urlscan.io logo urlscan.io
SecurityTrails logo

antispam1.xefi.ch Open in urlscan Pro
185.104.175.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://antispam1.xefi.ch/
Effective URL: https://antispam1.xefi.ch/
Submission Tags: falconsandbox
Submission: On July 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 25 HTTP transactions. The main IP is 185.104.175.10, located in France and belongs to XEFI, FR. The main domain is antispam1.xefi.ch.
TLS certificate: Issued by Thawte TLS RSA CA G1 on July 20th 2020. Valid for: 2 years.
This is the only time antispam1.xefi.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 185.104.175.10 198330 (XEFI)
5 2620:1ec:48::44 8068 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
25 5
12    185.104.175.10 (France)

ASN198330 (XEFI, FR)
PTR: antispam1.xefi.ch
antispam1.xefi.ch
5    2620:1ec:48::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cdn.mailinblack.com
4    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
12 xefi.ch
antispam1.xefi.ch
3 MB
5 gstatic.com
www.gstatic.com
864 KB
5 mailinblack.com
cdn.mailinblack.com
336 KB
4 google.com
www.google.com
22 KB
25 4
Domain Requested by
12 antispam1.xefi.ch 1 redirects antispam1.xefi.ch
5 www.gstatic.com www.google.com
5 cdn.mailinblack.com antispam1.xefi.ch
cdn.mailinblack.com
4 www.google.com antispam1.xefi.ch
www.gstatic.com
25 4

This site contains no links.

Subject Issuer Validity Valid
*.xefi.ch
Thawte TLS RSA CA G1		 2020-07-20 -
2022-07-20		 2 years crt.sh
cdn.mailinblack.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-03 -
2022-06-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://antispam1.xefi.ch/
Frame ID: 36A6EF04CC4E989D8C56EC3930F30FD2
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdymkwUAAAAAHD8OuwC68Arv6oz4wmAcTl7dvoL&co=aHR0cHM6Ly9hbnRpc3BhbTEueGVmaS5jaDo0NDM.&hl=en&type=image&v=TbD3vPFlUWKZD-9L4ZxB0HJI&theme=light&size=normal&cb=4bdh81s7xyci
Frame ID: FC98EC21A885D2D8ED4C9B5020733F59
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LdymkwUAAAAAHD8OuwC68Arv6oz4wmAcTl7dvoL&cb=ti4sg9puoa5t
Frame ID: 745CE27E367E770FFF078C711E3DDE38
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://antispam1.xefi.ch/ HTTP 301
    https://antispam1.xefi.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

25
Requests

100 %
HTTPS

80 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

4678 kB
Transfer

15600 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://antispam1.xefi.ch/ HTTP 301
    https://antispam1.xefi.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
antispam1.xefi.ch/
Redirect Chain
  • http://antispam1.xefi.ch/
  • https://antispam1.xefi.ch/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://antispam1.xefi.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.104.175.10 , France, ASN198330 (XEFI, FR),
Reverse DNS
antispam1.xefi.ch
Software
nginx /
Resource Hash
546a00dd60a15d11067ba26861d2343d200dfdb46876d2e279ae12bb2fded08a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
antispam1.xefi.ch
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 12 Jul 2021 13:29:19 GMT
content-type
text/html
last-modified
Wed, 23 Sep 2020 10:10:27 GMT
etag
W/"5f6b1f13-946"
expires
Mon, 12 Jul 2021 13:34:19 GMT
cache-control
max-age=300 public
pragma
public
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains;
x-xss-protection
1; mode=block
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 12 Jul 2021 13:29:19 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
https://antispam1.xefi.ch/
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000; includeSubdomains;
X-XSS-Protection
1; mode=block
all.css
cdn.mailinblack.com/font-awesome/css/ 		96 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mailinblack.com/font-awesome/css/all.css
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
902101cf2f8e9a2966e432ce970c1ec93d7828c5663f376737e3501b0b174454

Request headers

Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 12 Jul 2021 13:29:19 GMT
content-encoding
br
last-modified
Thu, 14 Mar 2019 12:58:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
dWkVyEoFxxJM0LyJb8kEjg==
etag
0x8D6A87CC5D3FF12
x-azure-ref
0r0PsYAAAAAC7LxlUMbdnTraJrxv0vrUJTE9OMjFFREdFMTUyMABlOWZmOWIzNi1hZjNkLTQxNTAtYmFhNy1hYWVkZjZjNGYwZDk=
x-cache
TCP_HIT
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
03d03f18-d01e-0146-2325-7640a0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
vendor-bundle-e9029a52062d56edb82b.js
antispam1.xefi.ch/js/ 		11 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://antispam1.xefi.ch/js/vendor-bundle-e9029a52062d56edb82b.js
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.104.175.10 , France, ASN198330 (XEFI, FR),
Reverse DNS
antispam1.xefi.ch
Software
nginx /
Resource Hash
03390b8315a3206fb7e13c2ae2264aadcac5c45d81f2630f5f52a32d3d065395
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/vendor-bundle-e9029a52062d56edb82b.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
antispam1.xefi.ch
referer
https://antispam1.xefi.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 12 Jul 2021 13:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Sep 2020 10:10:28 GMT
server
nginx
etag
W/"5f6b1f14-b7df84"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=300 public
strict-transport-security
max-age=63072000; includeSubdomains;
x-xss-protection
1; mode=block
expires
Mon, 12 Jul 2021 13:34:19 GMT
app-bundle-e9e9a9ea77cb0f56b2c4.js
antispam1.xefi.ch/js/ 		2 MB
347 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://antispam1.xefi.ch/js/app-bundle-e9e9a9ea77cb0f56b2c4.js
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.104.175.10 , France, ASN198330 (XEFI, FR),
Reverse DNS
antispam1.xefi.ch
Software
nginx /
Resource Hash
26a500607441acfec655000a9eaa5ab149d4e101661966038c13ed7fb96e35c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/js/app-bundle-e9e9a9ea77cb0f56b2c4.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
antispam1.xefi.ch
referer
https://antispam1.xefi.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 12 Jul 2021 13:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Sep 2020 10:10:27 GMT
server
nginx
etag
W/"5f6b1f13-1b570d"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=300 public
strict-transport-security
max-age=63072000; includeSubdomains;
x-xss-protection
1; mode=block
expires
Mon, 12 Jul 2021 13:34:19 GMT
customStyle
antispam1.xefi.ch/app/ 		204 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://antispam1.xefi.ch/app/customStyle
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.104.175.10 , France, ASN198330 (XEFI, FR),
Reverse DNS
antispam1.xefi.ch
Software
nginx /
Resource Hash
13098c1f656ea073f352602960648775e1eeaa836839b6c1c829b1ee6e8a6a17
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

:path
/app/customStyle
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
antispam1.xefi.ch
referer
https://antispam1.xefi.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 13:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff nosniff
server
nginx
x-frame-options
DENY SAMEORIGIN
content-type
text/css;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
strict-transport-security
max-age=63072000; includeSubdomains;
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-xss-protection
1; mode=block 1; mode=block
trackingEnabled
antispam1.xefi.ch/app/api/v1.0/features/ 		5 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://antispam1.xefi.ch/app/api/v1.0/features/trackingEnabled
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.104.175.10 , France, ASN198330 (XEFI, FR),
Reverse DNS
antispam1.xefi.ch
Software
nginx /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

:path
/app/api/v1.0/features/trackingEnabled
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
antispam1.xefi.ch
referer
https://antispam1.xefi.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 13:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff nosniff
server
nginx
x-frame-options
DENY SAMEORIGIN
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
strict-transport-security
max-age=63072000; includeSubdomains;
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Origin Access-Control-Request-Method Access-Control-Request-Headers
x-xss-protection
1; mode=block 1; mode=block
restricted.html
antispam1.xefi.ch/as-app/pages/authentication/restricted/ 		792 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://antispam1.xefi.ch/as-app/pages/authentication/restricted/restricted.html
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/js/vendor-bundle-e9029a52062d56edb82b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.104.175.10 , France, ASN198330 (XEFI, FR),
Reverse DNS
antispam1.xefi.ch
Software
nginx /
Resource Hash
0e9ced622604cdf054a8e3c46093c8e533bfc5cef12660da6f947196bad08c00
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/as-app/pages/authentication/restricted/restricted.html
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
antispam1.xefi.ch
referer
https://antispam1.xefi.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 12 Jul 2021 13:29:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Sep 2020 10:10:26 GMT
server
nginx
etag
W/"5f6b1f12-318"
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
max-age=300 public
strict-transport-security
max-age=63072000; includeSubdomains;
x-xss-protection
1; mode=block
expires
Mon, 12 Jul 2021 13:34:20 GMT
login.html
antispam1.xefi.ch/as-app/pages/authentication/login/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://antispam1.xefi.ch/as-app/pages/authentication/login/login.html
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/js/vendor-bundle-e9029a52062d56edb82b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.104.175.10 , France, ASN198330 (XEFI, FR),
Reverse DNS
antispam1.xefi.ch
Software
nginx /
Resource Hash
307963ff1bff94d2a3f9291f3184b710a8966a929dca1605f833bf94f681f90e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/as-app/pages/authentication/login/login.html
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
antispam1.xefi.ch
referer
https://antispam1.xefi.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 12 Jul 2021 13:29:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Sep 2020 10:10:26 GMT
server
nginx
etag
W/"5f6b1f12-172e"
x-frame-options
SAMEORIGIN
content-type
text/html
cache-control
max-age=300 public
strict-transport-security
max-age=63072000; includeSubdomains;
x-xss-protection
1; mode=block
expires
Mon, 12 Jul 2021 13:34:20 GMT
EN.json
antispam1.xefi.ch/assets/i18n/authentication/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://antispam1.xefi.ch/assets/i18n/authentication/EN.json
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/js/vendor-bundle-e9029a52062d56edb82b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.104.175.10 , France, ASN198330 (XEFI, FR),
Reverse DNS
antispam1.xefi.ch
Software
nginx /
Resource Hash
d00e38b9fa9d8e65340d9f9627e4c923cca7c528a338be60636c95167210b4e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/i18n/authentication/EN.json
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
antispam1.xefi.ch
referer
https://antispam1.xefi.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 12 Jul 2021 13:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Sep 2020 10:10:27 GMT
server
nginx
etag
W/"5f6b1f13-f76"
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
max-age=300 public
strict-transport-security
max-age=63072000; includeSubdomains;
x-xss-protection
1; mode=block
expires
Mon, 12 Jul 2021 13:34:21 GMT
EN.json
antispam1.xefi.ch/assets/i18n/authentication/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://antispam1.xefi.ch/assets/i18n/authentication/EN.json
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/js/vendor-bundle-e9029a52062d56edb82b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.104.175.10 , France, ASN198330 (XEFI, FR),
Reverse DNS
antispam1.xefi.ch
Software
nginx /
Resource Hash
d00e38b9fa9d8e65340d9f9627e4c923cca7c528a338be60636c95167210b4e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/i18n/authentication/EN.json
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
antispam1.xefi.ch
referer
https://antispam1.xefi.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 12 Jul 2021 13:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Sep 2020 10:10:27 GMT
server
nginx
etag
W/"5f6b1f13-f76"
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
max-age=300 public
strict-transport-security
max-age=63072000; includeSubdomains;
x-xss-protection
1; mode=block
expires
Mon, 12 Jul 2021 13:34:21 GMT
EN.json
antispam1.xefi.ch/assets/i18n/layoutLogout/ 		683 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://antispam1.xefi.ch/assets/i18n/layoutLogout/EN.json
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/js/vendor-bundle-e9029a52062d56edb82b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.104.175.10 , France, ASN198330 (XEFI, FR),
Reverse DNS
antispam1.xefi.ch
Software
nginx /
Resource Hash
21a80e0d668670364cfdc84223f1d9a7e0fd78a459587c0105283b4369f04017
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/assets/i18n/layoutLogout/EN.json
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
antispam1.xefi.ch
referer
https://antispam1.xefi.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 12 Jul 2021 13:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Sep 2020 10:10:27 GMT
server
nginx
etag
W/"5f6b1f13-2ab"
x-frame-options
SAMEORIGIN
content-type
application/json
cache-control
max-age=300 public
strict-transport-security
max-age=63072000; includeSubdomains;
x-xss-protection
1; mode=block
expires
Mon, 12 Jul 2021 13:34:21 GMT
api.js
www.google.com/recaptcha/ 		922 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=explicit
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/js/vendor-bundle-e9029a52062d56edb82b.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f31b8394c708300f81b0c88f0c1f4da4ec0763226e25b443dc0c373fcc7591cd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 13:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
589
x-xss-protection
1; mode=block
expires
Mon, 12 Jul 2021 13:29:21 GMT
getAzureSso
antispam1.xefi.ch/app/api/v1.0/utils/ 		2 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://antispam1.xefi.ch/app/api/v1.0/utils/getAzureSso
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/js/vendor-bundle-e9029a52062d56edb82b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.104.175.10 , France, ASN198330 (XEFI, FR),
Reverse DNS
antispam1.xefi.ch
Software
nginx /
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff nosniff
X-Frame-Options DENY SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

:path
/app/api/v1.0/utils/getAzureSso
pragma
no-cache
cookie
language=EN
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
antispam1.xefi.ch
referer
https://antispam1.xefi.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 13:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff nosniff
server
nginx
x-frame-options
DENY SAMEORIGIN
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
strict-transport-security
max-age=63072000; includeSubdomains;
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Origin Access-Control-Request-Method Access-Control-Request-Headers
x-xss-protection
1; mode=block 1; mode=block
xefi-mailinblack.svg
cdn.mailinblack.com/white-mark/xefi/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mailinblack.com/white-mark/xefi/xefi-mailinblack.svg
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/app/customStyle
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f7ceca59ef1f5a22534e486725ff113cb3f7eeeca8e3a71b31c975dada4305a

Request headers

Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 12 Jul 2021 13:29:20 GMT
content-encoding
br
last-modified
Thu, 08 Aug 2019 08:37:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
4kUna3uzKr9yBNGBhhbF5w==
etag
0x8D71BDBAE3CFC7C
x-azure-ref
0sUPsYAAAAADS0XCIfKaISIq3F4Apwje7TE9OMjFFREdFMTUyMABlOWZmOWIzNi1hZjNkLTQxNTAtYmFhNy1hYWVkZjZjNGYwZDk=
x-cache
TCP_HIT
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
cbdcbcd8-f01e-002c-770e-776685000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
OpenSans-Regular.ttf
cdn.mailinblack.com/cdn/v1/fonts/ 		212 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.mailinblack.com/cdn/v1/fonts/OpenSans-Regular.ttf
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee

Request headers

Origin
https://antispam1.xefi.ch
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 12 Jul 2021 13:29:20 GMT
content-encoding
br
last-modified
Mon, 20 May 2019 13:51:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
YppVp+eT2gaNxYDRhMwOMQ==
etag
0x8D6DD2A35ED0A73
x-azure-ref
0sUPsYAAAAADXPyXOW/K9SpuG9jdw8+POTE9OMjFFREdFMDEyMQBlOWZmOWIzNi1hZjNkLTQxNTAtYmFhNy1hYWVkZjZjNGYwZDk=
x-cache
TCP_HIT
content-type
application/font-sfnt
access-control-allow-origin
*
x-ms-request-id
2fdcae9b-f01e-0003-05a8-766b4e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
fa-light-300.woff2
cdn.mailinblack.com/font-awesome/webfonts/ 		153 KB
154 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.mailinblack.com/font-awesome/webfonts/fa-light-300.woff2
Requested by
Host: cdn.mailinblack.com
URL: https://cdn.mailinblack.com/font-awesome/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
99bbc5cbd07c3d36c28f1a02bc0f1e7e7f3f4423ec93f07a13ffc884b8aa1a34

Request headers

Origin
https://antispam1.xefi.ch
Referer
https://cdn.mailinblack.com/font-awesome/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 12 Jul 2021 13:29:20 GMT
last-modified
Thu, 14 Mar 2019 13:02:18 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Z1V+w+Vd47um3zVi2tR66Q==
etag
0x8D6A87D4A0FC00B
x-azure-ref
0sUPsYAAAAABRTbe79Pt5SZcc/CGl83UHTE9OMjFFREdFMDEyMQBlOWZmOWIzNi1hZjNkLTQxNTAtYmFhNy1hYWVkZjZjNGYwZDk=
x-cache
TCP_HIT
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
50bd881a-b01e-00ab-5d0b-76f5e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
content-length
156980
OpenSans-Semibold.ttf
cdn.mailinblack.com/cdn/v1/fonts/ 		216 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.mailinblack.com/cdn/v1/fonts/OpenSans-Semibold.ttf
Requested by
Host: antispam1.xefi.ch
URL: https://antispam1.xefi.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aa3b0ef53db12e3d45094030cac0e69d384e44cc5978643dd4390041cad546e2

Request headers

Origin
https://antispam1.xefi.ch
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 12 Jul 2021 13:29:20 GMT
content-encoding
br
last-modified
Mon, 20 May 2019 13:51:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
M/IluPX31rNKCSb1j5bB6Q==
etag
0x8D6DD2A35AAEC76
x-azure-ref
0sUPsYAAAAAC8Ah5736mjRaRPgGGZYKxXTE9OMjFFREdFMDEyMQBlOWZmOWIzNi1hZjNkLTQxNTAtYmFhNy1hYWVkZjZjNGYwZDk=
x-cache
TCP_HIT
content-type
application/font-sfnt
access-control-allow-origin
*
x-ms-request-id
2d20dc11-201e-0072-4a10-768d65000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 		341 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=ngx_captcha_onload_callback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://antispam1.xefi.ch
Referer
https://antispam1.xefi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 13:29:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135961
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 13:29:20 GMT
anchor
www.google.com/recaptcha/api2/ Frame FC98 		40 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdymkwUAAAAAHD8OuwC68Arv6oz4wmAcTl7dvoL&co=aHR0cHM6Ly9hbnRpc3BhbTEueGVmaS5jaDo0NDM.&hl=en&type=image&v=TbD3vPFlUWKZD-9L4ZxB0HJI&theme=light&size=normal&cb=4bdh81s7xyci
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8f106211b389b88b622b4196aad685e204e7cbc139be2bdad93727d7a3df1bce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wOpLabT3SQqjpceJqhYSUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdymkwUAAAAAHD8OuwC68Arv6oz4wmAcTl7dvoL&co=aHR0cHM6Ly9hbnRpc3BhbTEueGVmaS5jaDo0NDM.&hl=en&type=image&v=TbD3vPFlUWKZD-9L4ZxB0HJI&theme=light&size=normal&cb=4bdh81s7xyci
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://antispam1.xefi.ch/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://antispam1.xefi.ch/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 12 Jul 2021 13:29:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-wOpLabT3SQqjpceJqhYSUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20576
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame FC98 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdymkwUAAAAAHD8OuwC68Arv6oz4wmAcTl7dvoL&co=aHR0cHM6Ly9hbnRpc3BhbTEueGVmaS5jaDo0NDM.&hl=en&type=image&v=TbD3vPFlUWKZD-9L4ZxB0HJI&theme=light&size=normal&cb=4bdh81s7xyci
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 12:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 12:57:44 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame FC98 		341 KB
341 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdymkwUAAAAAHD8OuwC68Arv6oz4wmAcTl7dvoL&co=aHR0cHM6Ly9hbnRpc3BhbTEueGVmaS5jaDo0NDM.&hl=en&type=image&v=TbD3vPFlUWKZD-9L4ZxB0HJI&theme=light&size=normal&cb=4bdh81s7xyci
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 11:44:13 GMT
x-content-type-options
nosniff
age
6308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
348721
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 11:44:13 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame FC98 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdymkwUAAAAAHD8OuwC68Arv6oz4wmAcTl7dvoL&co=aHR0cHM6Ly9hbnRpc3BhbTEueGVmaS5jaDo0NDM.&hl=en&type=image&v=TbD3vPFlUWKZD-9L4ZxB0HJI&theme=light&size=normal&cb=4bdh81s7xyci
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 13:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 12 Jul 2021 13:29:21 GMT
bframe
www.google.com/recaptcha/api2/ Frame 745C 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LdymkwUAAAAAHD8OuwC68Arv6oz4wmAcTl7dvoL&cb=ti4sg9puoa5t
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5ac821532b64d3bc5b13fe20042065693b7e4894dc16e634928f63c64406ce1e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4G98nQuXQQQuNQ0UKr72WQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LdymkwUAAAAAHD8OuwC68Arv6oz4wmAcTl7dvoL&cb=ti4sg9puoa5t
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://antispam1.xefi.ch/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://antispam1.xefi.ch/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 12 Jul 2021 13:29:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-4G98nQuXQQQuNQ0UKr72WQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1113
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 745C 		52 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LdymkwUAAAAAHD8OuwC68Arv6oz4wmAcTl7dvoL&cb=ti4sg9puoa5t
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 12:57:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 12:57:44 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ Frame 745C 		341 KB
341 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=TbD3vPFlUWKZD-9L4ZxB0HJI&k=6LdymkwUAAAAAHD8OuwC68Arv6oz4wmAcTl7dvoL&cb=ti4sg9puoa5t
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 11:44:13 GMT
x-content-type-options
nosniff
age
6308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
348721
x-xss-protection
0
last-modified
Mon, 28 Jun 2021 04:05:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Jul 2022 11:44:13 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
antispam1.xefi.ch/ Name: NG_TRANSLATE_LANG_KEY
Value: EN
antispam1.xefi.ch/ Name: language
Value: EN

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

antispam1.xefi.ch
cdn.mailinblack.com
www.google.com
www.gstatic.com
185.104.175.10
2620:1ec:48::44
2a00:1450:4001:808::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
03390b8315a3206fb7e13c2ae2264aadcac5c45d81f2630f5f52a32d3d065395
0e9ced622604cdf054a8e3c46093c8e533bfc5cef12660da6f947196bad08c00
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
13098c1f656ea073f352602960648775e1eeaa836839b6c1c829b1ee6e8a6a17
21a80e0d668670364cfdc84223f1d9a7e0fd78a459587c0105283b4369f04017
26a500607441acfec655000a9eaa5ab149d4e101661966038c13ed7fb96e35c9
307963ff1bff94d2a3f9291f3184b710a8966a929dca1605f833bf94f681f90e
546a00dd60a15d11067ba26861d2343d200dfdb46876d2e279ae12bb2fded08a
5ac821532b64d3bc5b13fe20042065693b7e4894dc16e634928f63c64406ce1e
5dfdffa77335a103ec942c9384df984b5d38a267d619ee0ac3a045b766bbf2d5
5f7ceca59ef1f5a22534e486725ff113cb3f7eeeca8e3a71b31c975dada4305a
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
8f106211b389b88b622b4196aad685e204e7cbc139be2bdad93727d7a3df1bce
902101cf2f8e9a2966e432ce970c1ec93d7828c5663f376737e3501b0b174454
99bbc5cbd07c3d36c28f1a02bc0f1e7e7f3f4423ec93f07a13ffc884b8aa1a34
aa3b0ef53db12e3d45094030cac0e69d384e44cc5978643dd4390041cad546e2
d00e38b9fa9d8e65340d9f9627e4c923cca7c528a338be60636c95167210b4e2
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
f31b8394c708300f81b0c88f0c1f4da4ec0763226e25b443dc0c373fcc7591cd
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa