2b0c7e7ce41a8a0abfaf0264bcff5b
5c4bcaf1925ffb9466bb242626f1f2517db245436e2c073d4134a1714ca0b63d
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be
6c67c76c1ca4e1e469a736d4c81348ae145d9fc5fd19d200ec1966ec9bcba32b
a51fbedb8abaa2e7c3a47a79d29b0c703e77c7d2e2ce3bb05e2837eefaeaf0b3
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab
b9e0db0bf99a4cbc65672c9db995134fe6f665cd9082dad40a89e338f14c15e2
bf432257b47f8e6f1744841140eb963794c7427abd3f2edcc85ecce2875d1f67
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
ed80804c791a1a3b8d7f86bbbdcb0fa653f2aa9679b585e7d259aa63cce1073a
f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408
fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e

meine-ruckerstattung.swisskomm.ch Open in urlscan Pro 103.39.135.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

7 Domains

10 Subdomains

6 IPs

4 Countries

788 kBTransfer

2517 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

6 Cookies

1 Console Messages

Indicators

meine-ruckerstattung.swisskomm.ch Open in urlscan Pro
103.39.135.51 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

6
IPs

4
Countries

788 kB
Transfer

2517 kB
Size

6
Cookies

19 HTTP transactions
1 data transactions