pass.sviluppo.host Open in urlscan Pro
185.201.65.222 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tm6jkbitwc.preview.infomaniak.website/
Effective URL:
https://pass.sviluppo.host/v3/
Submission: On May 28 via automatic, source phishtank (May 28th 2024, 6:36:48 pm UTC) — Scanned from CH

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 23 HTTP transactions. The main IP is 185.201.65.222, located in Italy and belongs to COLTENGINE COLTENGINE Network, IT. The main domain is pass.sviluppo.host.
TLS certificate: Issued by R3 on May 24th 2024. Valid for: 3 months.

This is the only time pass.sviluppo.host was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Schweizerische Bundesbahnen (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
2	2001:1600:4:1... 2001:1600:4:11::218	29222 (INFOMANIA...) (INFOMANIAK-AS)
19	185.201.65.222 185.201.65.222	47242 (COLTENGIN...) (COLTENGINE COLTENGINE Network)
1 2	54.192.229.50 54.192.229.50	16509 (AMAZON-02) (AMAZON-02)
1	188.114.96.9 188.114.96.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	4

2 2001:1600:4:11::218 (Switzerland)

ASN29222 (INFOMANIAK-AS, CH)

tm6jkbitwc.preview.infomaniak.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.201.65.222 (Italy)

ASN47242 (COLTENGINE COLTENGINE Network, IT)
PTR: w3001pi.shared.host.it

pass.sviluppo.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.229.50 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-192-229-50.muc50.r.cloudfront.net

logs1407.xiti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	sviluppo.host pass.sviluppo.host	217 KB
2	xiti.com 1 redirects logs1407.xiti.com — Cisco Umbrella Rank: 137349	1 KB
2	infomaniak.website tm6jkbitwc.preview.infomaniak.website	675 B
1	userstatics.com userstatics.com — Cisco Umbrella Rank: 90025	638 B
23	4

	Domain	Requested by
19	pass.sviluppo.host	pass.sviluppo.host
2	logs1407.xiti.com	1 redirects
2	tm6jkbitwc.preview.infomaniak.website
1	userstatics.com	pass.sviluppo.host
23	4

This site contains no links.

Subject Issuer	Validity	Valid
preview.infomaniak.website Sectigo RSA Domain Validation Secure Server CA	`2023-09-28` - `2024-10-11`	a year	crt.sh
pass.sviluppo.host R3	`2024-05-24` - `2024-08-22`	3 months	crt.sh
userstatics.com E1	`2024-05-26` - `2024-08-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pass.sviluppo.host/v3/
Frame ID: C63A904B25858B3576BE184CBAB27539
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmeldung | SwissPass

Page URL History Show full URLs

https://tm6jkbitwc.preview.infomaniak.website/ Page URL
https://pass.sviluppo.host/v3/ Page URL

Detected technologies

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

96 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

219 kB
Transfer

888 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tm6jkbitwc.preview.infomaniak.website/ Page URL
https://pass.sviluppo.host/v3/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://logs1407.xiti.com/event?s=611076 HTTP 307
https://logs1407.xiti.com/event?s=611076&Rdt=On

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 503 /
tm6jkbitwc.preview.infomaniak.website/ 145 B
338 B 155ms
21ms Document
text/html 2001:1600:4:11::218
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tm6jkbitwc.preview.infomaniak.website/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:11::218 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 140
content-type: text/html; charset=UTF-8
date: Tue, 28 May 2024 18:36:44 GMT
etag: "91-6197122df2334-gzip"
last-modified: Mon, 27 May 2024 15:26:07 GMT
server: Apache
strict-transport-security: max-age=16000000
vary: Accept-Encoding

GET
H2 200 Primary Request / Show response
pass.sviluppo.host/v3/ 25 KB
5 KB 211ms
97ms Document
text/html 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/v3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: nginx / PHP/7.4.33
Resource Hash: 1f6e67bc886cbf171ee9cb58e9985ddbf7e636315cec4f2034625a758d1f5b45

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://tm6jkbitwc.preview.infomaniak.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 5265
content-type: text/html; charset=UTF-8
date: Tue, 28 May 2024 18:36:44 GMT
server: nginx
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.4.33

GET
H2 503 favicon.ico
tm6jkbitwc.preview.infomaniak.website/ 145 B
337 B 20ms
19ms Other
text/html 2001:1600:4:11::218
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tm6jkbitwc.preview.infomaniak.website/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:11::218 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://tm6jkbitwc.preview.infomaniak.website/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
strict-transport-security: max-age=16000000
content-encoding: gzip
last-modified: Mon, 27 May 2024 15:26:07 GMT
server: Apache
etag: "91-6197122df2334-gzip"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
accept-ranges: bytes
content-length: 140

GET
H2 200 sso.min-20200819.css
pass.sviluppo.host/v3/css/ 180 KB
22 KB 70ms
70ms Stylesheet
text/css 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/v3/css/sso.min-20200819.css
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: nginx /
Resource Hash: c365cf63e0edecc072b99e919e45604dfbca32ec0a19dac39275c9c67d334caf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
content-encoding: br
last-modified: Fri, 24 May 2024 16:07:10 GMT
server: nginx
etag: "2ce1f-6650bb2e-db37c5eb8459324f;br"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 22228
expires: Tue, 04 Jun 2024 18:36:44 GMT

GET
H2 200 modernizr-20200819.js Show response
pass.sviluppo.host/v3/js/ 8 KB
4 KB 84ms
84ms Script
application/javascript 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/v3/js/modernizr-20200819.js
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: nginx /
Resource Hash: 7a9fa521a58ee93001981f3a7db498c589233d8cc616e8d09af0119388a865bc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
content-encoding: br
last-modified: Fri, 24 May 2024 16:07:10 GMT
server: nginx
etag: "1e5c-6650bb2e-1eb4d2e08a2adaae;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3219
expires: Tue, 04 Jun 2024 18:36:44 GMT

GET
H2 200 otSDKStub.js Show response
pass.sviluppo.host/v3/js/ 21 KB
7 KB 81ms
79ms Script
application/javascript 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/v3/js/otSDKStub.js
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: nginx /
Resource Hash: 6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
content-encoding: br
last-modified: Fri, 24 May 2024 16:07:10 GMT
server: nginx
etag: "526c-6650bb2e-aa073e282e7260c;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6574
expires: Tue, 04 Jun 2024 18:36:44 GMT

GET
H3 200 launch-6cc731e967aa.min.js Show response
pass.sviluppo.host/v3/js/ 124 KB
37 KB 47ms
47ms Script
application/javascript 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/v3/js/launch-6cc731e967aa.min.js
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash: f053f049a78c3afbce0d34f57d0bea4a24f7964d0e1e45197a35c06124b5e357

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
content-encoding: br
last-modified: Fri, 24 May 2024 16:07:10 GMT
server: LiteSpeed
etag: "1efde-6650bb2e-d0dedc8cf91d464a;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 37592
expires: Tue, 04 Jun 2024 18:36:44 GMT

GET
H2 200 logo_text_de-20200819.svg
pass.sviluppo.host/v3/images/ 137 KB
15 KB 49ms
48ms Image
image/svg+xml 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pass.sviluppo.host/v3/images/logo_text_de-20200819.svg
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: nginx /
Resource Hash: c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
content-encoding: br
last-modified: Fri, 24 May 2024 16:07:10 GMT
server: nginx
etag: "222c3-6650bb2e-691700185a5db0e0;br"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 15124
expires: Tue, 04 Jun 2024 18:36:44 GMT

GET
H2 200 logo-20200819.svg
pass.sviluppo.host/v3/images/ 7 KB
3 KB 38ms
37ms Image
image/svg+xml 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pass.sviluppo.host/v3/images/logo-20200819.svg
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: nginx /
Resource Hash: deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
content-encoding: br
last-modified: Fri, 24 May 2024 16:07:10 GMT
server: nginx
etag: "1cce-6650bb2e-738c00b90563a497;br"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2545
expires: Tue, 04 Jun 2024 18:36:44 GMT

GET
H3 200 loader-20200819.png
pass.sviluppo.host/v3/images/ 272 B
570 B 28ms
28ms Image
image/png 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pass.sviluppo.host/v3/images/loader-20200819.png
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash: f766c7457c6ec463eaa85778aa47261344f1772e0b7cf1987ad212f889f472f5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
last-modified: Fri, 24 May 2024 16:07:10 GMT
server: LiteSpeed
etag: "110-6650bb2e-c89c07875918d0c7;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 272
expires: Tue, 04 Jun 2024 18:36:44 GMT

GET
H3 200 jquery-20200819.js Show response
pass.sviluppo.host/v3/js/ 95 KB
32 KB 33ms
33ms Script
application/javascript 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/v3/js/jquery-20200819.js
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash: 2b2485b0669a2f73c4846e82eb5a37421358591a8ac8ba21d8149bfb88adcbfb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
content-encoding: br
last-modified: Fri, 24 May 2024 16:07:10 GMT
server: LiteSpeed
etag: "17c58-6650bb2e-72c077653bd7d8cb;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32943
expires: Tue, 04 Jun 2024 18:36:44 GMT

GET
H3 200 vendor.min-20200819.js Show response
pass.sviluppo.host/v3/js/ 176 KB
50 KB 29ms
28ms Script
application/javascript 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/v3/js/vendor.min-20200819.js
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash: 233ddeda2a0fbeee053d13f25669fe187bdef4fe708aacfadddd560905d209f1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
content-encoding: br
last-modified: Fri, 24 May 2024 16:07:10 GMT
server: LiteSpeed
etag: "2beeb-6650bb2e-d7e94856755668d9;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 51351
expires: Tue, 04 Jun 2024 18:36:44 GMT

GET
H3 200 swisspass.min-20200819.js Show response
pass.sviluppo.host/v3/js/ 97 KB
24 KB 32ms
32ms Script
application/javascript 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/v3/js/swisspass.min-20200819.js
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash: 9c50211b34ab0377f3b35c243c98e402315127bfa5b51e147cb22c702174ca60

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
content-encoding: br
last-modified: Fri, 24 May 2024 16:07:10 GMT
server: LiteSpeed
etag: "18410-6650bb2e-a403d2185bddd8c7;br"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 24176
expires: Tue, 04 Jun 2024 18:36:44 GMT

GET
H3 200 SBBWeb-Light.woff2
pass.sviluppo.host/v3/fonts/ 14 KB
14 KB 32ms
31ms Font
font/woff2 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/v3/fonts/SBBWeb-Light.woff2
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/css/sso.min-20200819.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash: 5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/css/sso.min-20200819.css
Origin: https://pass.sviluppo.host
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
last-modified: Fri, 24 May 2024 16:07:10 GMT
server: LiteSpeed
etag: "3784-6650bb2e-1b9ed2ddda7a3725;;;"
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14212
expires: Tue, 04 Jun 2024 18:36:44 GMT

GET
H3 404 e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json Show response
pass.sviluppo.host/v3/js/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ 1 KB
1 KB 32ms
31ms XHR
text/html 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/v3/js/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/js/otSDKStub.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 18:36:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1251
vary: User-Agent
content-type: text/html

GET
H3 404 login_bg.jpg
pass.sviluppo.host/v3/resources/img/ 1 KB
1 KB 42ms
42ms Image
text/html 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pass.sviluppo.host/v3/resources/img/login_bg.jpg
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 18:36:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1251
vary: User-Agent
content-type: text/html

GET
H3 404 icomoon.woff2
pass.sviluppo.host/fonts/icomoon/ 0
0 40ms
40ms Font
text/html 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/fonts/icomoon/icomoon.woff2?7m5yri
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/css/sso.min-20200819.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/css/sso.min-20200819.css
Origin: https://pass.sviluppo.host
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 18:36:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1251
vary: User-Agent
content-type: text/html

GET
H3 404 co-branding Show response
pass.sviluppo.host/idp/ 1 KB
1 KB 38ms
33ms XHR
text/html 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/idp/co-branding?resource=co-branding&lang=de&provider=
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/js/jquery-20200819.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: */*
Referer: https://pass.sviluppo.host/v3/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 18:36:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1251
vary: User-Agent
content-type: text/html

GET
H3 404 icomoon.ttf
pass.sviluppo.host/fonts/icomoon/ 0
0 28ms
28ms Font
text/html 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/fonts/icomoon/icomoon.ttf?7m5yri
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/css/sso.min-20200819.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/css/sso.min-20200819.css
Origin: https://pass.sviluppo.host
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 18:36:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1251
vary: User-Agent
content-type: text/html

POST
H2

204

event
logs1407.xiti.com/
Redirect Chain

https://logs1407.xiti.com/event?s=611076
https://logs1407.xiti.com/event?s=611076&Rdt=On

0
330 B

35ms
35ms

Ping
text/plain

54.192.229.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://logs1407.xiti.com/event?s=611076&Rdt=On

Protocol

Server

54.192.229.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-229-50.muc50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://pass.sviluppo.host/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
strict-transport-security: max-age=15768000
via: 1.1 1bb53b906296a648bd25a4c81fe43650.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
access-control-max-age: 600
x-cache: Miss from cloudfront
access-control-allow-origin: https://pass.sviluppo.host
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: et69pMMvvLSnZzd-2xKGQPdSfaL8arkJYt7lEe5hsJ53FO9uuvf97Q==

Redirect headers

date: Tue, 28 May 2024 18:36:44 GMT
strict-transport-security: max-age=15768000
via: 1.1 1bb53b906296a648bd25a4c81fe43650.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
access-control-max-age: 600
x-cache: Miss from cloudfront
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://pass.sviluppo.host
location: /event?s=611076&Rdt=On
cache-control: no-store
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: SucGjVN7CEPit5KBwJ4PJx10yE9YZG78D8-b8P5X2kDaOBosuEAuzw==

GET
H3 404 icomoon.woff
pass.sviluppo.host/fonts/icomoon/ 0
0 34ms
34ms Font
text/html 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/fonts/icomoon/icomoon.woff?7m5yri
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/css/sso.min-20200819.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/css/sso.min-20200819.css
Origin: https://pass.sviluppo.host
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 18:36:44 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1251
vary: User-Agent
content-type: text/html

GET
H3 200 favicon.ico
pass.sviluppo.host/v3/ 1 KB
220 B 32ms
32ms Other
image/x-icon 185.201.65.222
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to

Full URL: https://pass.sviluppo.host/v3/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.201.65.222 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS: w3001pi.shared.host.it
Software: LiteSpeed /
Resource Hash: 7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/v3/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:44 GMT
content-encoding: br
last-modified: Fri, 24 May 2024 16:07:10 GMT
server: LiteSpeed
etag: "47e-6650bb2e-d36ad20a413c7ec0;br"
vary: Accept-Encoding,User-Agent
content-type: image/x-icon
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 159
expires: Tue, 04 Jun 2024 18:36:44 GMT

GET
H3 200 script.js Show response
userstatics.com/get/ 133 B
638 B 110ms
64ms Script
text/html 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstatics.com/get/script.js?referrer=https://pass.sviluppo.host/v3/
Requested by: Host: pass.sviluppo.host
URL: https://pass.sviluppo.host/v3/js/vendor.min-20200819.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pass.sviluppo.host/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 18:36:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://pass.sviluppo.host
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBSV%2BhJ1COjWaBFwkblsgsiZmJdBsx%2FX7WL3uMzn%2BrXQo5l0TATDIyVIUoGll8uLF4a%2Bk1FzfBPf5Ab%2FZ%2FwqhnCmIOtb6SIi3YJLZKSROujB0lKIny40tOYpJP2j85DisOI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 88b05a228a844d3e-FRA
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Schweizerische Bundesbahnen (Transportation)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pass.sviluppo.host/v3	1970-01-20 20:56:01	Name: PHPREFS Value: full
.sviluppo.host/	1970-01-21 06:24:09	Name: pa_privacy Value: %22optin%22
.sviluppo.host/	1970-01-21 06:24:09	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAE0RXSwH18yBbAMYAzAKyoYADwDuAH1TSAjosqEFIAL5A
.xiti.com/	1970-01-21 06:25:35	Name: atid Value: CEA7BEEF-E6BD-4C3A-8502-B6366DEFFB3C

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tm6jkbitwc.preview.infomaniak.website/ Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://tm6jkbitwc.preview.infomaniak.website/favicon.ico Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://pass.sviluppo.host/v3/js/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pass.sviluppo.host/v3/resources/img/login_bg.jpg Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	warning	URL: https://pass.sviluppo.host/v3/ Message: [DOM] Found 2 elements with non-unique id #login_button: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://pass.sviluppo.host/v3/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://pass.sviluppo.host/fonts/icomoon/icomoon.woff2?7m5yri Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pass.sviluppo.host/idp/co-branding?resource=co-branding&lang=de&provider= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pass.sviluppo.host/fonts/icomoon/icomoon.ttf?7m5yri Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pass.sviluppo.host/fonts/icomoon/icomoon.woff?7m5yri Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://pass.sviluppo.host/v3/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://pass.sviluppo.host/v3/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16000000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

logs1407.xiti.com
pass.sviluppo.host
tm6jkbitwc.preview.infomaniak.website
userstatics.com
185.201.65.222
188.114.96.9
2001:1600:4:11::218
54.192.229.50
1f6e67bc886cbf171ee9cb58e9985ddbf7e636315cec4f2034625a758d1f5b45
233ddeda2a0fbeee053d13f25669fe187bdef4fe708aacfadddd560905d209f1
2b2485b0669a2f73c4846e82eb5a37421358591a8ac8ba21d8149bfb88adcbfb
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
7a9fa521a58ee93001981f3a7db498c589233d8cc616e8d09af0119388a865bc
7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677
9c50211b34ab0377f3b35c243c98e402315127bfa5b51e147cb22c702174ca60
c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07
c365cf63e0edecc072b99e919e45604dfbca32ec0a19dac39275c9c67d334caf
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f053f049a78c3afbce0d34f57d0bea4a24f7964d0e1e45197a35c06124b5e357
f766c7457c6ec463eaa85778aa47261344f1772e0b7cf1987ad212f889f472f5

pass.sviluppo.host Open in urlscan Pro 185.201.65.222 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

4 Countries

219 kBTransfer

888 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

32 JavaScript Global Variables

4 Cookies

12 Console Messages

Security Headers

Indicators

pass.sviluppo.host Open in urlscan Pro
185.201.65.222 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

219 kB
Transfer

888 kB
Size

4
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!