urlscan.io logo urlscan.io
SecurityTrails logo

summary.magicmoving.co.ke Open in urlscan Pro
67.225.192.145  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ixoraprime.in/gabriela-x1-x2iapparelli-r2hig-x1-x2h
Effective URL: https://summary.magicmoving.co.ke/aspx1.php
Submission Tags: 7311565
Submission: On October 05 via api from NL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 44 HTTP transactions. The main IP is 67.225.192.145, located in United States and belongs to LIQUIDWEB, US. The main domain is summary.magicmoving.co.ke.
TLS certificate: Issued by R3 on October 5th 2021. Valid for: 3 months.
This is the only time summary.magicmoving.co.ke was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Outlook Web Access (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 148.72.215.4 26496 (AS-26496-...)
1 4 67.225.192.145 32244 (LIQUIDWEB)
30 217.26.51.21 29097 (HOSTPOINT-AS)
4 142.250.184.228 15169 (GOOGLE)
1 142.250.184.202 15169 (GOOGLE)
3 142.250.185.227 15169 (GOOGLE)
3 142.250.186.99 15169 (GOOGLE)
44 7
1    148.72.215.4 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-148-72-215-4.ip.secureserver.net
ixoraprime.in
4    67.225.192.145 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: thirteen.deepafrica.com
summary.magicmoving.co.ke
30    217.26.51.21 (Switzerland)

ASN29097 (HOSTPOINT-AS, CH)
PTR: sl344.web.hostpoint.ch
www.hig.ch
4    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
1    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
3    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
3    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.gstatic.com
Domain Requested by
30 www.hig.ch summary.magicmoving.co.ke
www.hig.ch
4 www.google.com www.hig.ch
www.gstatic.com
4 summary.magicmoving.co.ke 1 redirects summary.magicmoving.co.ke
3 www.gstatic.com www.google.com
3 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com www.hig.ch
1 ixoraprime.in 1 redirects
44 7

This site contains no links.

Subject Issuer Validity Valid
summary.magicmoving.co.ke
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
www.hig.ch
R3		 2021-09-18 -
2021-12-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 3 frames:

Primary Page: https://summary.magicmoving.co.ke/aspx1.php
Frame ID: 32339835D143A691C6419790C596E65C
Requests: 7 HTTP requests in this frame

Frame: https://www.hig.ch/
Frame ID: 2109A2E1F2814972AC1FC962610D6D16
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley6cUbAAAAANM6mAnDnCBT4t4SYimdT5HyKtDK&co=aHR0cHM6Ly93d3cuaGlnLmNoOjQ0Mw..&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=67k6rbz0ih5
Frame ID: D42FA070ADD14D9281DCA23A97251365
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to Hig Security and Quarantine Center

Page URL History Show full URLs

  1. https://ixoraprime.in/gabriela-x1-x2iapparelli-r2hig-x1-x2h HTTP 302
    https://summary.magicmoving.co.ke/?client-request-id=Z2FicmllbGEuY2lhcHBhcmVsbGlAaGlnLmNo HTTP 302
    https://summary.magicmoving.co.ke/aspx1.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

44
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

3056 kB
Transfer

4150 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ixoraprime.in/gabriela-x1-x2iapparelli-r2hig-x1-x2h HTTP 302
    https://summary.magicmoving.co.ke/?client-request-id=Z2FicmllbGEuY2lhcHBhcmVsbGlAaGlnLmNo HTTP 302
    https://summary.magicmoving.co.ke/aspx1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request aspx1.php
summary.magicmoving.co.ke/
Redirect Chain
  • https://ixoraprime.in/gabriela-x1-x2iapparelli-r2hig-x1-x2h
  • https://summary.magicmoving.co.ke/?client-request-id=Z2FicmllbGEuY2lhcHBhcmVsbGlAaGlnLmNo
  • https://summary.magicmoving.co.ke/aspx1.php
51 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://summary.magicmoving.co.ke/aspx1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.192.145 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
thirteen.deepafrica.com
Software
Apache /
Resource Hash
636a6537391643a6039341feb196bb697ea8050dccc9e4d44de69e498411253b

Request headers

:method
GET
:authority
summary.magicmoving.co.ke
:scheme
https
:path
/aspx1.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
PHPSESSID=0e4492b3551c279767e12564979a47ac
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 07:52:16 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
19975
content-type
text/html; charset=UTF-8

Redirect headers

date
Tue, 05 Oct 2021 07:52:16 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=0e4492b3551c279767e12564979a47ac; path=/
location
aspx1.php
vary
User-Agent
content-length
0
content-type
text/html; charset=UTF-8
owa_logo.png
summary.magicmoving.co.ke/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://summary.magicmoving.co.ke/images/owa_logo.png
Requested by
Host: summary.magicmoving.co.ke
URL: https://summary.magicmoving.co.ke/aspx1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.192.145 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
thirteen.deepafrica.com
Software
Apache /
Resource Hash
a7c14ee84d81a536a4cd54e3a144f388f2174a4a5c409ae118ea49f0da6b4aa6

Request headers

:path
/images/owa_logo.png
pragma
no-cache
cookie
PHPSESSID=0e4492b3551c279767e12564979a47ac
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
summary.magicmoving.co.ke
referer
https://summary.magicmoving.co.ke/aspx1.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://summary.magicmoving.co.ke/aspx1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
last-modified
Mon, 05 Jul 2021 07:35:12 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7746
expires
Thu, 04 Nov 2021 07:52:17 GMT
/
www.hig.ch/ Frame 2109 		25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/
Requested by
Host: summary.magicmoving.co.ke
URL: https://summary.magicmoving.co.ke/aspx1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
695c76b7e5594cc7afb850eecef1820069bf7b90004ad4be170d70312b39746c

Request headers

:method
GET
:authority
www.hig.ch
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://summary.magicmoving.co.ke/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://summary.magicmoving.co.ke/

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
server
Apache
x-pingback
https://www.hig.ch/xmlrpc.php
link
<https://www.hig.ch/wp-json/>; rel="https://api.w.org/" <https://www.hig.ch/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://www.hig.ch/>; rel=shortlink
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html; charset=UTF-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
segoeui-regular.ttf
summary.magicmoving.co.ke/owa/auth/15.1.2242/themes/resources/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://summary.magicmoving.co.ke/owa/auth/15.1.2242/themes/resources/segoeui-regular.ttf
Requested by
Host: summary.magicmoving.co.ke
URL: https://summary.magicmoving.co.ke/aspx1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.192.145 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
thirteen.deepafrica.com
Software
Apache /
Resource Hash

Request headers

sec-fetch-mode
cors
origin
https://summary.magicmoving.co.ke
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=0e4492b3551c279767e12564979a47ac
:path
/owa/auth/15.1.2242/themes/resources/segoeui-regular.ttf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
summary.magicmoving.co.ke
referer
https://summary.magicmoving.co.ke/aspx1.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://summary.magicmoving.co.ke/aspx1.php
Origin
https://summary.magicmoving.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
server
Apache
content-length
315
content-type
text/html; charset=iso-8859-1
style.min.css
www.hig.ch/wp-includes/css/dist/block-library/ Frame 2109 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:25:48 GMT
server
Apache
etag
"e33b-5c5e6b4b5604d-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8685
styles.css
www.hig.ch/wp-content/plugins/contact-form-7/includes/css/ Frame 2109 		3 KB
1009 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4.2
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 08:47:03 GMT
server
Apache
etag
"a50-5cd469b7a3af3-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
932
fancybox.css
www.hig.ch/wp-content/plugins/fancybox-for-wordpress/assets/css/ Frame 2109 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/plugins/fancybox-for-wordpress/assets/css/fancybox.css?ver=1.3.4
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
8e6630390ef512b8785eac0eac76219d07d16c69f68760f0e3677e9b7348f1e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:28:17 GMT
server
Apache
etag
"4932-5c5e6bd974206-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3858
bootstrap.min.css
www.hig.ch/wp-content/themes/hig/css/ Frame 2109 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/themes/hig/css/bootstrap.min.css?ver=5.7.3
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2019 16:12:12 GMT
server
Apache
etag
"2606e-59417f6fdaf3b-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
23238
hamburgers.min.css
www.hig.ch/wp-content/themes/hig/css/ Frame 2109 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/themes/hig/css/hamburgers.min.css?ver=5.7.3
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
24fbf98a0312aa6db3b49c6d8e2ba9d2ae8d316bbb2f731b327f45ab23e07dda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2019 16:12:12 GMT
server
Apache
etag
"57ba-59417f6fd8ffd-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2340
style.css
www.hig.ch/wp-content/themes/hig/ Frame 2109 		34 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/themes/hig/style.css?ver=1633420337
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
ef8dd4bf5f7426f09e3c007607dfd0b4f9e4b0a9f8e71116faab4a66182fe34e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 14:26:12 GMT
server
Apache
etag
"8855-5cb03f6fed0db-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
5521
jquery-3.4.1.min.js
www.hig.ch/wp-content/themes/hig/js/ Frame 2109 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/themes/hig/js/jquery-3.4.1.min.js?ver=3.4.1
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2019 16:12:13 GMT
server
Apache
etag
"15851-59417f705487c-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30677
jquery.fancybox.js
www.hig.ch/wp-content/plugins/fancybox-for-wordpress/assets/js/ Frame 2109 		158 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/plugins/fancybox-for-wordpress/assets/js/jquery.fancybox.js?ver=1.3.4
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
fbefbec9195c7a222e896bc45b0afa18af494fdc038c0977cefe1401efc64be2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:28:17 GMT
server
Apache
etag
"2795c-5c5e6bd9b6492-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
39290
logo_hig_ias.svg
www.hig.ch/wp-content/themes/hig/img/ Frame 2109 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hig.ch/wp-content/themes/hig/img/logo_hig_ias.svg
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
24c74da09956e3d280ab990629e9df52336bc220eba3af23c9e35f7d7f0adb11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2019 16:12:12 GMT
server
Apache
etag
"205b-59417f7019f10-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
3255
logo_hig_ias_ph.svg
www.hig.ch/wp-content/themes/hig/img/ Frame 2109 		522 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hig.ch/wp-content/themes/hig/img/logo_hig_ias_ph.svg
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
dfbaefe4eaf32b301139001c293fe479092312ae822036531fc5e73eaba74bd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2019 16:12:12 GMT
server
Apache
etag
"20a-59417f701319f-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
360
wp-polyfill.min.js
www.hig.ch/wp-includes/js/dist/vendor/ Frame 2109 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:25:52 GMT
server
Apache
etag
"183ee-5c5e6b4efd16a-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
34241
index.js
www.hig.ch/wp-content/plugins/contact-form-7/includes/js/ Frame 2109 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 08:47:03 GMT
server
Apache
etag
"32bb-5cd469b7e42eb-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4071
navigation.js
www.hig.ch/wp-content/themes/hig/js/ Frame 2109 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/themes/hig/js/navigation.js?ver=20151215
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2019 16:12:13 GMT
server
Apache
etag
"b97-59417f705295e-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1094
skip-link-focus-fix.js
www.hig.ch/wp-content/themes/hig/js/ Frame 2109 		685 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/themes/hig/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2019 16:12:13 GMT
server
Apache
etag
"2ad-59417f705f840-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
417
bootstrap.min.js
www.hig.ch/wp-content/themes/hig/js/ Frame 2109 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/themes/hig/js/bootstrap.min.js?ver=4.3.1
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2019 16:12:12 GMT
server
Apache
etag
"e2d8-59417f704a0a1-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
15437
scripts.js
www.hig.ch/wp-content/themes/hig/js/ Frame 2109 		1 KB
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/themes/hig/js/scripts.js?ver=1.0
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
5eb633f74ba99cd4a93706f4d4769e84ffcc47efb35fd858e0e2e559f506d483

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Fri, 04 Oct 2019 16:12:13 GMT
server
Apache
etag
"4a3-59417f705a296-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
540
api.js
www.google.com/recaptcha/ Frame 2109 		884 B
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ley6cUbAAAAANM6mAnDnCBT4t4SYimdT5HyKtDK&ver=3.0
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
aa70f321de228b598c1d3a6c16a10f103c0099f5dbdf3c3f6314f2c8181c5d8b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
583
x-xss-protection
1; mode=block
expires
Tue, 05 Oct 2021 07:52:17 GMT
index.js
www.hig.ch/wp-content/plugins/contact-form-7/modules/recaptcha/ Frame 2109 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4.2
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
ccdcf774bd0fc2383fb9d2b780148d17b2ceb3dbc355db13cc17edfdc1f511f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Fri, 01 Oct 2021 08:47:04 GMT
server
Apache
etag
"739-5cd469b846cca-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
847
wp-embed.min.js
www.hig.ch/wp-includes/js/ Frame 2109 		1 KB
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-includes/js/wp-embed.min.js?ver=5.7.3
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:26:08 GMT
server
Apache
etag
"592-5c5e6b5e5a38c-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
765
wp-emoji-release.min.js
www.hig.ch/wp-includes/js/ Frame 2109 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hig.ch/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
content-encoding
gzip
last-modified
Tue, 29 Jun 2021 12:26:08 GMT
server
Apache
etag
"3795-5c5e6b5e68248-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4662
css
fonts.googleapis.com/ Frame 2109 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,300i,400,400i,600,600i,700,700i&display=swap
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/wp-content/themes/hig/style.css?ver=1633420337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
b7f54cbb69eee5b7853d841af8a556a72233d81fd4c80df3026195476643b9a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 07:38:55 GMT
server
ESF
date
Tue, 05 Oct 2021 07:52:17 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 07:52:17 GMT
anlegerversammlung-1350x1000.jpg
www.hig.ch/wp-content/uploads/2019/10/ Frame 2109 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hig.ch/wp-content/uploads/2019/10/anlegerversammlung-1350x1000.jpg
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
2edaa4e2350cd167e8257869e08290dfb99cb3ac5a9cdb61fa1c5dcfe31a2d00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
last-modified
Fri, 04 Oct 2019 16:22:50 GMT
server
Apache
accept-ranges
bytes
etag
"2044c-594181d080a22"
content-length
132172
content-type
image/jpeg
neue-raeume-black-1500x1000.jpg
www.hig.ch/wp-content/uploads/2021/06/ Frame 2109 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hig.ch/wp-content/uploads/2021/06/neue-raeume-black-1500x1000.jpg
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
01d1e785ca4b48b14db21ff9c052e3b36d31198733da10917d8eb74613325959

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
last-modified
Wed, 30 Jun 2021 07:01:44 GMT
server
Apache
accept-ranges
bytes
etag
"1a14f-5c5f64b936abe"
content-length
106831
content-type
image/jpeg
langfurren-1500x955.jpg
www.hig.ch/wp-content/uploads/2019/08/ Frame 2109 		387 KB
390 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hig.ch/wp-content/uploads/2019/08/langfurren-1500x955.jpg
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
032ca2c3648afaf4c76382edd0eb3b50a8611755a8aab565512528e1358bef69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
last-modified
Fri, 04 Oct 2019 16:22:36 GMT
server
Apache
accept-ranges
bytes
etag
"60d5d-594181c325769"
content-length
396637
content-type
image/jpeg
levant_baustelle-1-1500x1000.jpg
www.hig.ch/wp-content/uploads/2021/07/ Frame 2109 		531 KB
533 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hig.ch/wp-content/uploads/2021/07/levant_baustelle-1-1500x1000.jpg
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
f5239c2c36de230e5ee81a3ac5f8a49b506519cbfbc43baf83c3eff17843ab94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
last-modified
Tue, 13 Jul 2021 12:06:07 GMT
server
Apache
accept-ranges
bytes
etag
"84b0b-5c7001011091f"
content-length
543499
content-type
image/jpeg
Kramgasse-72-1500x997.jpg
www.hig.ch/wp-content/uploads/2019/08/ Frame 2109 		453 KB
453 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hig.ch/wp-content/uploads/2019/08/Kramgasse-72-1500x997.jpg
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
9de89455d0832b493bae8eeaa4cc9c852f25896c7f121172f603cd2ed600f4ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
last-modified
Fri, 04 Oct 2019 16:22:36 GMT
server
Apache
accept-ranges
bytes
etag
"7129f-594181c292092"
content-length
463519
content-type
image/jpeg
FloFleur3-1500x750.jpg
www.hig.ch/wp-content/uploads/2020/01/ Frame 2109 		311 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hig.ch/wp-content/uploads/2020/01/FloFleur3-1500x750.jpg
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
2365b29fe221376ed9cd09199282ea5a80c8ac908efd30daae75356e33835f80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
last-modified
Thu, 26 Mar 2020 11:17:00 GMT
server
Apache
accept-ranges
bytes
etag
"4db18-5a1c01faafc46"
content-length
318232
content-type
image/jpeg
schnitt-wydaeckerring-1414x1000.jpg
www.hig.ch/wp-content/uploads/2019/08/ Frame 2109 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hig.ch/wp-content/uploads/2019/08/schnitt-wydaeckerring-1414x1000.jpg
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
50bdc62b786e3ed66cdc1bc90da689a5462ccb80ed99fc0376c8c3ccb0a4405a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
last-modified
Fri, 04 Oct 2019 16:22:43 GMT
server
Apache
accept-ranges
bytes
etag
"2b6b4-594181c9ffa2d"
content-length
177844
content-type
image/jpeg
iStock-1167882161_bearb-1500x998.jpg
www.hig.ch/wp-content/uploads/2020/08/ Frame 2109 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hig.ch/wp-content/uploads/2020/08/iStock-1167882161_bearb-1500x998.jpg
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
3b1b8ce43607bccf18151c1c42aa8cd0d3754fbb5c222a9cfc27968835051c9f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
last-modified
Fri, 14 Aug 2020 07:06:11 GMT
server
Apache
accept-ranges
bytes
etag
"10be7-5acd10e49d64a"
content-length
68583
content-type
image/jpeg
gesucht-1500x1000.jpg
www.hig.ch/wp-content/uploads/2019/08/ Frame 2109 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hig.ch/wp-content/uploads/2019/08/gesucht-1500x1000.jpg
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
8398ae6c0078eecc3c5c3a03b08f218ed41b23a3531f3d22f145e91cdf7ec1ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
last-modified
Wed, 29 Apr 2020 11:02:38 GMT
server
Apache
accept-ranges
bytes
etag
"1d209-5a46be2e2da03"
content-length
119305
content-type
image/jpeg
anlagestrategie-1500x1000.jpg
www.hig.ch/wp-content/uploads/2019/08/ Frame 2109 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hig.ch/wp-content/uploads/2019/08/anlagestrategie-1500x1000.jpg
Requested by
Host: www.hig.ch
URL: https://www.hig.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.51.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl344.web.hostpoint.ch
Software
Apache /
Resource Hash
9f78d3d84f81102465919d5e7b2bbe31908cfa4143f6b588e6c102ef8d6eb1d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:17 GMT
last-modified
Wed, 29 Apr 2020 11:03:32 GMT
server
Apache
accept-ranges
bytes
etag
"2d15d-5a46be620c3f5"
content-length
184669
content-type
image/jpeg
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 2109 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,300i,400,400i,600,600i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hig.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 09:08:57 GMT
x-content-type-options
nosniff
age
600200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16064
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 09:08:57 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 2109 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,300i,400,400i,600,600i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hig.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 04:26:59 GMT
x-content-type-options
nosniff
age
98718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 04:26:59 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 2109 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,300i,400,400i,600,600i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hig.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
51880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 04 Oct 2022 17:27:37 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame 2109 		346 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ley6cUbAAAAANM6mAnDnCBT4t4SYimdT5HyKtDK&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hig.ch/
Origin
https://www.hig.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:47:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138353
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 04:02:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Wed, 05 Oct 2022 07:47:30 GMT
anchor
www.google.com/recaptcha/api2/ Frame D42F 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley6cUbAAAAANM6mAnDnCBT4t4SYimdT5HyKtDK&co=aHR0cHM6Ly93d3cuaGlnLmNoOjQ0Mw..&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=67k6rbz0ih5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
4906e83349e4837c0abffd948c967b5039e979479dd1bc10d54dcbfbece51e2a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-s/ztmTXNK2e52++pMK3ETQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Ley6cUbAAAAANM6mAnDnCBT4t4SYimdT5HyKtDK&co=aHR0cHM6Ly93d3cuaGlnLmNoOjQ0Mw..&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=67k6rbz0ih5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hig.ch/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hig.ch/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 05 Oct 2021 07:52:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-s/ztmTXNK2e52++pMK3ETQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20322
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame D42F 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley6cUbAAAAANM6mAnDnCBT4t4SYimdT5HyKtDK&co=aHR0cHM6Ly93d3cuaGlnLmNoOjQ0Mw..&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=67k6rbz0ih5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 06:37:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 04:02:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Wed, 05 Oct 2022 06:37:03 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame D42F 		346 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley6cUbAAAAANM6mAnDnCBT4t4SYimdT5HyKtDK&co=aHR0cHM6Ly93d3cuaGlnLmNoOjQ0Mw..&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=67k6rbz0ih5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:47:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138353
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 04:02:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Wed, 05 Oct 2022 07:47:30 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame D42F 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
28cef70df91237002571f751148d45bb126a81b241be56d9f304f7d8706be505
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley6cUbAAAAANM6mAnDnCBT4t4SYimdT5HyKtDK&co=aHR0cHM6Ly93d3cuaGlnLmNoOjQ0Mw..&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=67k6rbz0ih5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:52:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 05 Oct 2021 07:52:18 GMT
reload
www.google.com/recaptcha/api2/ Frame D42F 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Ley6cUbAAAAANM6mAnDnCBT4t4SYimdT5HyKtDK
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
8d9fdd3778e4ed1afc838ba0c9ec46da54f0df9815d7d9e71c3572185f9c376b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ley6cUbAAAAANM6mAnDnCBT4t4SYimdT5HyKtDK&co=aHR0cHM6Ly93d3cuaGlnLmNoOjQ0Mw..&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=invisible&cb=67k6rbz0ih5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 05 Oct 2021 07:52:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16325
x-xss-protection
1; mode=block
expires
Tue, 05 Oct 2021 07:52:18 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Outlook Web Access (Online)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| initLogon function| redir function| shw function| hd function| clkSecExp function| kdSecExp function| clkSec function| clkBsc function| checkSubmit function| clkLgn function| clkRtry function| clkReLgn function| gbid function| IsOwaPremiumBrowser function| hres function| LogoffMime function| addPerfMarker number| a_fRC number| g_fFcs number| a_fLOff number| a_fCAC number| a_fEnbSMm function| IsMimeCtlInst function| RndMimeCtl object| mainLogonDiv boolean| showPlaceholderText string| mainLogonDivClassName function| setPlaceholderText function| showPasswordClick object| input

3 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AHXV0NPy1vGOMrJ7Qo1iHcN_7eucu598ReMTuy5kBtR5CpWUMb8fzYWxpBN_RPGbrMBMBM-df6NLMYtcH1ek07Y
summary.magicmoving.co.ke/ Name: PHPSESSID
Value: 0e4492b3551c279767e12564979a47ac
summary.magicmoving.co.ke/ Name: cookieTest
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://summary.magicmoving.co.ke/owa/auth/15.1.2242/themes/resources/segoeui-regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ixoraprime.in
summary.magicmoving.co.ke
www.google.com
www.gstatic.com
www.hig.ch
142.250.184.202
142.250.184.228
142.250.185.227
142.250.186.99
148.72.215.4
217.26.51.21
67.225.192.145
01d1e785ca4b48b14db21ff9c052e3b36d31198733da10917d8eb74613325959
032ca2c3648afaf4c76382edd0eb3b50a8611755a8aab565512528e1358bef69
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
2365b29fe221376ed9cd09199282ea5a80c8ac908efd30daae75356e33835f80
24c74da09956e3d280ab990629e9df52336bc220eba3af23c9e35f7d7f0adb11
24fbf98a0312aa6db3b49c6d8e2ba9d2ae8d316bbb2f731b327f45ab23e07dda
28cef70df91237002571f751148d45bb126a81b241be56d9f304f7d8706be505
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2edaa4e2350cd167e8257869e08290dfb99cb3ac5a9cdb61fa1c5dcfe31a2d00
3b1b8ce43607bccf18151c1c42aa8cd0d3754fbb5c222a9cfc27968835051c9f
4906e83349e4837c0abffd948c967b5039e979479dd1bc10d54dcbfbece51e2a
4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a
50bdc62b786e3ed66cdc1bc90da689a5462ccb80ed99fc0376c8c3ccb0a4405a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5eb633f74ba99cd4a93706f4d4769e84ffcc47efb35fd858e0e2e559f506d483
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
636a6537391643a6039341feb196bb697ea8050dccc9e4d44de69e498411253b
6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a
695c76b7e5594cc7afb850eecef1820069bf7b90004ad4be170d70312b39746c
8398ae6c0078eecc3c5c3a03b08f218ed41b23a3531f3d22f145e91cdf7ec1ee
8d9fdd3778e4ed1afc838ba0c9ec46da54f0df9815d7d9e71c3572185f9c376b
8e6630390ef512b8785eac0eac76219d07d16c69f68760f0e3677e9b7348f1e3
9de89455d0832b493bae8eeaa4cc9c852f25896c7f121172f603cd2ed600f4ee
9f78d3d84f81102465919d5e7b2bbe31908cfa4143f6b588e6c102ef8d6eb1d7
a7c14ee84d81a536a4cd54e3a144f388f2174a4a5c409ae118ea49f0da6b4aa6
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa70f321de228b598c1d3a6c16a10f103c0099f5dbdf3c3f6314f2c8181c5d8b
b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980
b7f54cbb69eee5b7853d841af8a556a72233d81fd4c80df3026195476643b9a6
ccdcf774bd0fc2383fb9d2b780148d17b2ceb3dbc355db13cc17edfdc1f511f3
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b
dfbaefe4eaf32b301139001c293fe479092312ae822036531fc5e73eaba74bd4
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
ef8dd4bf5f7426f09e3c007607dfd0b4f9e4b0a9f8e71116faab4a66182fe34e
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
f5239c2c36de230e5ee81a3ac5f8a49b506519cbfbc43baf83c3eff17843ab94
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fbefbec9195c7a222e896bc45b0afa18af494fdc038c0977cefe1401efc64be2