urlscan.io logo urlscan.io
SecurityTrails logo

omno.ai Open in urlscan Pro
107.180.4.163  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rbzbzrebrebrebvczv.xclusivethemes.com/?ebebbrebrbrererbbr.at
Effective URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Submission: On October 21 via manual from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 29 HTTP transactions. The main IP is 107.180.4.163, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is omno.ai.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on July 25th 2021. Valid for: 3 months.
This is the only time omno.ai was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Cembra (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 192.254.216.47 46606 (UNIFIEDLA...)
5 107.180.4.163 26496 (AS-26496-...)
2 193.223.58.7 3303 (SWISSCOM ...)
6 193.222.93.232 3303 (SWISSCOM ...)
2 18 193.223.58.9 3303 (SWISSCOM ...)
29 4
1    192.254.216.47 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-216-47.unifiedlayer.com
rbzbzrebrebrebvczv.xclusivethemes.com
5    107.180.4.163 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-4-163.ip.secureserver.net
omno.ai
2    193.223.58.7 (Switzerland)

ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)
www2.cembra.ch
6    193.222.93.232 (Switzerland)

ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)
eservice.cembra.ch
18    193.223.58.9 (Switzerland)

ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)
www.cembra.ch
Apex Domain
Subdomains		 Transfer
26 cembra.ch
www2.cembra.ch
eservice.cembra.ch
www.cembra.ch
549 KB
5 omno.ai
omno.ai
43 KB
1 xclusivethemes.com
rbzbzrebrebrebvczv.xclusivethemes.com
257 B
29 3
Domain Requested by
18 www.cembra.ch 2 redirects omno.ai
www.cembra.ch
6 eservice.cembra.ch omno.ai
5 omno.ai omno.ai
2 www2.cembra.ch omno.ai
1 rbzbzrebrebrebvczv.xclusivethemes.com 1 redirects
29 5

This site contains links to these domains. Also see Links.

Domain
faq.cembra.ch
www.cembra.ch
Subject Issuer Validity Valid
omno.ai
ZeroSSL RSA Domain Secure Site CA		 2021-07-25 -
2021-10-23		 3 months crt.sh
www2.cembra.ch
SwissSign EV Gold CA 2014 - G22		 2020-05-27 -
2022-05-27		 2 years crt.sh
eservice.cembra.ch
SwissSign EV Gold CA 2014 - G22		 2020-07-07 -
2022-07-07		 2 years crt.sh
www.cembra.ch
SwissSign EV Gold CA 2014 - G22		 2021-08-09 -
2022-08-09		 a year crt.sh

This page contains 3 frames:

Primary Page: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Frame ID: 12870B56642C77CCA5B26C1F6984DA50
Requests: 13 HTTP requests in this frame

Frame: https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
Frame ID: 366E951E1784758F0C4DE4D9F71A28F0
Requests: 6 HTTP requests in this frame

Frame: https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
Frame ID: 29170B877C50AE7A47EAB296ACD72B3C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cembra Money Bank

Page URL History Show full URLs

  1. http://rbzbzrebrebrebvczv.xclusivethemes.com/?ebebbrebrbrererbbr.at HTTP 302
    https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

592 kB
Transfer

1284 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rbzbzrebrebrebvczv.xclusivethemes.com/?ebebbrebrbrererbbr.at HTTP 302
    https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.cembra.ch/en/Login/ServiceMessage HTTP 301
  • https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
Request Chain 11
  • https://www.cembra.ch/en/Login/ServiceCarousel HTTP 301
  • https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
omno.ai/ev/cembra/
Redirect Chain
  • http://rbzbzrebrebrebvczv.xclusivethemes.com/?ebebbrebrbrererbbr.at
  • https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.163 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-163.ip.secureserver.net
Software
Apache / PHP/7.2.34
Resource Hash
8caef52c9ea060bd9d2c3255953562c6195902a89ef58f062ffd160c42c3ca1b

Request headers

:method
GET
:authority
omno.ai
:scheme
https
:path
/ev/cembra/?ebebbrebrbrererbbr.at
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-powered-by
PHP/7.2.34
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=8ef30018f05045e345e4e9e412c6e319; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
2849
content-type
text/html; charset=UTF-8
date
Thu, 21 Oct 2021 12:23:10 GMT
server
Apache

Redirect headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Server
Apache
Location
https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Content-Length
319
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
bootstrap-btn.css
omno.ai/ev/cembra/webdata/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omno.ai/ev/cembra/webdata/css/bootstrap-btn.css
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.163 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-163.ip.secureserver.net
Software
Apache /
Resource Hash
303153fd3190424edefc38d1299436b9d0fd4937800c764e15dc042bcbdaed70

Request headers

:path
/ev/cembra/webdata/css/bootstrap-btn.css
pragma
no-cache
cookie
PHPSESSID=8ef30018f05045e345e4e9e412c6e319
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
omno.ai
referer
https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 12:23:10 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 05:27:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
1626
expires
Fri, 21 Oct 2022 12:23:10 GMT
bootstrap.min.css
omno.ai/ev/cembra/webdata/css/ 		100 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omno.ai/ev/cembra/webdata/css/bootstrap.min.css
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.163 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-163.ip.secureserver.net
Software
Apache /
Resource Hash
4c055705148a1cea78bbce18b53c5b3e9d1f2b47f0d14c20cbc0038ada3706b4

Request headers

:path
/ev/cembra/webdata/css/bootstrap.min.css
pragma
no-cache
cookie
PHPSESSID=8ef30018f05045e345e4e9e412c6e319
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
omno.ai
referer
https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 12:23:10 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 05:27:50 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
16797
expires
Fri, 21 Oct 2022 12:23:10 GMT
default.css
omno.ai/ev/cembra/webdata/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://omno.ai/ev/cembra/webdata/css/default.css
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.163 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-163.ip.secureserver.net
Software
Apache /
Resource Hash
1cacee95e4e39d2e37977f1da84b1c27a6d6f11944dfe776f919cbe9f923458c

Request headers

:path
/ev/cembra/webdata/css/default.css
pragma
no-cache
cookie
PHPSESSID=8ef30018f05045e345e4e9e412c6e319
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
omno.ai
referer
https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 12:23:10 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 05:34:28 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3942
expires
Fri, 21 Oct 2022 12:23:10 GMT
cookie.css
www2.cembra.ch/ext/gdpr/ 		885 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www2.cembra.ch/ext/gdpr/cookie.css
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.7 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
eb912f81fedf4a184718e1869c3d722624a291df92fb16b14ed30ca950c62488

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Last-Modified
Fri, 09 Nov 2018 14:54:03 GMT
Server
Apache
ETag
"14320f-375-57a3c85bce481"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
885
jquery-1.11.0.min.js
eservice.cembra.ch/login/resources/nevislogrend/applications/EService/webdata/scripts/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eservice.cembra.ch/login/resources/nevislogrend/applications/EService/webdata/scripts/jquery-1.11.0.min.js
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.222.93.232 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=10
Content-Length
96381
Expires
Thu, 21 Oct 2021 12:26:30 GMT
bootstrap.min.js
eservice.cembra.ch/login/resources/nevislogrend/applications/EService/webdata/scripts/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eservice.cembra.ch/login/resources/nevislogrend/applications/EService/webdata/scripts/bootstrap.min.js
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.222.93.232 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
3e460b21839bf49543aeac626269114e5bc49092a516d7e94da7dbaee582bfd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Server
Apache
Content-Type
application/javascript
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=10
Content-Length
27832
Expires
Thu, 21 Oct 2021 12:26:30 GMT
mobileactivation.js
eservice.cembra.ch/login/resources/nevislogrend/applications/EService/webdata/scripts/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eservice.cembra.ch/login/resources/nevislogrend/applications/EService/webdata/scripts/mobileactivation.js
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.222.93.232 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
ec2d729a36361a55b0c3777db4da4bfdde53dd7c674841049998baad74becbd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Server
Apache
Connection
Keep-Alive
Content-Type
application/x-javascript;charset=UTF-8
Keep-Alive
timeout=5, max=10
Content-Length
5166
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie.js
www2.cembra.ch/ext/gdpr/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www2.cembra.ch/ext/gdpr/cookie.js
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.7 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
aa10a9064163c761b3581562188bf7975d0ecbf277cd5811aecd457e01a7d580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Last-Modified
Fri, 09 Nov 2018 14:54:03 GMT
Server
Apache
ETag
"143210-1539-57a3c85bce481"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
5433
cembra-money-bank.jpg
eservice.cembra.ch/login/resources/nevislogrend/applications/EService/webdata/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eservice.cembra.ch/login/resources/nevislogrend/applications/EService/webdata/images/cembra-money-bank.jpg
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.222.93.232 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
ce0392488bdaf30d30425a7459ed5c3d0da132ec5d6ef14150a3d9aa24e5fdc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=9
Content-Length
15987
Expires
Thu, 21 Oct 2021 12:26:30 GMT
loading.gif
eservice.cembra.ch/login/resources/nevislogrend/applications/EService/webdata/images/ 		771 B
1015 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eservice.cembra.ch/login/resources/nevislogrend/applications/EService/webdata/images/loading.gif
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.222.93.232 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=9
Content-Length
771
Expires
Thu, 21 Oct 2021 12:26:30 GMT
Cookie set /
www.cembra.ch/en/Login/ServiceMessage/ Frame 366E
Redirect Chain
  • https://www.cembra.ch/en/Login/ServiceMessage
  • https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
4bc095fb6e9dbd94c57aa43b425cd385a37f08d18a2894aa7437a5da17a574dc

Request headers

Host
www.cembra.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://omno.ai/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Set-Cookie
ASP.NET_SessionId=zab1ywkgr3xj11fhihc5x3e0; domain=.cembra.ch; path=/; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=13e2e50799674566a659ef0c8909cc15; domain=.cembra.ch; expires=Tue, 21-Oct-2031 12:23:11 GMT; path=/; HttpOnly SC_ANALYTICS_SESSION_COOKIE=00839C601AB441758A0D9077C525BDFC|1|zab1ywkgr3xj11fhihc5x3e0; domain=.cembra.ch; path=/; HttpOnly
Date
Thu, 21 Oct 2021 12:23:10 GMT
Content-Length
988

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
Date
Thu, 21 Oct 2021 12:23:10 GMT
Content-Length
185
Cookie set ServiceCarousel
www.cembra.ch/en/Login/ Frame 2917
Redirect Chain
  • https://www.cembra.ch/en/Login/ServiceCarousel
  • https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/?ebebbrebrbrererbbr.at
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
3ce651c73cd884a369485285b2c2375be0d96ddb04c200f31b75c45da8bd5709

Request headers

Host
www.cembra.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://omno.ai/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/

Response headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Set-Cookie
ASP.NET_SessionId=rgvygojg1xsc2giuopsuhghj; domain=.cembra.ch; path=/; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=9a1fd6b10e9e4f5d996a89dee04de94d; domain=.cembra.ch; expires=Tue, 21-Oct-2031 12:23:11 GMT; path=/; HttpOnly SC_ANALYTICS_SESSION_COOKIE=453458A07CE642C4ADAB9A41C32BCCC5|1|rgvygojg1xsc2giuopsuhghj; domain=.cembra.ch; path=/; HttpOnly
Date
Thu, 21 Oct 2021 12:23:10 GMT
Content-Length
1404

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
Date
Thu, 21 Oct 2021 12:23:10 GMT
Content-Length
185
eservice-login-background.jpg
eservice.cembra.ch/login/resources/nevislogrend/applications/EService/webdata/images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eservice.cembra.ch/login/resources/nevislogrend/applications/EService/webdata/images/eservice-login-background.jpg
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/webdata/css/default.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.222.93.232 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
Apache /
Resource Hash
ed5c4f940fbb29ad6ea580e52d696b5badd28efa17ef068f0dda1f5c4026ca45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://omno.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=8
Content-Length
35045
Expires
Thu, 21 Oct 2021 12:26:30 GMT
VistaSansBook.woff
omno.ai/ev/cembra/webdata/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://omno.ai/ev/cembra/webdata/fonts/VistaSansBook.woff
Requested by
Host: omno.ai
URL: https://omno.ai/ev/cembra/webdata/css/default.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.4.163 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-107-180-4-163.ip.secureserver.net
Software
Apache /
Resource Hash
4f193132f686a3b78b4b169ea2c88b473644f3c8da63a578637881cb79c0aa66

Request headers

sec-fetch-mode
cors
origin
https://omno.ai
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=8ef30018f05045e345e4e9e412c6e319
:path
/ev/cembra/webdata/fonts/VistaSansBook.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
omno.ai
referer
https://omno.ai/ev/cembra/webdata/css/default.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://omno.ai/ev/cembra/webdata/css/default.css
Origin
https://omno.ai
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 12:23:10 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 07:33:24 GMT
server
Apache
vary
Accept-Encoding
content-type
font/woff
cache-control
max-age=10368000
accept-ranges
bytes
content-length
18240
expires
Fri, 18 Feb 2022 12:23:10 GMT
login.css
www.cembra.ch/Frontend/CembraInternet/ Frame 2917 		237 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/Frontend/CembraInternet/login.css
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
cde700dc8a0702914ba678850bebb21cfd0140466f090eb0d45302d258674ff0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2017 15:10:36 GMT
ETag
"07ecb1e102bd31:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
23918
jquery-1.10.2.min.js
www.cembra.ch/assets/js/ Frame 2917 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/js/jquery-1.10.2.min.js
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
cd8f413e39247d48ea354b8fb11c227e72f641403bd8d4dd81cd7473d60daafb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2017 15:10:36 GMT
ETag
"07ecb1e102bd31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
32884
bootstrap.min.js
www.cembra.ch/assets/js/ Frame 2917 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/js/bootstrap.min.js
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
404abc720db631404f659a0873fe1df65fca1288110bf7713d4a8a090e1726af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2017 15:10:36 GMT
ETag
"07ecb1e102bd31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
7358
cem-136_eservice_info-banner_980x205px_e_v2.jpg
www.cembra.ch/~/media/images/sublayouts/login/en/ Frame 2917 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/~/media/images/sublayouts/login/en/cem-136_eservice_info-banner_980x205px_e_v2.jpg?h=205&la=en&w=980
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
ed749e259e293fdbf78a17e31ee36f375524ebaa0c3046d27ceffb43c998f6ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Last-Modified
Wed, 30 Oct 2019 14:05:15 GMT
Content-Type
image/jpeg
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="CEM-136_eService_Info-Banner_980x205px_E_V2.jpg"
Accept-Ranges
bytes
Content-Length
62557
Expires
Thu, 28 Oct 2021 12:23:11 GMT
eservice_slider_eserviceapp_en_980x320.jpg
www.cembra.ch/~/media/images/sublayouts/login/en/ Frame 2917 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/~/media/images/sublayouts/login/en/eservice_slider_eserviceapp_en_980x320.jpg?h=205&la=en&w=980
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
da8e5461251936aaeb87135378e840dcaf8d10dd83601fe4800a2f8b65c56204

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Last-Modified
Fri, 18 Jan 2019 12:50:25 GMT
Content-Type
image/jpeg
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="eService_Slider_eServiceApp_EN_980x320.jpg"
Accept-Ranges
bytes
Content-Length
29101
Expires
Thu, 28 Oct 2021 12:23:11 GMT
eservice_slider_schutz_en_980x320.jpg
www.cembra.ch/~/media/images/sublayouts/login/en/ Frame 2917 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/~/media/images/sublayouts/login/en/eservice_slider_schutz_en_980x320.jpg?h=205&la=en&w=980
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
d92495d241df54765dc9998f8a2309a9870fa0e3665b85f09c87053eaba9acce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cembra.ch/en/Login/ServiceCarousel?display=desktop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Last-Modified
Fri, 18 Jan 2019 12:51:05 GMT
Content-Type
image/jpeg
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="eService_Slider_Schutz_EN_980x320.jpg"
Accept-Ranges
bytes
Content-Length
33366
Expires
Thu, 28 Oct 2021 12:23:11 GMT
login.css
www.cembra.ch/Frontend/CembraInternet/ Frame 366E 		237 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/Frontend/CembraInternet/login.css
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
cde700dc8a0702914ba678850bebb21cfd0140466f090eb0d45302d258674ff0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2017 15:10:36 GMT
ETag
"07ecb1e102bd31:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
23918
jquery-1.10.2.min.js
www.cembra.ch/assets/js/ Frame 366E 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/js/jquery-1.10.2.min.js
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
cd8f413e39247d48ea354b8fb11c227e72f641403bd8d4dd81cd7473d60daafb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2017 15:10:36 GMT
ETag
"07ecb1e102bd31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
32884
bootstrap.min.js
www.cembra.ch/assets/js/ Frame 366E 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/js/bootstrap.min.js
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
404abc720db631404f659a0873fe1df65fca1288110bf7713d4a8a090e1726af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Sep 2017 15:10:36 GMT
ETag
"07ecb1e102bd31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
7358
info-purple.png
www.cembra.ch/~/media/images/sublayouts/login/ Frame 366E 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/~/media/images/sublayouts/login/info-purple.png?h=35&la=en&w=35
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
0eaf7b9d7710f17e57ab9c7f76d941570633c5993fcd5c8503cb7bc81941af8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cembra.ch/en/Login/ServiceMessage/?display=desktop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Last-Modified
Wed, 26 Nov 2014 23:17:39 GMT
Content-Type
image/png
Cache-Control
private, max-age=604800
Content-Disposition
inline; filename="info-purple.png"
Accept-Ranges
bytes
Content-Length
44758
Expires
Thu, 28 Oct 2021 12:23:11 GMT
slider-left.png
www.cembra.ch/assets/img/ Frame 2917 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/assets/img/slider-left.png
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/Frontend/CembraInternet/login.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
1bc5e610982370f1f00157fd084a3cdd62e980a7352752c9e09bb64f1bc3bc62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cembra.ch/Frontend/CembraInternet/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
1224
Content-Type
image/png
slider-right.png
www.cembra.ch/assets/img/ Frame 2917 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cembra.ch/assets/img/slider-right.png
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/Frontend/CembraInternet/login.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
1ca024361b724ae43c75054e59a366a1ef518496a2c120bf136a12f888eab49f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cembra.ch/Frontend/CembraInternet/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
1221
Content-Type
image/png
vistasansbook-071211005EmigreWebOnly.woff
www.cembra.ch/assets/font/ Frame 2917 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/font/vistasansbook-071211005EmigreWebOnly.woff
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/Frontend/CembraInternet/login.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
b37a9db57ad291741c5a43f24d69e73bd672e47034dd6f8e28599fb907abb768

Request headers

Referer
https://www.cembra.ch/Frontend/CembraInternet/login.css
Origin
https://www.cembra.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
32344
Content-Type
font/x-woff
vistasansbook-071211005EmigreWebOnly.woff
www.cembra.ch/assets/font/ Frame 366E 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cembra.ch/assets/font/vistasansbook-071211005EmigreWebOnly.woff
Requested by
Host: www.cembra.ch
URL: https://www.cembra.ch/Frontend/CembraInternet/login.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
193.223.58.9 , Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),
Reverse DNS
Software
/
Resource Hash
b37a9db57ad291741c5a43f24d69e73bd672e47034dd6f8e28599fb907abb768

Request headers

Referer
https://www.cembra.ch/Frontend/CembraInternet/login.css
Origin
https://www.cembra.ch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Thu, 21 Oct 2021 12:23:10 GMT
Last-Modified
Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges
bytes
ETag
"0519a1d102bd31:0"
Content-Length
32344
Content-Type
font/x-woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Cembra (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| jQuery111007962683301096718 undefined| msViewportStyle

1 Cookies

Domain/Path Name / Value
omno.ai/ Name: PHPSESSID
Value: 8ef30018f05045e345e4e9e412c6e319

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eservice.cembra.ch
omno.ai
rbzbzrebrebrebvczv.xclusivethemes.com
www.cembra.ch
www2.cembra.ch
107.180.4.163
192.254.216.47
193.222.93.232
193.223.58.7
193.223.58.9
0eaf7b9d7710f17e57ab9c7f76d941570633c5993fcd5c8503cb7bc81941af8a
1bc5e610982370f1f00157fd084a3cdd62e980a7352752c9e09bb64f1bc3bc62
1ca024361b724ae43c75054e59a366a1ef518496a2c120bf136a12f888eab49f
1cacee95e4e39d2e37977f1da84b1c27a6d6f11944dfe776f919cbe9f923458c
303153fd3190424edefc38d1299436b9d0fd4937800c764e15dc042bcbdaed70
3ce651c73cd884a369485285b2c2375be0d96ddb04c200f31b75c45da8bd5709
3e460b21839bf49543aeac626269114e5bc49092a516d7e94da7dbaee582bfd6
404abc720db631404f659a0873fe1df65fca1288110bf7713d4a8a090e1726af
4bc095fb6e9dbd94c57aa43b425cd385a37f08d18a2894aa7437a5da17a574dc
4c055705148a1cea78bbce18b53c5b3e9d1f2b47f0d14c20cbc0038ada3706b4
4f193132f686a3b78b4b169ea2c88b473644f3c8da63a578637881cb79c0aa66
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
8caef52c9ea060bd9d2c3255953562c6195902a89ef58f062ffd160c42c3ca1b
aa10a9064163c761b3581562188bf7975d0ecbf277cd5811aecd457e01a7d580
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b37a9db57ad291741c5a43f24d69e73bd672e47034dd6f8e28599fb907abb768
cd8f413e39247d48ea354b8fb11c227e72f641403bd8d4dd81cd7473d60daafb
cde700dc8a0702914ba678850bebb21cfd0140466f090eb0d45302d258674ff0
ce0392488bdaf30d30425a7459ed5c3d0da132ec5d6ef14150a3d9aa24e5fdc4
d92495d241df54765dc9998f8a2309a9870fa0e3665b85f09c87053eaba9acce
da8e5461251936aaeb87135378e840dcaf8d10dd83601fe4800a2f8b65c56204
eb912f81fedf4a184718e1869c3d722624a291df92fb16b14ed30ca950c62488
ec2d729a36361a55b0c3777db4da4bfdde53dd7c674841049998baad74becbd5
ed5c4f940fbb29ad6ea580e52d696b5badd28efa17ef068f0dda1f5c4026ca45
ed749e259e293fdbf78a17e31ee36f375524ebaa0c3046d27ceffb43c998f6ae