www.winweb172.login2.about-x.ch Open in urlscan Pro
188.40.219.38 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.winweb172.login2.about-x.ch/
Submission: On September 09 via automatic, source certstream-suspicious (September 9th 2021, 6:42:59 pm UTC) — Scanned from DE

Summary HTTP 19 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 188.40.219.38, located in Tann, Switzerland and belongs to HETZNER-AS, DE. The main domain is www.winweb172.login2.about-x.ch.
TLS certificate: Issued by R3 on September 9th 2021. Valid for: 3 months.

This is the only time www.winweb172.login2.about-x.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 8	188.40.219.38 188.40.219.38	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	188.40.216.41 188.40.216.41	24940 (HETZNER-AS) (HETZNER-AS)
19	4

8 188.40.219.38 (Tann, Switzerland) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: mx-out.sr44.firestorm.ch

www.winweb172.login2.about-x.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.anderhub-ag.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.40.216.41 (Tann, Switzerland)

ASN24940 (HETZNER-AS, DE)
PTR: sr1.top-app.ch

www.top-app.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	about-x.ch www.winweb172.login2.about-x.ch	13 KB
2	top-app.ch www.top-app.ch
2	anderhub-ag.ch 2 redirects www.anderhub-ag.ch	157 B
1	googleapis.com ajax.googleapis.com	143 KB
19	4

	Domain	Requested by
6	www.winweb172.login2.about-x.ch	www.winweb172.login2.about-x.ch
2	www.top-app.ch	www.winweb172.login2.about-x.ch
2	www.anderhub-ag.ch	2 redirects www.winweb172.login2.about-x.ch
1	ajax.googleapis.com	www.winweb172.login2.about-x.ch
19	4

This site contains links to these domains. Also see Links.

Domain
www.anderhub-ag.ch
www.guenstiges-hosting.ch
www.top-cms.ch
www.https

Subject Issuer	Validity	Valid
winweb172.login2.about-x.ch R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
top-app.ch R3	`2021-08-22` - `2021-11-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.winweb172.login2.about-x.ch/
Frame ID: F655E8D7579CFD0FADE629E539006081
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anderhub Maschinen und Werkzeuge AG in Thalwil ZH

Detected technologies

MooTools (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

mootools.*\.js

Page Statistics

19
Requests

47 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

155 kB
Transfer

165 kB
Size

1
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://www.anderhub-ag.ch/index.asp
Title: STARTSEITE

Search URL Search Domain Scan URL

URL: http://www.anderhub-ag.ch/index.asp?XI=News
Title: AKTUELL

Search URL Search Domain Scan URL

URL: http://www.anderhub-ag.ch/index.asp?get=1&FID=164&File=level01
Title: FLIEGENDE BAUMESSE

Search URL Search Domain Scan URL

URL: http://www.anderhub-ag.ch/index.asp?get=1&FID=162&File=level01
Title: ÜBER UNS

Search URL Search Domain Scan URL

URL: http://www.anderhub-ag.ch/index.asp?XI=Links
Title: LINKS

Search URL Search Domain Scan URL

URL: http://www.anderhub-ag.ch/index.asp?XI=Form&frm=39&lan=1
Title: KONTAKT

Search URL Search Domain Scan URL

URL: http://www.anderhub-ag.ch/index.asp?XI=Map
Title: LAGEPLAN

Search URL Search Domain Scan URL

URL: http://www.anderhub-ag.ch/index.asp?get=1&FID=161&File=level01
Title: ALLG. GESCHÄFTSBEDINGUNGEN

Search URL Search Domain Scan URL

URL: http://www.guenstiges-hosting.ch/

Search URL Search Domain Scan URL

URL: http://www.top-cms.ch/

Search URL Search Domain Scan URL

URL: http://www.https//www.promotext.ch

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://www.anderhub-ag.ch/images/2013-05-15%2009.52.26.jpg HTTP 301
https://www.top-app.ch/

Request Chain 4

https://www.anderhub-ag.ch/images/produkte/nopic.jpg HTTP 301
https://www.top-app.ch/

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.winweb172.login2.about-x.ch/ 19 KB
9 KB 284ms
171ms Document
text/html 188.40.219.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.winweb172.login2.about-x.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.219.38 Tann, Switzerland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mx-out.sr44.firestorm.ch
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2fbedbe3c3cdf57876a9a1ee2c6b6d0630ccd982c57d1f284330a3d3150fd220

Request headers

:method: GET
:authority: www.winweb172.login2.about-x.ch
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: private
content-type: text/html
content-encoding: br
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: ASPSESSIONIDCWACSRTA=JJKJMKCBMGHEEPIPLGPKJFAL; secure; path=/
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
date: Thu, 09 Sep 2021 18:42:54 GMT
content-length: 8740

GET
H2 200 mootools.js Show response
ajax.googleapis.com/ajax/libs/mootools/1.3.1/ 142 KB
143 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/mootools/1.3.1/mootools.js

Requested by

Host: www.winweb172.login2.about-x.ch
URL: https://www.winweb172.login2.about-x.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

933d979b5810cb5178bf440ce02c36f5e4ab7e46daf91b6358de352f8abcfd55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.winweb172.login2.about-x.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 06:03:26 GMT
x-content-type-options: nosniff
age: 477569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145417
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Sep 2022 06:03:26 GMT

GET
H2

200

/
www.top-app.ch/
Redirect Chain

https://www.anderhub-ag.ch/images/2013-05-15%2009.52.26.jpg
https://www.top-app.ch/

0
0

111ms
66ms

Image
text/html

188.40.216.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.top-app.ch/
Requested by: Host: www.winweb172.login2.about-x.ch
URL: https://www.winweb172.login2.about-x.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.216.41 Tann, Switzerland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sr1.top-app.ch
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.winweb172.login2.about-x.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

location: https://www.top-app.ch/
date: Thu, 09 Sep 2021 18:42:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 176
x-powered-by-plesk: PleskWin
content-type: text/html; charset=UTF-8

GET
H2 200 edit.gif
www.winweb172.login2.about-x.ch/ 96 B
188 B 14ms
13ms Image
image/gif 188.40.219.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winweb172.login2.about-x.ch/edit.gif
Requested by: Host: www.winweb172.login2.about-x.ch
URL: https://www.winweb172.login2.about-x.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.219.38 Tann, Switzerland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mx-out.sr44.firestorm.ch
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: de1d8e989ec0964561a8ef4c89f468a96a382c4f951632df3ef86824b0247f5a

Request headers

:path: /edit.gif
pragma: no-cache
cookie: ASPSESSIONIDCWACSRTA=JJKJMKCBMGHEEPIPLGPKJFAL
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.winweb172.login2.about-x.ch
referer: https://www.winweb172.login2.about-x.ch/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.winweb172.login2.about-x.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Thu, 09 Sep 2021 18:42:54 GMT
last-modified: Fri, 29 Nov 2013 22:30:02 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "bfaca58b52edce1:0"
content-type: image/gif
accept-ranges: bytes
content-length: 96

GET
H2 200 hosting.gif
www.winweb172.login2.about-x.ch/ 49 B
128 B 24ms
23ms Image
image/gif 188.40.219.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winweb172.login2.about-x.ch/hosting.gif
Requested by: Host: www.winweb172.login2.about-x.ch
URL: https://www.winweb172.login2.about-x.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.219.38 Tann, Switzerland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mx-out.sr44.firestorm.ch
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7df5774ffcccb6de91ea0c3e95ea530c054c80d1150c517bd2b9920e9b3c3ace

Request headers

:path: /hosting.gif
pragma: no-cache
cookie: ASPSESSIONIDCWACSRTA=JJKJMKCBMGHEEPIPLGPKJFAL
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.winweb172.login2.about-x.ch
referer: https://www.winweb172.login2.about-x.ch/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.winweb172.login2.about-x.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Thu, 09 Sep 2021 18:42:54 GMT
last-modified: Fri, 29 Nov 2013 22:30:06 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "b42f408e52edce1:0"
content-type: image/gif
accept-ranges: bytes
content-length: 49

GET
H2

200

/
www.top-app.ch/
Redirect Chain

https://www.anderhub-ag.ch/images/produkte/nopic.jpg
https://www.top-app.ch/

0
0

97ms
52ms

Image
text/html

188.40.216.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.top-app.ch/
Requested by: Host: www.winweb172.login2.about-x.ch
URL: https://www.winweb172.login2.about-x.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.40.216.41 Tann, Switzerland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sr1.top-app.ch
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.winweb172.login2.about-x.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

location: https://www.top-app.ch/
date: Thu, 09 Sep 2021 18:42:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 176
x-powered-by-plesk: PleskWin
content-type: text/html; charset=UTF-8

GET
H2 200 top-cms.jpg
www.winweb172.login2.about-x.ch/ 2 KB
2 KB 29ms
29ms Image
image/jpeg 188.40.219.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winweb172.login2.about-x.ch/top-cms.jpg
Requested by: Host: www.winweb172.login2.about-x.ch
URL: https://www.winweb172.login2.about-x.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.219.38 Tann, Switzerland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mx-out.sr44.firestorm.ch
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 47f722feab110988c36acb23b4c67e8b160702bdabaa4048b33e982587cece44

Request headers

:path: /top-cms.jpg
pragma: no-cache
cookie: ASPSESSIONIDCWACSRTA=JJKJMKCBMGHEEPIPLGPKJFAL
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.winweb172.login2.about-x.ch
referer: https://www.winweb172.login2.about-x.ch/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.winweb172.login2.about-x.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Thu, 09 Sep 2021 18:42:54 GMT
last-modified: Fri, 29 Nov 2013 22:30:10 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8258c9052edce1:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 1719

GET
H2 200 smartphone-ready.jpg
www.winweb172.login2.about-x.ch/ 2 KB
2 KB 30ms
29ms Image
image/jpeg 188.40.219.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winweb172.login2.about-x.ch/smartphone-ready.jpg
Requested by: Host: www.winweb172.login2.about-x.ch
URL: https://www.winweb172.login2.about-x.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.219.38 Tann, Switzerland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mx-out.sr44.firestorm.ch
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ebf325802e6d8dc47e124d9da47d51619ccedc38ca775f069cad7e59f9aa576b

Request headers

:path: /smartphone-ready.jpg
pragma: no-cache
cookie: ASPSESSIONIDCWACSRTA=JJKJMKCBMGHEEPIPLGPKJFAL
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.winweb172.login2.about-x.ch
referer: https://www.winweb172.login2.about-x.ch/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.winweb172.login2.about-x.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Thu, 09 Sep 2021 18:42:54 GMT
last-modified: Fri, 29 Nov 2013 22:30:10 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "a9c3899052edce1:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 1655

GET
H2 200 leer.gif
www.winweb172.login2.about-x.ch/ 69 B
148 B 30ms
30ms Image
image/gif 188.40.219.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.winweb172.login2.about-x.ch/leer.gif
Requested by: Host: www.winweb172.login2.about-x.ch
URL: https://www.winweb172.login2.about-x.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.40.219.38 Tann, Switzerland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mx-out.sr44.firestorm.ch
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e968db7401916faeddfd000fc78d71bf02785ad5e6a12591dffb9ddb0f23efbb

Request headers

:path: /leer.gif
pragma: no-cache
cookie: ASPSESSIONIDCWACSRTA=JJKJMKCBMGHEEPIPLGPKJFAL
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.winweb172.login2.about-x.ch
referer: https://www.winweb172.login2.about-x.ch/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.winweb172.login2.about-x.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Thu, 09 Sep 2021 18:42:54 GMT
last-modified: Fri, 29 Nov 2013 22:30:07 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "d245668e52edce1:0"
content-type: image/gif
accept-ranges: bytes
content-length: 69

GET werkzeuge.css
www.anderhub-ag.ch/web/ 0
0

GET bumpbox.js
www.anderhub-ag.ch/net/Galbilder/bumpbox/ 0
0

GET shadows.css
www.anderhub-ag.ch/net/galbilder/ 0
0

GET jquery-1.7.min.js
www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/ 0
0

GET webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 0
0

GET webfont.js
www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/ 0
0

GET jquery.easing-1.3.pack.js
www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/fancybox13/ 0
0

GET jquery.mousewheel-3.0.2.pack.js
www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/fancybox13/ 0
0

GET jquery.fancybox-1.3.1.pack.js
www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/fancybox13/ 0
0

GET jquery.fancybox-1.3.1.css
www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/fancybox13/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.anderhub-ag.ch
URL: http://www.anderhub-ag.ch/web/werkzeuge.css

Domain: www.anderhub-ag.ch
URL: http://www.anderhub-ag.ch/net/Galbilder/bumpbox/bumpbox.js

Domain: www.anderhub-ag.ch
URL: http://www.anderhub-ag.ch/net/galbilder/shadows.css

Domain: www.anderhub-ag.ch
URL: http://www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/jquery-1.7.min.js

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Domain: www.anderhub-ag.ch
URL: http://www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/webfont.js

Domain: www.anderhub-ag.ch
URL: http://www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/fancybox13/jquery.easing-1.3.pack.js

Domain: www.anderhub-ag.ch
URL: http://www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/fancybox13/jquery.mousewheel-3.0.2.pack.js

Domain: www.anderhub-ag.ch
URL: http://www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/fancybox13/jquery.fancybox-1.3.1.pack.js

Domain: www.anderhub-ag.ch
URL: http://www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/fancybox13/jquery.fancybox-1.3.1.css

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.winweb172.login2.about-x.ch/	1969-12-31 23:59:59	Name: ASPSESSIONIDCWACSRTA Value: JJKJMKCBMGHEEPIPLGPKJFAL

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.winweb172.login2.about-x.ch/(Line 3) Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure element 'http://www.anderhub-ag.ch/images/2013-05-15%2009.52.26.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.winweb172.login2.about-x.ch/(Line 3) Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure element 'http://www.anderhub-ag.ch/images/produkte/nopic.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.winweb172.login2.about-x.ch/(Line 3) Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure element 'http://www.anderhub-ag.ch/images/produkte/nopic.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.winweb172.login2.about-x.ch/(Line 3) Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure element 'http://www.anderhub-ag.ch/images/produkte/nopic.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.winweb172.login2.about-x.ch/(Line 3) Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure element 'http://www.anderhub-ag.ch/images/produkte/nopic.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://www.winweb172.login2.about-x.ch/(Line 14) Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.anderhub-ag.ch/web/werkzeuge.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.winweb172.login2.about-x.ch/ Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure script 'http://www.anderhub-ag.ch/net/Galbilder/bumpbox/bumpbox.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.winweb172.login2.about-x.ch/(Line 18) Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.anderhub-ag.ch/net/galbilder/shadows.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.winweb172.login2.about-x.ch/ Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure script 'http://www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/jquery-1.7.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.winweb172.login2.about-x.ch/ Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.winweb172.login2.about-x.ch/ Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure script 'http://www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/webfont.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.winweb172.login2.about-x.ch/ Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure script 'http://www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/fancybox13/jquery.easing-1.3.pack.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.winweb172.login2.about-x.ch/ Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure script 'http://www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/fancybox13/jquery.mousewheel-3.0.2.pack.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.winweb172.login2.about-x.ch/ Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure script 'http://www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/fancybox13/jquery.fancybox-1.3.1.pack.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.winweb172.login2.about-x.ch/(Line 27) Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.anderhub-ag.ch/net/body5/LiveEditor/scripts/common/fancybox13/jquery.fancybox-1.3.1.css'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://www.winweb172.login2.about-x.ch/ Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure element 'http://www.anderhub-ag.ch/images/2013-05-15%2009.52.26.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.winweb172.login2.about-x.ch/ Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure element 'http://www.anderhub-ag.ch/images/produkte/nopic.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.winweb172.login2.about-x.ch/ Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure element 'http://www.anderhub-ag.ch/images/produkte/nopic.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.winweb172.login2.about-x.ch/ Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure element 'http://www.anderhub-ag.ch/images/produkte/nopic.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.winweb172.login2.about-x.ch/ Message: Mixed Content: The page at 'https://www.winweb172.login2.about-x.ch/' was loaded over HTTPS, but requested an insecure element 'http://www.anderhub-ag.ch/images/produkte/nopic.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
www.anderhub-ag.ch
www.top-app.ch
www.winweb172.login2.about-x.ch
ajax.googleapis.com
www.anderhub-ag.ch
188.40.216.41
188.40.219.38
2a00:1450:4001:82b::200a
2fbedbe3c3cdf57876a9a1ee2c6b6d0630ccd982c57d1f284330a3d3150fd220
47f722feab110988c36acb23b4c67e8b160702bdabaa4048b33e982587cece44
7df5774ffcccb6de91ea0c3e95ea530c054c80d1150c517bd2b9920e9b3c3ace
933d979b5810cb5178bf440ce02c36f5e4ab7e46daf91b6358de352f8abcfd55
de1d8e989ec0964561a8ef4c89f468a96a382c4f951632df3ef86824b0247f5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e968db7401916faeddfd000fc78d71bf02785ad5e6a12591dffb9ddb0f23efbb
ebf325802e6d8dc47e124d9da47d51619ccedc38ca775f069cad7e59f9aa576b

www.winweb172.login2.about-x.ch Open in urlscan Pro 188.40.219.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

47 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

155 kBTransfer

165 kBSize

1 Cookies

11 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

1 Cookies

20 Console Messages

Indicators

www.winweb172.login2.about-x.ch Open in urlscan Pro
188.40.219.38 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

47 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

155 kB
Transfer

165 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions