reflu-stage.alpha.bag.ch Open in urlscan Pro
46.22.23.64 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://reflu-stage.alpha.bag.ch/
Submission: On June 17 via api (June 17th 2024, 5:15:41 pm UTC) from US — Scanned from CH

Summary HTTP 17 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 46.22.23.64, located in Lucerne, Switzerland and belongs to AS-ARCADE, CH. The main domain is reflu-stage.alpha.bag.ch.
TLS certificate: Issued by R10 on June 11th 2024. Valid for: 3 months.

This is the only time reflu-stage.alpha.bag.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	46.22.23.64 46.22.23.64	51873 (AS-ARCADE) (AS-ARCADE)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
17	3

15 46.22.23.64 (Lucerne, Switzerland)

ASN51873 (AS-ARCADE, CH)

reflu-stage.alpha.bag.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	bag.ch reflu-stage.alpha.bag.ch	1 MB
1	gstatic.com fonts.gstatic.com	24 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	914 B
17	3

	Domain	Requested by
15	reflu-stage.alpha.bag.ch	reflu-stage.alpha.bag.ch
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	reflu-stage.alpha.bag.ch
17	3

This site contains links to these domains. Also see Links.

Domain
www.refhorw.ch
www.reflu.ch
www.bag.ch
www.facebook.com

Subject Issuer	Validity	Valid
reflu-stage.alpha.bag.ch R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://reflu-stage.alpha.bag.ch/
Frame ID: 2AE28C337CAA8DA69276944E225C3ED3
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Reformierte Kirche Kanton Luzern | Reformierte Kirche Kanton Luzern

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1357 kB
Transfer

1858 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.refhorw.ch/?param=1
Title: Horw

Search URL Search Domain Scan URL

URL: http://www.reflu.ch/luzern
Title: Kirchgemeinde Luzern

Search URL Search Domain Scan URL

URL: https://www.bag.ch/web
Title: CMS by Brunner Medien AG

Search URL Search Domain Scan URL

URL: https://www.facebook.com/reformierteKircheLuzern/?ref=page_internal

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
reflu-stage.alpha.bag.ch/ 117 KB
26 KB 2950ms
2803ms Document
text/html 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to

Full URL

https://reflu-stage.alpha.bag.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

/ pimcore

Resource Hash

2eceb33d68b90f07ffea7c14058d274fc09eaf9def1e66d1bfd0bf34be90dbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, must-revalidate, private
content-encoding: gzip
content-language: de
content-type: text/html; charset=UTF-8
date: Mon, 17 Jun 2024 17:15:34 GMT
expires: Mon, 17 Jun 2024 17:15:34 GMT
link: </build/runtime.b2a8c1e7.js>; rel="preload"; as="script",</build/155.eac51329.js>; rel="preload"; as="script",</build/507.a76182fb.js>; rel="preload"; as="script",</build/app.7f437ed6.js>; rel="preload"; as="script",</build/507.c2326ec4.css>; rel="preload"; as="style",</build/app.ccb5a975.css>; rel="preload"; as="style"
referrer-policy: same-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-pimcore-cache-date: 2024-06-17T19:15:34+02:00
x-powered-by: pimcore
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 runtime.b2a8c1e7.js Show response
reflu-stage.alpha.bag.ch/build/ 1 KB
1 KB 83ms
82ms Script
application/javascript 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to

Full URL

https://reflu-stage.alpha.bag.ch/build/runtime.b2a8c1e7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

Resource Hash

64a15c66b53832ff0b128af4156ac567a218c34a582757074cec2a5f8a67934b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 17 Jun 2024 10:08:58 GMT
etag: W/"66700b3a-5fe"
content-type: application/javascript
cache-control: max-age=1209600, public
expires: Mon, 01 Jul 2024 17:15:34 GMT

GET
H2 200 155.eac51329.js Show response
reflu-stage.alpha.bag.ch/build/ 154 KB
58 KB 55ms
54ms Script
application/javascript 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to

Full URL

https://reflu-stage.alpha.bag.ch/build/155.eac51329.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

Resource Hash

428fbb5f57ac44f7938f711b078dd2ac79d65b077bf5697eaf512da2500480f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 17 Jun 2024 10:08:58 GMT
etag: W/"66700b3a-267a7"
content-type: application/javascript
cache-control: max-age=1209600, public
expires: Mon, 01 Jul 2024 17:15:34 GMT

GET
H2 200 507.a76182fb.js Show response
reflu-stage.alpha.bag.ch/build/ 45 KB
20 KB 84ms
83ms Script
application/javascript 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to

Full URL

https://reflu-stage.alpha.bag.ch/build/507.a76182fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

Resource Hash

c7e151171e2d1646d63b80d7d1f46aaf4ee39308a37cd2c011ad576a90c904f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 17 Jun 2024 10:08:58 GMT
etag: W/"66700b3a-b487"
content-type: application/javascript
cache-control: max-age=1209600, public
expires: Mon, 01 Jul 2024 17:15:34 GMT

GET
H2 200 app.7f437ed6.js Show response
reflu-stage.alpha.bag.ch/build/ 20 KB
7 KB 83ms
82ms Script
application/javascript 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to

Full URL

https://reflu-stage.alpha.bag.ch/build/app.7f437ed6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

Resource Hash

199ffe8778276e5e4f647efe0b7640d3c96829249e88221c4918eb2385070f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 17 Jun 2024 10:08:58 GMT
etag: W/"66700b3a-4ffb"
content-type: application/javascript
cache-control: max-age=1209600, public
expires: Mon, 01 Jul 2024 17:15:34 GMT

GET
H2 200 507.c2326ec4.css
reflu-stage.alpha.bag.ch/build/ 20 KB
5 KB 83ms
83ms Stylesheet
text/css 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to

Full URL

https://reflu-stage.alpha.bag.ch/build/507.c2326ec4.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

Resource Hash

80eae588f5f62662c731fafebe7d534c27b5d4b47cbe54ecdf7188e009e93e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 17 Jun 2024 10:08:58 GMT
etag: W/"66700b3a-4f25"
content-type: text/css
cache-control: max-age=1209600, public
expires: Mon, 01 Jul 2024 17:15:34 GMT

GET
H2 200 app.ccb5a975.css
reflu-stage.alpha.bag.ch/build/ 341 KB
77 KB 58ms
57ms Stylesheet
text/css 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to

Full URL

https://reflu-stage.alpha.bag.ch/build/app.ccb5a975.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

Resource Hash

55e4044a500ca1368b8dc671fad589ff9627f2e38d3aaba40656ce605a654b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 17 Jun 2024 10:08:58 GMT
etag: W/"66700b3a-552b4"
content-type: text/css
cache-control: max-age=1209600, public
expires: Mon, 01 Jul 2024 17:15:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
914 B 646ms
77ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=League+Spartan:wght@300;500&display=swap

Requested by

Host: reflu-stage.alpha.bag.ch
URL: https://reflu-stage.alpha.bag.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

14ea220afb8d3b8f30cae3b0f9b898fb73f46bf9b53673a93f5e3b2b291e753f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jun 2024 17:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jun 2024 17:15:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jun 2024 17:15:35 GMT

GET
H2 404 Logo_Kanton-Luzern_sw_neg.png
reflu-stage.alpha.bag.ch/landeskirche/logo/ 14 KB
14 KB 441ms
440ms Image
text/html 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reflu-stage.alpha.bag.ch/landeskirche/logo/Logo_Kanton-Luzern_sw_neg.png

Requested by

Host: reflu-stage.alpha.bag.ch
URL: https://reflu-stage.alpha.bag.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

/ pimcore

Resource Hash

2e627a3d6783689d6dbf91a3a8b2f3bb77e20bb99d17d1d55b57519b53adf089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: pimcore
x-frame-options: SAMEORIGIN
content-language: de
content-type: text/html; charset=UTF-8
cache-control: max-age=0, must-revalidate, private
link: </build/runtime.b2a8c1e7.js>; rel="preload"; as="script",</build/155.eac51329.js>; rel="preload"; as="script",</build/507.a76182fb.js>; rel="preload"; as="script",</build/app.7f437ed6.js>; rel="preload"; as="script",</build/507.c2326ec4.css>; rel="preload"; as="style",</build/app.ccb5a975.css>; rel="preload"; as="style"
x-xss-protection: 1; mode=block
expires: Mon, 17 Jun 2024 17:15:35 GMT

GET
H2 200 cock.18501338.svg
reflu-stage.alpha.bag.ch/build/images/ 2 KB
2 KB 1286ms
1285ms Image
image/svg+xml 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reflu-stage.alpha.bag.ch/build/images/cock.18501338.svg

Requested by

Host: reflu-stage.alpha.bag.ch
URL: https://reflu-stage.alpha.bag.ch/build/app.ccb5a975.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

Resource Hash

21b3d318c4b2a8fb86f35c38301056b20a31c58ab1e3d631e2ebc23e9bf4f689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/build/app.ccb5a975.css
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 17 Jun 2024 10:08:58 GMT
etag: "66700b3a-83b"
content-type: image/svg+xml
cache-control: max-age=1209600, public
accept-ranges: bytes
content-length: 2107
expires: Mon, 01 Jul 2024 17:15:36 GMT

GET
H2 200 facebook.278d17fb.svg
reflu-stage.alpha.bag.ch/build/images/ 831 B
1 KB 1303ms
1302ms Image
image/svg+xml 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reflu-stage.alpha.bag.ch/build/images/facebook.278d17fb.svg

Requested by

Host: reflu-stage.alpha.bag.ch
URL: https://reflu-stage.alpha.bag.ch/build/app.ccb5a975.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

Resource Hash

d9a7b926c3ea86b50c38ec866477fb195d6bcdce819047311d4514e34f236305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/build/app.ccb5a975.css
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 17 Jun 2024 10:08:58 GMT
etag: "66700b3a-33f"
content-type: image/svg+xml
cache-control: max-age=1209600, public
accept-ranges: bytes
content-length: 831
expires: Mon, 01 Jul 2024 17:15:36 GMT

GET
H2 200 kJEqBuEW6A0lliaV_m88ja5TwvZwLZk.woff2
fonts.gstatic.com/s/leaguespartan/v11/ 24 KB
24 KB 1580ms
68ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/leaguespartan/v11/kJEqBuEW6A0lliaV_m88ja5TwvZwLZk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=League+Spartan:wght@300;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

7c5cfcbd829200ff3c2a547cdc10b61c27341e5af6b7a4434bbc6674e7b70b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://reflu-stage.alpha.bag.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 01:17:23 GMT
x-content-type-options: nosniff
age: 316694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24064
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:09:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Jun 2025 01:17:23 GMT

GET
H2 200 fa-regular-400.0119858a.woff2
reflu-stage.alpha.bag.ch/build/fonts/ 380 KB
381 KB 1206ms
1205ms Font
font/woff2 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to

Full URL

https://reflu-stage.alpha.bag.ch/build/fonts/fa-regular-400.0119858a.woff2

Requested by

Host: reflu-stage.alpha.bag.ch
URL: https://reflu-stage.alpha.bag.ch/build/app.ccb5a975.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

Resource Hash

121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/build/app.ccb5a975.css
Origin: https://reflu-stage.alpha.bag.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 17 Jun 2024 10:08:58 GMT
etag: "66700b3a-5ef24"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400, public
accept-ranges: bytes
content-length: 388900
expires: Mon, 12 Aug 2024 17:15:36 GMT

GET
H2 200 fa-light-300.3a5e485d.woff2
reflu-stage.alpha.bag.ch/build/fonts/ 415 KB
416 KB 1282ms
1282ms Font
font/woff2 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to

Full URL

https://reflu-stage.alpha.bag.ch/build/fonts/fa-light-300.3a5e485d.woff2

Requested by

Host: reflu-stage.alpha.bag.ch
URL: https://reflu-stage.alpha.bag.ch/build/app.ccb5a975.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

Resource Hash

515954fe1dc163277d36b51f79fe56265f6b6cf79f99e307bbf6e52b477b9c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/build/app.ccb5a975.css
Origin: https://reflu-stage.alpha.bag.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 17 Jun 2024 10:08:58 GMT
etag: "66700b3a-67a58"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400, public
accept-ranges: bytes
content-length: 424536
expires: Mon, 12 Aug 2024 17:15:36 GMT

GET
H2 200 fa-solid-900.dd93dc21.woff2
reflu-stage.alpha.bag.ch/build/fonts/ 321 KB
322 KB 1222ms
1221ms Font
font/woff2 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to

Full URL

https://reflu-stage.alpha.bag.ch/build/fonts/fa-solid-900.dd93dc21.woff2

Requested by

Host: reflu-stage.alpha.bag.ch
URL: https://reflu-stage.alpha.bag.ch/build/app.ccb5a975.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

Resource Hash

f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/build/app.ccb5a975.css
Origin: https://reflu-stage.alpha.bag.ch
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 17 Jun 2024 10:08:58 GMT
etag: "66700b3a-505f4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400, public
accept-ranges: bytes
content-length: 329204
expires: Mon, 12 Aug 2024 17:15:36 GMT

GET
H2 200 filetype-not-supported.svg
reflu-stage.alpha.bag.ch/bundles/pimcoreadmin/img/ 1 KB
1 KB 1273ms
1273ms Image
image/svg+xml 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://reflu-stage.alpha.bag.ch/bundles/pimcoreadmin/img/filetype-not-supported.svg

Requested by

Host: reflu-stage.alpha.bag.ch
URL: https://reflu-stage.alpha.bag.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

Resource Hash

2683ef747147e314f823ea374378ea2666069974798e107344f234e10c5293af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 24 Apr 2024 12:29:00 GMT
etag: "6628fb0c-456"
content-type: image/svg+xml
cache-control: max-age=1209600, public
accept-ranges: bytes
content-length: 1110
expires: Mon, 01 Jul 2024 17:15:36 GMT

GET
H2 404 favicon.ico
reflu-stage.alpha.bag.ch/ 54 B
334 B 76ms
76ms Other
text/html 46.22.23.64
AS-ARCADE

General

Check archive.org

Show headers Download Go to

Full URL

https://reflu-stage.alpha.bag.ch/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.22.23.64 Lucerne, Switzerland, ASN51873 (AS-ARCADE, CH),

Reverse DNS

Software

/ pimcore

Resource Hash

7ec7e6bb23d239d7fc7ff815e14b3668a41f8c4cff56b371742fb6bc3b549bc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://reflu-stage.alpha.bag.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 17:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: pimcore
x-frame-options: SAMEORIGIN
content-language: de
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| webpackChunkmirusys_pimcore_bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://reflu-stage.alpha.bag.ch/landeskirche/logo/Logo_Kanton-Luzern_sw_neg.png Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://reflu-stage.alpha.bag.ch/build/507.a76182fb.js Message: Specifying 'overflow: visible' on img, video and canvas tags may cause them to produce visual content outside of the element bounds. See https://github.com/WICG/view-transitions/blob/main/debugging_overflow_on_images.md for details.
network	error	URL: https://reflu-stage.alpha.bag.ch/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
reflu-stage.alpha.bag.ch
142.250.184.234
142.250.186.99
46.22.23.64
121b176974226dbc9b1ab227becb657d40b88d2bb7010a746c2360c31d7c373e
14ea220afb8d3b8f30cae3b0f9b898fb73f46bf9b53673a93f5e3b2b291e753f
199ffe8778276e5e4f647efe0b7640d3c96829249e88221c4918eb2385070f9c
21b3d318c4b2a8fb86f35c38301056b20a31c58ab1e3d631e2ebc23e9bf4f689
2683ef747147e314f823ea374378ea2666069974798e107344f234e10c5293af
2e627a3d6783689d6dbf91a3a8b2f3bb77e20bb99d17d1d55b57519b53adf089
2eceb33d68b90f07ffea7c14058d274fc09eaf9def1e66d1bfd0bf34be90dbd5
428fbb5f57ac44f7938f711b078dd2ac79d65b077bf5697eaf512da2500480f9
515954fe1dc163277d36b51f79fe56265f6b6cf79f99e307bbf6e52b477b9c87
55e4044a500ca1368b8dc671fad589ff9627f2e38d3aaba40656ce605a654b1e
64a15c66b53832ff0b128af4156ac567a218c34a582757074cec2a5f8a67934b
7c5cfcbd829200ff3c2a547cdc10b61c27341e5af6b7a4434bbc6674e7b70b66
7ec7e6bb23d239d7fc7ff815e14b3668a41f8c4cff56b371742fb6bc3b549bc3
80eae588f5f62662c731fafebe7d534c27b5d4b47cbe54ecdf7188e009e93e2c
c7e151171e2d1646d63b80d7d1f46aaf4ee39308a37cd2c011ad576a90c904f4
d9a7b926c3ea86b50c38ec866477fb195d6bcdce819047311d4514e34f236305
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62

reflu-stage.alpha.bag.ch Open in urlscan Pro 46.22.23.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

1357 kBTransfer

1858 kBSize

0 Cookies

4 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

reflu-stage.alpha.bag.ch Open in urlscan Pro
46.22.23.64 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1357 kB
Transfer

1858 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions