cleverreach.helbing.ch Open in urlscan Pro
34.240.161.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://cleverreach.helbing.ch/m/7943368/1142846-183d4AB12ABCDEFGHIJKLMNOPQ9e134c89d2b6b66c5dedfbc1bd2a7e7c33AB12ABCDEFGHIJKLMN...
Submission: On May 19 via api (May 19th 2022, 11:44:21 pm UTC) from CH — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 12 HTTP transactions. The main IP is 34.240.161.20, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is cleverreach.helbing.ch.

This is the only time cleverreach.helbing.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	34.240.161.20 34.240.161.20	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	188.40.219.247 188.40.219.247	24940 (HETZNER-AS) (HETZNER-AS)
1	193.230.233.22 193.230.233.22	24704 (DGI) (DGI)
1	52.30.213.138 52.30.213.138	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
12	6

1 34.240.161.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-161-20.eu-west-1.compute.amazonaws.com

cleverreach.helbing.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.40.219.247 (Tann, Switzerland)

ASN24940 (HETZNER-AS, DE)
PTR: static.188-40-219-247.firestorm.ch

brief.legalis.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
brief.legalis-server.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.230.233.22 (Romania)

ASN24704 (DGI, RO)
PTR: test.legalis.ch

www.legalis.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.213.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-213-138.eu-west-1.compute.amazonaws.com

stats-eu1.crsend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	gstatic.com fonts.gstatic.com	65 KB
3	legalis.ch brief.legalis.ch www.legalis.ch	223 KB
1	crsend.com stats-eu1.crsend.com — Cisco Umbrella Rank: 391315	344 B
1	legalis-server.ch brief.legalis-server.ch	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	helbing.ch cleverreach.helbing.ch	11 KB
12	6

	Domain	Requested by
5	fonts.gstatic.com	fonts.googleapis.com
2	brief.legalis.ch	cleverreach.helbing.ch
1	stats-eu1.crsend.com	cleverreach.helbing.ch
1	brief.legalis-server.ch	cleverreach.helbing.ch
1	www.legalis.ch	cleverreach.helbing.ch
1	fonts.googleapis.com	cleverreach.helbing.ch
1	cleverreach.helbing.ch
12	7

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
brief.legalis.ch R3	`2022-05-04` - `2022-08-02`	3 months	crt.sh
*.legalis.ch RapidSSL RSA CA 2018	`2020-06-15` - `2022-06-18`	2 years	crt.sh
brief.legalis-server.ch R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
cleverreach.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://cleverreach.helbing.ch/m/7943368/1142846-183d4AB12ABCDEFGHIJKLMNOPQ9e134c89d2b6b66c5dedfbc1bd2a7e7c33AB12ABCDEFGHIJKLMNOPQfc0e93b6e64b183
Frame ID: 2BABECBB75552891ACE8DCF6FAFA1752
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Legalis Brief - Strafrecht

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

12
Requests

92 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

307 kB
Transfer

407 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 1142846-183d4AB12ABCDEFGHIJKLMNOPQ9e134c89d2b6b66c5dedfbc1bd2a7e7c33AB12ABCDEFGHIJKLMNOPQfc0e93b6e64b183 Show response
cleverreach.helbing.ch/m/7943368/ 102 KB
11 KB 224ms
194ms Document
text/html 34.240.161.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cleverreach.helbing.ch/m/7943368/1142846-183d4AB12ABCDEFGHIJKLMNOPQ9e134c89d2b6b66c5dedfbc1bd2a7e7c33AB12ABCDEFGHIJKLMNOPQfc0e93b6e64b183
Protocol: HTTP/1.1
Server: 34.240.161.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-161-20.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: f35793243f4c41b0f68460e85ee25b5d542283b4bd34d7551144b6674b846774

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 10623
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 May 2022 23:44:16 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-CR-I: www-eu1-i-056089d92acd530d4 D=163154 t=1653003856413129

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 39ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Khand:wght@400;600&family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: cleverreach.helbing.ch
URL: http://cleverreach.helbing.ch/m/7943368/1142846-183d4AB12ABCDEFGHIJKLMNOPQ9e134c89d2b6b66c5dedfbc1bd2a7e7c33AB12ABCDEFGHIJKLMNOPQfc0e93b6e64b183

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae478a098c6a7819c395da456fdef8094ef7d6c12993666940bca941be508be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cleverreach.helbing.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 23:44:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 23:44:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 23:44:16 GMT

GET
H2 200 bg-td-text-right-upd.jpg
brief.legalis.ch/wp-content/uploads/2022/04/ 73 KB
73 KB 133ms
47ms Image
image/jpeg 188.40.219.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brief.legalis.ch/wp-content/uploads/2022/04/bg-td-text-right-upd.jpg
Requested by: Host: cleverreach.helbing.ch
URL: http://cleverreach.helbing.ch/m/7943368/1142846-183d4AB12ABCDEFGHIJKLMNOPQ9e134c89d2b6b66c5dedfbc1bd2a7e7c33AB12ABCDEFGHIJKLMNOPQfc0e93b6e64b183
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.219.247 Tann, Switzerland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.188-40-219-247.firestorm.ch
Software: nginx / PleskLin
Resource Hash: 034462ae1f4ce370ada939198aed4ab06b39c72c5d60d28484a678f776815b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cleverreach.helbing.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:44:16 GMT
last-modified: Mon, 11 Apr 2022 16:30:09 GMT
server: nginx
x-powered-by: PleskLin
etag: "62545791-123d5"
content-type: image/jpeg
accept-ranges: bytes
content-length: 74709

GET
H/1.1 200
OK IMG-20201013-WA0001-800x800.jpg
www.legalis.ch/upgrade/wp-content/uploads/ 51 KB
51 KB 151ms
47ms Image
image/jpeg 193.230.233.22
DGI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.legalis.ch/upgrade/wp-content/uploads/IMG-20201013-WA0001-800x800.jpg
Requested by: Host: cleverreach.helbing.ch
URL: http://cleverreach.helbing.ch/m/7943368/1142846-183d4AB12ABCDEFGHIJKLMNOPQ9e134c89d2b6b66c5dedfbc1bd2a7e7c33AB12ABCDEFGHIJKLMNOPQfc0e93b6e64b183
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.230.233.22 , Romania, ASN24704 (DGI, RO),
Reverse DNS: test.legalis.ch
Software: Apache/2.4.18 /
Resource Hash: a058728d37b994cd71a79c2f4f0033229a10cc9e90b12d9a30ca1ffdd576c9d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cleverreach.helbing.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 23:44:16 GMT
Last-Modified: Wed, 18 May 2022 14:36:40 GMT
Server: Apache/2.4.18
ETag: "cb09-5df4a2f736308"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 51977

GET
H2 200 Logo_Brief.png
brief.legalis-server.ch/wp-content/uploads/2022/02/ 6 KB
6 KB 117ms
37ms Image
image/png 188.40.219.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brief.legalis-server.ch/wp-content/uploads/2022/02/Logo_Brief.png
Requested by: Host: cleverreach.helbing.ch
URL: http://cleverreach.helbing.ch/m/7943368/1142846-183d4AB12ABCDEFGHIJKLMNOPQ9e134c89d2b6b66c5dedfbc1bd2a7e7c33AB12ABCDEFGHIJKLMNOPQfc0e93b6e64b183
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.219.247 Tann, Switzerland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.188-40-219-247.firestorm.ch
Software: nginx / PleskLin
Resource Hash: ee685e9899f29358213c356e52284e8fc63cdf0e6675266aa26a105d34a7987a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cleverreach.helbing.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:44:16 GMT
last-modified: Thu, 17 Feb 2022 17:15:14 GMT
server: nginx
x-powered-by: PleskLin
etag: "620e82a2-196a"
content-type: image/png
accept-ranges: bytes
content-length: 6506

GET
H2 200 mc_85414_7943368_5e313c590-rc5lxs.gif
stats-eu1.crsend.com/stats/ 49 B
344 B 189ms
113ms Image
image/gif 52.30.213.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-eu1.crsend.com/stats/mc_85414_7943368_5e313c590-rc5lxs.gif
Requested by: Host: cleverreach.helbing.ch
URL: http://cleverreach.helbing.ch/m/7943368/1142846-183d4AB12ABCDEFGHIJKLMNOPQ9e134c89d2b6b66c5dedfbc1bd2a7e7c33AB12ABCDEFGHIJKLMNOPQfc0e93b6e64b183
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.213.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-213-138.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 8f5a7a860a933dde332de207de965350bb54d1923b6288db8c13dfefdf48f03b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cleverreach.helbing.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 23:44:16 GMT
server: Apache
content-type: image/gif
x-cr-i: stats-eu1-i-0e5664ff1351b0df3 D=81172 t=1653003856741946
cache-control: no-store, no-cache, must-revalidate
content-length: 49
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 footer_NL_fachdienste_strr.png
brief.legalis.ch/wp-content/uploads/2022/03/ 98 KB
98 KB 83ms
58ms Image
image/png 188.40.219.247
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brief.legalis.ch/wp-content/uploads/2022/03/footer_NL_fachdienste_strr.png
Requested by: Host: cleverreach.helbing.ch
URL: http://cleverreach.helbing.ch/m/7943368/1142846-183d4AB12ABCDEFGHIJKLMNOPQ9e134c89d2b6b66c5dedfbc1bd2a7e7c33AB12ABCDEFGHIJKLMNOPQfc0e93b6e64b183
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.40.219.247 Tann, Switzerland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.188-40-219-247.firestorm.ch
Software: nginx / PleskLin
Resource Hash: 4b476976edad6e5acb80690c95f8122246682d96209bda22ec6d203fe4668f62

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://cleverreach.helbing.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 23:44:16 GMT
last-modified: Fri, 25 Mar 2022 17:44:45 GMT
server: nginx
x-powered-by: PleskLin
etag: "623dff8d-188cd"
content-type: image/png
accept-ranges: bytes
content-length: 100557

GET
H2 200 TwMN-IINQlQQ0bKNdmEwbQc.woff2
fonts.gstatic.com/s/khand/v14/ 14 KB
15 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/khand/v14/TwMN-IINQlQQ0bKNdmEwbQc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Khand:wght@400;600&family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8252132803d4b7029e865219b1b895f1f0eaeab5e346077a2e68d287046d932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://cleverreach.helbing.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 21:39:41 GMT
x-content-type-options: nosniff
age: 180275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:38:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 21:39:41 GMT

GET
H2 200 o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
fonts.gstatic.com/s/notosans/v27/ 11 KB
11 KB 40ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Khand:wght@400;600&family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

420f8e3b772990108a7a5e260b53420123a1bd22a82848984595452c9355ab1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://cleverreach.helbing.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 10:35:18 GMT
x-content-type-options: nosniff
age: 306538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11652
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 10:35:18 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 35ms
10ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Khand:wght@400;600&family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://cleverreach.helbing.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 21:23:03 GMT
x-content-type-options: nosniff
age: 94873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 21:23:03 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 12 KB
13 KB 38ms
15ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Khand:wght@400;600&family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://cleverreach.helbing.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 20:52:35 GMT
x-content-type-options: nosniff
age: 269501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 20:52:35 GMT

GET
H2 200 TwMA-IINQlQQ0bpSUnQ.woff2
fonts.gstatic.com/s/khand/v14/ 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/khand/v14/TwMA-IINQlQQ0bpSUnQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Khand:wght@400;600&family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1f111e914b64da197b11cda92bb0f3686f19b216c2260d6ac3fb8e729e5d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://cleverreach.helbing.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 21:33:58 GMT
x-content-type-options: nosniff
age: 180618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13972
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:49:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 21:33:58 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cleverreach.helbing.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: Hx7IjWz6OBGg9mld0sqdFEJGaXNFs5x8ps90fgxoKsZqHetf
			stats-eu1.crsend.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8v4ZFXnf7IbFvtz3jfkamcyATwV0217Fsr2HpSc5Q8gCAh1J

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

brief.legalis-server.ch
brief.legalis.ch
cleverreach.helbing.ch
fonts.googleapis.com
fonts.gstatic.com
stats-eu1.crsend.com
www.legalis.ch
188.40.219.247
193.230.233.22
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
34.240.161.20
52.30.213.138
034462ae1f4ce370ada939198aed4ab06b39c72c5d60d28484a678f776815b5a
420f8e3b772990108a7a5e260b53420123a1bd22a82848984595452c9355ab1f
4b476976edad6e5acb80690c95f8122246682d96209bda22ec6d203fe4668f62
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8f5a7a860a933dde332de207de965350bb54d1923b6288db8c13dfefdf48f03b
a058728d37b994cd71a79c2f4f0033229a10cc9e90b12d9a30ca1ffdd576c9d7
ae478a098c6a7819c395da456fdef8094ef7d6c12993666940bca941be508be5
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
cc1f111e914b64da197b11cda92bb0f3686f19b216c2260d6ac3fb8e729e5d89
d8252132803d4b7029e865219b1b895f1f0eaeab5e346077a2e68d287046d932
ee685e9899f29358213c356e52284e8fc63cdf0e6675266aa26a105d34a7987a
f35793243f4c41b0f68460e85ee25b5d542283b4bd34d7551144b6674b846774

cleverreach.helbing.ch Open in urlscan Pro 34.240.161.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

33 %IPv6

6 Domains

7 Subdomains

6 IPs

4 Countries

307 kBTransfer

407 kBSize

2 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

Indicators

cleverreach.helbing.ch Open in urlscan Pro
34.240.161.20 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

307 kB
Transfer

407 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions