amazingplacesonearth.com Open in urlscan Pro
108.179.200.163 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fitoru.com/mark.atkins/swissphone/com
Effective URL:
https://amazingplacesonearth.com/xero/aspx1.php
Submission: On February 03 via api (February 3rd 2022, 10:47:09 pm UTC) from CH — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 41 HTTP transactions. The main IP is 108.179.200.163, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is amazingplacesonearth.com.
TLS certificate: Issued by R3 on December 16th 2021. Valid for: 3 months.

This is the only time amazingplacesonearth.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Outlook Web Access (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.165.241.225 54.165.241.225	14618 (AMAZON-AES) (AMAZON-AES)
1 3	108.179.200.163 108.179.200.163	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	108.157.4.26 108.157.4.26	16509 (AMAZON-02) (AMAZON-02)
17	18.195.73.235 18.195.73.235	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:5f80:a::... 2a03:5f80:a::b212:e7c0	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
41	14

1 54.165.241.225 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-241-225.compute-1.amazonaws.com

fitoru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.179.200.163 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: cs367.bluehost.com

amazingplacesonearth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.26 (United States)

ASN16509 (AMAZON-02, US)

logo.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 18.195.73.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com

www.swissphone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:5f80:a::b212:e7c0 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	swissphone.com www.swissphone.com	1 MB
8	gstatic.com www.gstatic.com fonts.gstatic.com	428 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 546 www.linkedin.com — Cisco Umbrella Rank: 647 px4.ads.linkedin.com — Cisco Umbrella Rank: 5501	3 KB
4	google.com www.google.com — Cisco Umbrella Rank: 13	39 KB
3	amazingplacesonearth.com 1 redirects amazingplacesonearth.com	25 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	313 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	114 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1098	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	60 KB
1	clearbit.com logo.clearbit.com — Cisco Umbrella Rank: 28071	3 KB
1	fitoru.com 1 redirects fitoru.com	175 B
41	13

	Domain	Requested by
17	www.swissphone.com	amazingplacesonearth.com www.swissphone.com
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.swissphone.com www.gstatic.com www.google.com
3	amazingplacesonearth.com	1 redirects amazingplacesonearth.com
2	px.ads.linkedin.com	2 redirects
2	www.facebook.com	www.swissphone.com
2	connect.facebook.net	amazingplacesonearth.com connect.facebook.net
1	px4.ads.linkedin.com	www.swissphone.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	www.swissphone.com
1	www.googletagmanager.com	www.swissphone.com
1	logo.clearbit.com	amazingplacesonearth.com
1	fitoru.com	1 redirects
41	16

This site contains no links.

Subject Issuer	Validity	Valid
mail.nutcheese.site R3	`2021-12-16` - `2022-03-16`	3 months	crt.sh
clearbit.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
www.swissphone.com Amazon	`2021-12-18` - `2023-01-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-13` - `2022-02-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://amazingplacesonearth.com/xero/aspx1.php
Frame ID: 9A1E91A9FA4E5F8A8CB0D7478293DD5B
Requests: 7 HTTP requests in this frame

Frame: https://www.swissphone.com/
Frame ID: 90E169130CEC8BE955FF74315A643751
Requests: 49 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D&co=aHR0cHM6Ly93d3cuc3dpc3NwaG9uZS5jb206NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=ou0a9rnoum0v
Frame ID: 7EE37A9C27915C62E89E1A526AF3C089
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A7267867FA1C1AF9C15DAF2CF0940B88
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to Swissphone Security and Quarantine Center

Page URL History Show full URLs

https://fitoru.com/mark.atkins/swissphone/com HTTP 302
https://amazingplacesonearth.com/xero/?domain=c3dpc3NwaG9uZS5jb20=&&client-request-id=bWFyay5hdGtpbnNAc3dpc3N... HTTP 302
https://amazingplacesonearth.com/xero/aspx1.php Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

41
Requests

98 %
HTTPS

67 %
IPv6

13
Domains

16
Subdomains

14
IPs

3
Countries

1782 kB
Transfer

5516 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fitoru.com/mark.atkins/swissphone/com HTTP 302
https://amazingplacesonearth.com/xero/?domain=c3dpc3NwaG9uZS5jb20=&&client-request-id=bWFyay5hdGtpbnNAc3dpc3NwaG9uZS5jb20= HTTP 302
https://amazingplacesonearth.com/xero/aspx1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928425806&url=https%3A%2F%2Famazingplacesonearth.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2038641%26time%3D1643928425806%26url%3Dhttps%253A%252F%252Famazingplacesonearth.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928425806&url=https%3A%2F%2Famazingplacesonearth.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928425806&url=https%3A%2F%2Famazingplacesonearth.com%2F&liSync=true&e_ipv6=AQIzg3bXueXACAAAAX7BxRfVmh2AQkDdMKFCcIOroL_rDY-kmbtOzwLW0Q8JWJ-aiVpiaVsA

41 HTTP transactions
24 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request aspx1.php Show response
amazingplacesonearth.com/xero/
Redirect Chain

https://fitoru.com/mark.atkins/swissphone/com
https://amazingplacesonearth.com/xero/?domain=c3dpc3NwaG9uZS5jb20=&&client-request-id=bWFyay5hdGtpbnNAc3dpc3NwaG9uZS5jb20=
https://amazingplacesonearth.com/xero/aspx1.php

51 KB
24 KB

274ms
274ms

Document
text/html

108.179.200.163
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://amazingplacesonearth.com/xero/aspx1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.179.200.163 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: cs367.bluehost.com
Software: Apache /
Resource Hash: c9c106049dff5c5dcfabb256dac2d9c3dc8552411d4fd59bdec300329cda8739

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
server: Apache
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
host-header: Y2xvdWQuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false

Redirect headers

date: Thu, 03 Feb 2022 22:47:03 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: aspx1.php
host-header: Y2xvdWQuYmx1ZWhvc3QuY29t
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false

GET
H2 200 swissphone.com
logo.clearbit.com/ 3 KB
3 KB 85ms
10ms Image
image/png 108.157.4.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logo.clearbit.com/swissphone.com
Requested by: Host: amazingplacesonearth.com
URL: https://amazingplacesonearth.com/xero/aspx1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 3377eb13c917e09a515a3215d824109ae9f331ed268cd72eca4b5dc1e7d0ecd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://amazingplacesonearth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 07:29:50 GMT
via: 1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
server: envoy
age: 832634
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: xZT6NBOY_LMsrfHOKolsqApQEX8meY7tv3_oSE28-U4j5s8fPNQv5w==

GET
H2 200 / Show response
www.swissphone.com/ Frame 90E1 356 KB
52 KB 128ms
25ms Document
text/html 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swissphone.com/

Requested by

Host: amazingplacesonearth.com
URL: https://amazingplacesonearth.com/xero/aspx1.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-73-235.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.43 () OpenSSL/1.0.2k-fips /

Resource Hash

9ebdce358cc5551b15795a3fb31b5cb0c29bff862b55cf598b8da514a0a60873

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://expo-ip.com https://www.expo-ip.com
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://amazingplacesonearth.com/

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-type: text/html; charset=UTF-8
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
x-cache-handler: cache-enabler-engine
content-encoding: gzip
x-content-type-options: nosniff
cache-control: max-age=0
expires: Thu, 03 Feb 2022 22:47:04 GMT
age: 3600
strict-transport-security: max-age=63072000
x-ua-compatible: IE=edge,chrome=1
content-security-policy: block-all-mixed-content; upgrade-insecure-requests
vary: Accept-Encoding
x-frame-options: ALLOW-FROM https://expo-ip.com https://www.expo-ip.com
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 404 segoeui-regular.ttf
amazingplacesonearth.com/owa/auth/15.1.2242/themes/resources/ 0
0 1480ms
1480ms Font
text/html 108.179.200.163
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://amazingplacesonearth.com/owa/auth/15.1.2242/themes/resources/segoeui-regular.ttf
Requested by: Host: amazingplacesonearth.com
URL: https://amazingplacesonearth.com/xero/aspx1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.179.200.163 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: cs367.bluehost.com
Software: Apache /
Resource Hash

Request headers

Referer: https://amazingplacesonearth.com/xero/aspx1.php
Origin: https://amazingplacesonearth.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
x-nginx-cache: WordPress
server: Apache
vary: Origin,Accept-Encoding
x-endurance-cache-level: 2
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amazingplacesonearth.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
server-timing: amp_sanitizer;dur="99.9",amp_style_sanitizer;dur="47.8",amp_tag_and_attribute_sanitizer;dur="22.2",amp_optimizer;dur="19.8"
host-header: Y2xvdWQuYmx1ZWhvc3QuY29t
link: <https://amazingplacesonearth.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 jquery.js Show response
www.swissphone.com/wp-includes/js/jquery/ Frame 90E1 282 KB
83 KB 34ms
34ms Script
application/javascript 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-includes/js/jquery/jquery.js
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:32:43 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "46758-5cac6de2cc79c-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 22:47:04 GMT

GET
H2 200 autoptimize_85dac9dcfdf1410bc8f8b9e180f7e678.css
www.swissphone.com/wp-content/cache/autoptimize/1/css/ Frame 90E1 1 MB
181 KB 61ms
61ms Stylesheet
text/css 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_85dac9dcfdf1410bc8f8b9e180f7e678.css
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: f88aac0ed939fa97a40ea8d050eb9ad3cc4b0b2a4e7fd6c783db06a500270c88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 20:58:16 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "1486a3-5d72364aca196-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 22:47:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 90E1 171 KB
60 KB 147ms
59ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NG5QTV5

Requested by

Host: www.swissphone.com
URL: https://www.swissphone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ac064d9714d7d7a6321d121266c9d5c2353e890ad131d79b1dbd96c288f2c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60492
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 21:55:46 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Feb 2022 22:47:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 90E1 30 KB
2 KB 133ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7COpen+Sans%3A600%2C400%2C700%2C400italic%2C300%7COpen+Sans:700%2C800%2C400%2C600%7CRoboto:400%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=latin%2Clatin-ext%2Clatin&display=swap

Requested by

Host: www.swissphone.com
URL: https://www.swissphone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9751741bf4e4c7b5e4c0b3c9b869d8e8b960da41a951bf2e0df1e83270b7c82f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 22:47:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Feb 2022 22:47:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Feb 2022 22:47:04 GMT

GET
H2 200 autoptimize_541e2ced151704f4ff1844c6de47ec02.css
www.swissphone.com/wp-content/cache/autoptimize/1/css/ Frame 90E1 7 KB
1 KB 65ms
64ms Stylesheet
text/css 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_541e2ced151704f4ff1844c6de47ec02.css
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 2e05a099697256c998974e9155f9d6c2c2df700504628e7cb30977fe773eb63c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 20:58:16 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "1b6d-5d72364acc0d6-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1170
expires: Tue, 24 Jan 2023 22:47:04 GMT

GET
H2 200 autoptimize_single_69a0022c4348cbd4d3c50a78a62e90ac.css
www.swissphone.com/wp-content/cache/autoptimize/1/css/ Frame 90E1 3 KB
996 B 45ms
45ms Stylesheet
text/css 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_single_69a0022c4348cbd4d3c50a78a62e90ac.css
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 3c48fb0c3a465fa4f611d0127b5823a690c747834acd5e6a4b08b2db247fac52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 20:58:15 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "da7-5d72364a08be7-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 732
expires: Tue, 24 Jan 2023 22:47:04 GMT

GET
H2 200 jquery.min.js Show response
www.swissphone.com/wp-includes/js/jquery/ Frame 90E1 87 KB
30 KB 47ms
47ms Script
application/javascript 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:32:43 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "15db1-5cac6de2cc79c-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30908
expires: Sat, 05 Mar 2022 22:47:04 GMT

GET
H2 200 Swissphone-Logo_rgb_400-pixel_save.png
www.swissphone.com/wp-content/uploads/2018/06/ Frame 90E1 9 KB
9 KB 32ms
30ms Image
image/png 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.swissphone.com/wp-content/uploads/2018/06/Swissphone-Logo_rgb_400-pixel_save.png
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 4c55c400cf785b8e1cf66a6e0c98f1a1e3d59f4fd92d81e627c4ead572ba1d7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Tue, 04 Feb 2020 15:40:51 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "2251-59dc1dd52e6c0-gzip"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8608
expires: Sat, 05 Mar 2022 22:47:04 GMT

GET
H2 200 LP_sGUARD_Header-1.jpg
www.swissphone.com/wp-content/uploads/2021/10/ Frame 90E1 132 KB
130 KB 53ms
51ms Image
image/jpeg 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.swissphone.com/wp-content/uploads/2021/10/LP_sGUARD_Header-1.jpg
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: f6c128638385955032a340765d21b6181b070fcdf65618dd88737aba4762068d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Thu, 07 Oct 2021 12:58:48 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "20f01-5cdc2d2d65fe4-gzip"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 22:47:04 GMT

GET
H2 200 Header_SOS-Button_neu.jpg
www.swissphone.com/wp-content/uploads/2021/03/ Frame 90E1 136 KB
136 KB 49ms
48ms Image
image/jpeg 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.swissphone.com/wp-content/uploads/2021/03/Header_SOS-Button_neu.jpg
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 80ad2b2796fa8203a03ac3add947efd914c3bb53c01c94fd30a575aed76970f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 10:00:28 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "22041-5be6d9a0758f4-gzip"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 22:47:04 GMT

GET
H2 200 lazysizes.min.js Show response
www.swissphone.com/wp-content/plugins/autoptimize/classes/external/js/ Frame 90E1 10 KB
4 KB 59ms
58ms Script
application/javascript 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.1
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:32:40 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "2655-5cac6de0317c3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4122
expires: Sat, 05 Mar 2022 22:47:04 GMT

GET
H2 200 regenerator-runtime.min.js Show response
www.swissphone.com/wp-includes/js/dist/vendor/ Frame 90E1 6 KB
3 KB 23ms
23ms Script
application/javascript 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:32:43 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "1906-5cac6de2ca85c-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2398
expires: Sat, 05 Mar 2022 22:47:04 GMT

GET
H2 200 wp-polyfill.min.js Show response
www.swissphone.com/wp-includes/js/dist/vendor/ Frame 90E1 16 KB
6 KB 19ms
19ms Script
application/javascript 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:32:43 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "4056-5cac6de2ca85c-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6031
expires: Sat, 05 Mar 2022 22:47:04 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 90E1 884 B
1001 B 139ms
50ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D

Requested by

Host: www.swissphone.com
URL: https://www.swissphone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a88b78e381aead002b7f67d3aae0ea960dd9993f5141e1e123a4ff8d2a2aa225

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 588
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 22:47:04 GMT

GET
H2 200 autoptimize_2b71a763c032b87d4ec18d586f28a480.js Show response
www.swissphone.com/wp-content/cache/autoptimize/1/js/ Frame 90E1 1 MB
341 KB 70ms
69ms Script
application/javascript 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/js/autoptimize_2b71a763c032b87d4ec18d586f28a480.js
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: d9c28135dce56386a74085405f81c4b81befda43be63c65dd0a17830d2fc6a1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 20:58:15 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "150d3b-5d72364a02e28-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 22:47:04 GMT

GET
DATA 200
OK truncated
/ Frame 90E1 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fontawesome-webfont.woff
www.swissphone.com/wp-content/themes/salient/css/fonts/ Frame 90E1 96 KB
96 KB 51ms
51ms Font
application/font-woff 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_85dac9dcfdf1410bc8f8b9e180f7e678.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_85dac9dcfdf1410bc8f8b9e180f7e678.css
Origin: https://www.swissphone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Sun, 16 Feb 2020 16:46:17 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "17ee8-59eb42d71c6a2-gzip"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: max-age=2592000
accept-ranges: bytes
expires: Sat, 05 Mar 2022 22:47:04 GMT

GET
H2 200 icomoon.woff
www.swissphone.com/wp-content/themes/salient/css/fonts/ Frame 90E1 20 KB
11 KB 48ms
48ms Font
application/font-woff 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/themes/salient/css/fonts/icomoon.woff?v=1.1
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_85dac9dcfdf1410bc8f8b9e180f7e678.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 2af6ccbee0a1b6080db4aa581b1cec2d6d41d53daeee65280afc061ba77009e7

Request headers

Referer: https://www.swissphone.com/wp-content/cache/autoptimize/1/css/autoptimize_85dac9dcfdf1410bc8f8b9e180f7e678.css
Origin: https://www.swissphone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:04 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 13:32:42 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "4e54-5cac6de20447e-gzip"
vary: Accept-Encoding
content-type: application/font-woff
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10690
expires: Sat, 05 Mar 2022 22:47:04 GMT

GET
DATA 200
OK truncated
/ Frame 90E1 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61d314c923005869cca32b10dee91bcac610a9b25958d618879de9c794d6c167

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17cd8098feb91a69d8e37f0854afc427a46cda431ddd845cae49494bb628640b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6ce68345eae894026d9c6c896d57a6493d96bbcee909bd15e7c8a3c1c935a55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a9f09226ab04e562e290afd3edbe93887ae12bc15c29317b72dccb74fd87a75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70603249e5fbdd3626974b991e7077931b5384a686d9a420e0fe91463069b3b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab3a4f490d691a7e866181f4200bbad90fec72c65a677a58b9d9cde785665773

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac15f33aef72d070b61deab8e5a0a806a0420b6b0725994c760da55bdf788e4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54e43e5e10e88ff1ca8d063bcd013ace3b9a492e04580c6c2196f516f8470717

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 90E1 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aea8b18fbab2fe88ebd3d33c5c413e56cbc894baa1665bff5fb905f465a2078d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f58e772e2d0445fb2dc8a4b39024c25972001f9ab36630ad6991dc73e022568a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 331237713cb134dbcbbbd3867c0a5c1153b8dbc28324e3163a64ae3b8077d931

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1e2243c9773c5eee7ca12ce9a8f31124476995b47ea63135a7170611a3da136

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c9385c67c60ef4003b19645b552ac101f8ae7f6c79069397e8e6be7dd229e0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f9a1f6492c842951464ac3c8b65199769907026b0d257f04cafbbdf75be3749

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a7cb59b3449427881e63e984f9baf50c27c6946a2f64c6c96eca42fd75ce2c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82fa43eb86da42e7122175e8fea9b1c4b5fa7ee57d485ebfc9436c16aa706a1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4234c4f36d1eb0b18cef1f1b68748d270bed41e00a17e12f6c4266753d4f7b44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d1e311415e3168202ae0855dc12da1b99df08ad8c3a1cf5411d727623ca26e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 90E1 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 90E1 355 KB
141 KB 122ms
39ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.swissphone.com/
Origin: https://www.swissphone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143285
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 20:33:16 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 90E1 44 KB
44 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7COpen+Sans%3A600%2C400%2C700%2C400italic%2C300%7COpen+Sans:700%2C800%2C400%2C600%7CRoboto:400%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=latin%2Clatin-ext%2Clatin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.swissphone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 167551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 00:14:34 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 90E1 47 KB
47 KB 158ms
83ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.swissphone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:03:59 GMT
x-content-type-options: nosniff
age: 214986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 11:03:59 GMT

GET
H2 200 banner-1-optin.css
www.swissphone.com/wp-content/uploads/complianz/css/ Frame 90E1 16 KB
3 KB 20ms
19ms Stylesheet
text/css 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissphone.com/wp-content/uploads/complianz/css/banner-1-optin.css?v=12
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/wp-content/cache/autoptimize/1/js/autoptimize_2b71a763c032b87d4ec18d586f28a480.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-235.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.43 () OpenSSL/1.0.2k-fips /
Resource Hash: 91152b52c2cba4febb09b588c2d1c4275e559aac8315916278c0043eb3811604

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:05 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 19:47:01 GMT
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
etag: "3eb5-5d72265e49325-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3028
expires: Sat, 05 Mar 2022 22:47:05 GMT

POST
H2 200 / Show response
www.swissphone.com/ Frame 90E1 708 B
855 B 487ms
487ms XHR
application/json 18.195.73.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.swissphone.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: www.swissphone.com
URL: https://www.swissphone.com/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.195.73.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-73-235.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.43 () OpenSSL/1.0.2k-fips /

Resource Hash

79a54e092e0021c14c67ddcd588d461ae8188ca3b19cacb4a9b6a0c2bc8900e7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://expo-ip.com https://www.expo-ip.com
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.swissphone.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 03 Feb 2022 22:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3600
vary: Accept-Encoding
content-length: 323
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge,chrome=1
server: Apache/2.4.43 () OpenSSL/1.0.2k-fips
x-frame-options: ALLOW-FROM https://expo-ip.com https://www.expo-ip.com
strict-transport-security: max-age=63072000
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.swissphone.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-security-policy: block-all-mixed-content; upgrade-insecure-requests
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 90E1 49 KB
20 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG5QTV5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4331
date: Thu, 03 Feb 2022 21:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 03 Feb 2022 23:34:54 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 90E1 5 KB
2 KB 429ms
67ms Script
application/x-javascript 2a03:5f80:a::b212:e7c0
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG5QTV5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:5f80:a::b212:e7c0 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 22:47:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=18318
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 90E1 99 KB
27 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: amazingplacesonearth.com
URL: https://amazingplacesonearth.com/xero/aspx1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: OwPp7xzfr8LIoenj4uSIFqA8nfjYlxVTUJrv6rdtcfi/WpBUAgbLoei/piX2B+EisYPHDqVSmWZdBqPgUzXJSg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 03 Feb 2022 22:47:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7EE3 40 KB
21 KB 59ms
59ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D&co=aHR0cHM6Ly93d3cuc3dpc3NwaG9uZS5jb206NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=ou0a9rnoum0v

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b1d57f16df7a1b9270a1acabb1f668725825fe4a38eec63987214275291b5009

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XS3BnIOkgbrfiWIfAJ3Fcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 03 Feb 2022 22:47:05 GMT
content-security-policy: script-src 'report-sample' 'nonce-XS3BnIOkgbrfiWIfAJ3Fcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20995
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2473074122940090 Show response
connect.facebook.net/signals/config/ Frame 90E1 307 KB
88 KB 58ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2473074122940090?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1c9f471d2df503943a37646d41f509c382ad53615fdf7bc855341b75d987c259

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: X3FspN9afq30PyGDQU4WNzFSSvr425fWH6y8b07av8iYxXhVifrU6kG4A/HX8sU9VaN8j5/5F4A525IV8j1E+A==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 03 Feb 2022 22:47:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 90E1 44 B
295 B 216ms
11ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2473074122940090&ev=PageView&dl=https%3A%2F%2Fwww.swissphone.com%2F&rl=https%3A%2F%2Famazingplacesonearth.com%2F&if=true&ts=1643928425531&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&it=1643928425440&coo=false&exp=p0&rqm=GET

Requested by

Host: www.swissphone.com
URL: https://www.swissphone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 03 Feb 2022 22:47:05 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 7EE3 51 KB
24 KB 88ms
41ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D&co=aHR0cHM6Ly93d3cuc3dpc3NwaG9uZS5jb206NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=ou0a9rnoum0v

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 15:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 15:49:16 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/ Frame 7EE3 355 KB
140 KB 86ms
40ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 20:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143285
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 05:03:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 20:33:16 GMT

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 90E1
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928425806&url=https%3A%2F%2Famazingplacesonearth.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2038641%26time%3D1643928425806%26url%3Dhttps%253A%252F%252Famazingplacesonearth.c...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928425806&url=https%3A%2F%2Famazingplacesonearth.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928425806&url=https%3A%2F%2Famazingplacesonearth.com%2F&liSync=true&e_ipv6=AQIzg3bXueXACAAAAX7BxRfVmh2AQkDdMKFCcIOroL_rDY-kmbtOz...

0
154 B

389ms
185ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928425806&url=https%3A%2F%2Famazingplacesonearth.com%2F&liSync=true&e_ipv6=AQIzg3bXueXACAAAAX7BxRfVmh2AQkDdMKFCcIOroL_rDY-kmbtOzwLW0Q8JWJ-aiVpiaVsA
Requested by: Host: www.swissphone.com
URL: https://www.swissphone.com/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:06 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: bH8luzFo0Bbg489aIisAAA==

Redirect headers

date: Thu, 03 Feb 2022 22:47:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 28B9979356294C2787D90AF72CCA8589 Ref B: FRAEDGE1517 Ref C: 2022-02-03T22:47:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2038641&time=1643928425806&url=https%3A%2F%2Famazingplacesonearth.com%2F&liSync=true&e_ipv6=AQIzg3bXueXACAAAAX7BxRfVmh2AQkDdMKFCcIOroL_rDY-kmbtOzwLW0Q8JWJ-aiVpiaVsA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXXJOnk3ZKwcSEkzOZqNQ==

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7EE3 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 157296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 09 Feb 2022 03:05:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7EE3 15 KB
15 KB 82ms
37ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 214141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7EE3 15 KB
15 KB 83ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 186438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7EE3 102 B
134 B 80ms
79ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

739db8d736cf2cf264796656a113e1e2c97fb6d2626cf5a74bde38c219a04de7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D&co=aHR0cHM6Ly93d3cuc3dpc3NwaG9uZS5jb206NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=ou0a9rnoum0v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 22:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 22:47:06 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A726 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.swissphone.com
URL: https://www.swissphone.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.swissphone.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.swissphone.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.swissphone.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Thu, 03 Feb 2022 22:47:06 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 7EE3 30 KB
17 KB 91ms
91ms XHR
application/json 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dPctOHA2ifhWm5WzFM_B5TjT/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a7f76aca778c657d236bb0ad9b20f0dadba637bfe99c867f3d01212481dad8c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNytcUAAAAAILJDyXXn-nLWOZZb5Yj-xmRnM4D&co=aHR0cHM6Ly93d3cuc3dpc3NwaG9uZS5jb206NDQz&hl=de&v=dPctOHA2ifhWm5WzFM_B5TjT&size=invisible&cb=ou0a9rnoum0v
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 03 Feb 2022 22:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17094
x-xss-protection: 1; mode=block
expires: Thu, 03 Feb 2022 22:47:06 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Outlook Web Access (Online)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 04:58:00	Name: _GRECAPTCHA Value: 09APj96hSyvN8c_9ds_8tu91ZXLpjGLgWCm-D7NboKlx-rvkbryNpHbJ0g8s41L_qkYJOXRtSXKdqu074No452-o8
amazingplacesonearth.com/xero	1969-12-31 23:59:59	Name: cookieTest Value: 1
amazingplacesonearth.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2410d1258b6176a134e6521566664222
.linkedin.com/	1970-01-20 01:22:00	Name: UserMatchHistory Value: AQIssktWzqRMtgAAAX7BxRXDKRKUInVpjoj9Oo609cBe870czgSV9yWyyuj9KYBje8Sb2kG3ZwGobw
.linkedin.com/	1970-01-20 01:22:00	Name: AnalyticsSyncHistory Value: AQKLb77hk2fS0QAAAX7BxRXDax2lFau3V03mmoL5wlh_0xmBvSimj2LJYEp55bc9qDxRSjb4PJwAnKtprdljKQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:10:42	Name: bcookie Value: "v=2&b24f115b-c4b3-4c34-807b-d711393a2496"
.linkedin.com/	1970-01-20 00:40:14	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2591:u=1:x=1:i=1643928425:t=1644014825:v=2:sig=AQFlDOUtzEDop8VqJq9aUUoK4rA4v2I5"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:10:42	Name: bscookie Value: "v=1&202202032247061c5cc75e-f1ee-459b-8ac2-c435af4aedffAQEYf4HROcBdO1A_wH91nFZ0yh4U5hi6"
.linkedin.com/	1970-01-20 17:55:33	Name: li_gc Value: MTswOzE2NDM5Mjg0MjY7MjswMjHfg83l+fkaONDvh5MTPAYawAptXgMVApEZEOICgOQXuA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://www.swissphone.com/ Message: Invalid 'X-Frame-Options' header encountered when loading 'https://www.swissphone.com/': 'ALLOW-FROM https://expo-ip.com https://www.expo-ip.com' is not a recognized directive. The header will be ignored.
network	error	URL: https://amazingplacesonearth.com/owa/auth/15.1.2242/themes/resources/segoeui-regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazingplacesonearth.com
connect.facebook.net
fitoru.com
fonts.googleapis.com
fonts.gstatic.com
logo.clearbit.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.swissphone.com
108.157.4.26
108.174.10.14
108.179.200.163
18.195.73.235
2620:1ec:21::14
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:813::200a
2a00:1450:4001:831::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:5f80:a::b212:e7c0
54.165.241.225
07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7
0eaf591220d6075ab9638f2ddebc32f5fc1d996c359f8c3a9b1f056a7e46dd6e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17cd8098feb91a69d8e37f0854afc427a46cda431ddd845cae49494bb628640b
1a9f09226ab04e562e290afd3edbe93887ae12bc15c29317b72dccb74fd87a75
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c9f471d2df503943a37646d41f509c382ad53615fdf7bc855341b75d987c259
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2af6ccbee0a1b6080db4aa581b1cec2d6d41d53daeee65280afc061ba77009e7
2d1e311415e3168202ae0855dc12da1b99df08ad8c3a1cf5411d727623ca26e3
2e05a099697256c998974e9155f9d6c2c2df700504628e7cb30977fe773eb63c
2f9a1f6492c842951464ac3c8b65199769907026b0d257f04cafbbdf75be3749
331237713cb134dbcbbbd3867c0a5c1153b8dbc28324e3163a64ae3b8077d931
3377eb13c917e09a515a3215d824109ae9f331ed268cd72eca4b5dc1e7d0ecd7
3c48fb0c3a465fa4f611d0127b5823a690c747834acd5e6a4b08b2db247fac52
3c9385c67c60ef4003b19645b552ac101f8ae7f6c79069397e8e6be7dd229e0d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4234c4f36d1eb0b18cef1f1b68748d270bed41e00a17e12f6c4266753d4f7b44
4c55c400cf785b8e1cf66a6e0c98f1a1e3d59f4fd92d81e627c4ead572ba1d7b
4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a
54e43e5e10e88ff1ca8d063bcd013ace3b9a492e04580c6c2196f516f8470717
5620fd3acd4874ee2d86b7cc4ac77997940fb53e8faf51aa640573805c71cfce
5a7cb59b3449427881e63e984f9baf50c27c6946a2f64c6c96eca42fd75ce2c6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61d314c923005869cca32b10dee91bcac610a9b25958d618879de9c794d6c167
6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a
70603249e5fbdd3626974b991e7077931b5384a686d9a420e0fe91463069b3b4
739db8d736cf2cf264796656a113e1e2c97fb6d2626cf5a74bde38c219a04de7
79a54e092e0021c14c67ddcd588d461ae8188ca3b19cacb4a9b6a0c2bc8900e7
80ad2b2796fa8203a03ac3add947efd914c3bb53c01c94fd30a575aed76970f2
82fa43eb86da42e7122175e8fea9b1c4b5fa7ee57d485ebfc9436c16aa706a1e
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
91152b52c2cba4febb09b588c2d1c4275e559aac8315916278c0043eb3811604
9751741bf4e4c7b5e4c0b3c9b869d8e8b960da41a951bf2e0df1e83270b7c82f
9ac064d9714d7d7a6321d121266c9d5c2353e890ad131d79b1dbd96c288f2c57
9ebdce358cc5551b15795a3fb31b5cb0c29bff862b55cf598b8da514a0a60873
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6ce68345eae894026d9c6c896d57a6493d96bbcee909bd15e7c8a3c1c935a55
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
a7f76aca778c657d236bb0ad9b20f0dadba637bfe99c867f3d01212481dad8c9
a88b78e381aead002b7f67d3aae0ea960dd9993f5141e1e123a4ff8d2a2aa225
ab3a4f490d691a7e866181f4200bbad90fec72c65a677a58b9d9cde785665773
ac15f33aef72d070b61deab8e5a0a806a0420b6b0725994c760da55bdf788e4b
aea8b18fbab2fe88ebd3d33c5c413e56cbc894baa1665bff5fb905f465a2078d
b1d57f16df7a1b9270a1acabb1f668725825fe4a38eec63987214275291b5009
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c1e2243c9773c5eee7ca12ce9a8f31124476995b47ea63135a7170611a3da136
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c9c106049dff5c5dcfabb256dac2d9c3dc8552411d4fd59bdec300329cda8739
d9c28135dce56386a74085405f81c4b81befda43be63c65dd0a17830d2fc6a1a
d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f58e772e2d0445fb2dc8a4b39024c25972001f9ab36630ad6991dc73e022568a
f6c128638385955032a340765d21b6181b070fcdf65618dd88737aba4762068d
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f88aac0ed939fa97a40ea8d050eb9ad3cc4b0b2a4e7fd6c783db06a500270c88
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

amazingplacesonearth.com Open in urlscan Pro 108.179.200.163 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

67 %IPv6

13 Domains

16 Subdomains

14 IPs

3 Countries

1782 kBTransfer

5516 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 24 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

amazingplacesonearth.com Open in urlscan Pro
108.179.200.163 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

67 %
IPv6

13
Domains

16
Subdomains

14
IPs

3
Countries

1782 kB
Transfer

5516 kB
Size

11
Cookies

41 HTTP transactions
24 data transactions