xvb.zca.mybluehost.me Open in urlscan Pro
50.87.253.50 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://swisspass-login-uid-pw-rem00626487856274562.pages.dev/
Effective URL:
https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php
Submission: On May 28 via automatic, source phishtank (May 28th 2024, 9:41:14 pm UTC) — Scanned from DE

Summary HTTP 29 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 29 HTTP transactions. The main IP is 50.87.253.50, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is xvb.zca.mybluehost.me.
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.

This is the only time xvb.zca.mybluehost.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Schweizerische Bundesbahnen (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.66.44.101 172.66.44.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 28	50.87.253.50 50.87.253.50	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
3	18.158.38.146 18.158.38.146	16509 (AMAZON-02) (AMAZON-02)
29	3

1 172.66.44.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

swisspass-login-uid-pw-rem00626487856274562.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 50.87.253.50 (United States) 4 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box2161.bluehost.com

xvb.zca.mybluehost.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.158.38.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-38-146.eu-central-1.compute.amazonaws.com

cdn.app.sbb.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	mybluehost.me 4 redirects xvb.zca.mybluehost.me	156 KB
3	sbb.ch cdn.app.sbb.ch — Cisco Umbrella Rank: 408889	44 KB
1	pages.dev 1 redirects swisspass-login-uid-pw-rem00626487856274562.pages.dev	583 B
0	anisovil.pro Failed www.coins-ph-verification.anisovil.pro Failed
29	4

	Domain	Requested by
28	xvb.zca.mybluehost.me	4 redirects xvb.zca.mybluehost.me
3	cdn.app.sbb.ch	xvb.zca.mybluehost.me
1	swisspass-login-uid-pw-rem00626487856274562.pages.dev	1 redirects
0	www.coins-ph-verification.anisovil.pro Failed
29	4

This site contains links to these domains. Also see Links.

Domain
www.sbb.ch

Subject Issuer	Validity	Valid
xvb.zca.mybluehost.me R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.app.sbb.ch Amazon RSA 2048 M02	`2023-08-16` - `2024-09-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php
Frame ID: FD34E03D7A4A719AEAA0F8AA377276BC
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(CH) | SBB

Page URL History Show full URLs

https://xvb.zca.mybluehost.me/sb1/abonne/ HTTP 302
https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index.php HTTP 302
https://xvb.zca.mybluehost.me/sb1/abonne/delogin/mkfile.php?p=index HTTP 302
https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

29
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

200 kB
Transfer

465 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sbb.ch/fr/gare-services.html#main
Title: Lien vers le contenu

Search URL Search Domain Scan URL

URL: https://www.sbb.ch/fr/meta/contacts.html
Title: Lien vers contact

Search URL Search Domain Scan URL

URL: https://www.sbb.ch/fr
Title: Retour à la page d'accueil CFF

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xvb.zca.mybluehost.me/sb1/abonne/ HTTP 302
https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index.php HTTP 302
https://xvb.zca.mybluehost.me/sb1/abonne/delogin/mkfile.php?p=index HTTP 302
https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://swisspass-login-uid-pw-rem00626487856274562.pages.dev/ HTTP 307
https://swisspass-login-uid-pw-rem00626487856274562.pages.dev/ HTTP 302
https://xvb.zca.mybluehost.me/sb1 HTTP 301
https://xvb.zca.mybluehost.me/sb1/

Request Chain 25

https://xvb.zca.mybluehost.me/index.php?ml=svefg&r=59980&p=NjY1NjRmNzZlMWI4Ny00MDQ3Mi5waHA=&pt=KENIKSB8IFNCQg== HTTP 301
https://xvb.zca.mybluehost.me/?ml=svefg&r=59980&p=NjY1NjRmNzZlMWI4Ny00MDQ3Mi5waHA=&pt=KENIKSB8IFNCQg==

29 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ xvb.zca.mybluehost.me/sb1/ Redirect Chain http://swisspass-login-uid-pw-rem00626487856274562.pages.dev/ https://swisspass-login-uid-pw-rem00626487856274562.pages.dev/ https://xvb.zca.mybluehost.me/sb1 https://xvb.zca.mybluehost.me/sb1/	0 224 B	330ms 330ms	Document text/html	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software nginx/1.21.6 / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Tue, 28 May 2024 21:41:09 GMT expires Thu, 19 Nov 1981 08:52:00 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== pragma no-cache refresh 0;url=./abonne/ server nginx/1.21.6 x-endurance-cache-level 2 x-newfold-cache-level 2 x-nginx-cache WordPress x-proxy-cache MISS x-server-cache true Redirect headers cache-control max-age=7200 content-length 242 content-type text/html; charset=iso-8859-1 date Tue, 28 May 2024 21:41:09 GMT expires Tue, 28 May 2024 22:30:57 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== location https://xvb.zca.mybluehost.me/sb1/ server nginx/1.21.6 x-proxy-cache HIT x-server-cache true
GET H2	200	Primary Request 66564f76e1b87-40472.php Show response xvb.zca.mybluehost.me/sb1/abonne/delogin/ Redirect Chain https://xvb.zca.mybluehost.me/sb1/abonne/ https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index.php https://xvb.zca.mybluehost.me/sb1/abonne/delogin/mkfile.php?p=index https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php	102 KB 21 KB	262ms 262ms	Document text/html	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software nginx/1.21.6 / Resource Hash `521eb0b9467c45550a9e77792fae579b48bb0c8e41679653578cbbf6924fd83f` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://xvb.zca.mybluehost.me/sb1/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 28 May 2024 21:41:11 GMT expires Thu, 19 Nov 1981 08:52:00 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== pragma no-cache server nginx/1.21.6 vary Accept-Encoding x-endurance-cache-level 2 x-newfold-cache-level 2 x-nginx-cache WordPress x-server-cache false Redirect headers cache-control no-store, no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Tue, 28 May 2024 21:41:10 GMT expires Thu, 19 Nov 1981 08:52:00 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== location 66564f76e1b87-40472.php pragma no-cache server nginx/1.21.6 x-endurance-cache-level 2 x-newfold-cache-level 2 x-nginx-cache WordPress x-server-cache false
GET H2	200	saved_resource Show response xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	426 B 518 B	591ms 591ms	Script text/plain	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/saved_resource Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software nginx/1.21.6 / Resource Hash `e0db5598dde76502dda5a883d2b2d5843c53584a8d04ad90e6f0e0f2656e59ca` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:11 GMT x-nginx-cache WordPress last-modified Fri, 15 Sep 2023 16:11:38 GMT server nginx/1.21.6 x-server-cache false x-newfold-cache-level 2 x-endurance-cache-level 2 cache-control max-age=21600 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 426 expires Wed, 29 May 2024 03:41:11 GMT
GET H2	200	base.min.css xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	51 KB 13 KB	590ms 590ms	Stylesheet text/css	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/base.min.css Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash `57ff8cee5f79f79b415d76d23ecfb07914e0444e26a94ea235ba19877d52c39f` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:11 GMT content-encoding gzip x-nginx-cache WordPress last-modified Fri, 15 Sep 2023 16:11:40 GMT server Apache vary Accept-Encoding x-newfold-cache-level 2 x-endurance-cache-level 2 content-type text/css cache-control max-age=2592000 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 13000 expires Thu, 27 Jun 2024 21:41:11 GMT
GET H2	404	head.min.js.t%C3%A9l%C3%A9chargement xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	0 0	394ms 394ms	Script text/html	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/head.min.js.t%C3%A9l%C3%A9chargement Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:11 GMT server Apache content-length 43 content-type text/html; charset=iso-8859-1
GET H2	404	otBannerSdk.js.t%C3%A9l%C3%A9chargement xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	0 0	544ms 544ms	Script text/html	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/otBannerSdk.js.t%C3%A9l%C3%A9chargement Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT server Apache content-length 43 content-type text/html; charset=iso-8859-1
GET H2	404	otTCF.js.t%C3%A9l%C3%A9chargement xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	0 0	540ms 539ms	Script text/html	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/otTCF.js.t%C3%A9l%C3%A9chargement Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT server Apache content-length 43 content-type text/html; charset=iso-8859-1
GET H2	404	12.min.js.t%C3%A9l%C3%A9chargement xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	0 0	542ms 541ms	Script text/html	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/12.min.js.t%C3%A9l%C3%A9chargement Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT server Apache content-length 43 content-type text/html; charset=iso-8859-1
GET H2	404	2.min.js.t%C3%A9l%C3%A9chargement xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	0 0	545ms 544ms	Script text/html	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/2.min.js.t%C3%A9l%C3%A9chargement Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT server Apache content-length 43 content-type text/html; charset=iso-8859-1
GET H2	404	lux.js.t%C3%A9l%C3%A9chargement xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	0 0	544ms 544ms	Script text/html	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/lux.js.t%C3%A9l%C3%A9chargement Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Origin https://xvb.zca.mybluehost.me Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT server Apache content-length 43 content-type text/html; charset=iso-8859-1
GET H2	404	gpt.js.t%C3%A9l%C3%A9chargement xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	0 0	539ms 539ms	Script text/html	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/gpt.js.t%C3%A9l%C3%A9chargement Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT server Apache content-length 43 content-type text/html; charset=iso-8859-1
GET H2	404	pubads_impl_2022071401.js.t%C3%A9l%C3%A9chargement xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	0 0	541ms 541ms	Script text/html	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/pubads_impl_2022071401.js.t%C3%A9l%C3%A9chargement Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT server Apache content-length 43 content-type text/html; charset=iso-8859-1
GET H2	200	f.txt Show response xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	107 B 138 B	795ms 795ms	Script text/plain	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/f.txt Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software nginx/1.21.6 / Resource Hash `a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:11 GMT content-encoding gzip x-nginx-cache WordPress last-modified Fri, 15 Sep 2023 16:11:40 GMT server nginx/1.21.6 x-server-cache false vary Accept-Encoding x-newfold-cache-level 2 content-type text/plain x-endurance-cache-level 2 cache-control max-age=21600 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 100 expires Wed, 29 May 2024 03:41:11 GMT
GET H2	200	f(1).txt Show response xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	210 B 246 B	795ms 795ms	Script text/plain	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/f(1).txt Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software nginx/1.21.6 / Resource Hash `442f8504927c54cdfd132124b08fe51c84bdf36ce82cf4c8b61c0e79b24ad138` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:11 GMT content-encoding gzip x-nginx-cache WordPress last-modified Fri, 15 Sep 2023 16:11:40 GMT server nginx/1.21.6 x-server-cache false vary Accept-Encoding x-newfold-cache-level 2 content-type text/plain x-endurance-cache-level 2 cache-control max-age=21600 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 199 expires Wed, 29 May 2024 03:41:11 GMT
GET H2	404	0.min.js.t%C3%A9l%C3%A9chargement xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	0 0	542ms 541ms	Script text/html	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/0.min.js.t%C3%A9l%C3%A9chargement Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT server Apache content-length 43 content-type text/html; charset=iso-8859-1
GET H2	200	header.min.css xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	62 KB 17 KB	793ms 793ms	Stylesheet text/css	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/header.min.css Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash `9716b689c64d0366f1a86573b15b50f25b5ed54e2eff6021bee345cb6f6f2e1e` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:11 GMT content-encoding gzip x-nginx-cache WordPress last-modified Fri, 15 Sep 2023 16:11:40 GMT server Apache vary Accept-Encoding x-newfold-cache-level 2 x-endurance-cache-level 2 content-type text/css cache-control max-age=2592000 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== expires Thu, 27 Jun 2024 21:41:11 GMT
GET H2	200	jq.js Show response xvb.zca.mybluehost.me/sb1/abonne/panel/res/	150 KB 48 KB	594ms 594ms	Script application/javascript	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/panel/res/jq.js Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash `e5fd777f1560d2eb9b6b335eff85d886a4f02cf6ea5ccc9c3b63496bca1f8777` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:11 GMT content-encoding gzip x-nginx-cache WordPress last-modified Wed, 21 Jun 2023 02:46:14 GMT server Apache vary Accept-Encoding x-newfold-cache-level 2 x-endurance-cache-level 2 content-type application/javascript cache-control max-age=21600 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== expires Wed, 29 May 2024 03:41:11 GMT
GET H2	200	SBBWeb-Thin.woff2 cdn.app.sbb.ch/fonts/v1_6_subset/	14 KB 15 KB	157ms 102ms	Font application/font-woff2	18.158.38.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Thin.woff2 Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/base.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.38.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-38-146.eu-central-1.compute.amazonaws.com Software nginx/1.25.5 / Resource Hash `d54c676681d2c4e3b931e77908b1345441a0cf6e8f2339d4d3a56c1083aab7e6` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/ Origin https://xvb.zca.mybluehost.me Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT content-encoding br last-modified Wed, 31 Jan 2024 10:14:44 GMT server nginx/1.25.5 etag W/"65ba1d94-3900" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/font-woff2 access-control-allow-origin * cache-control max-age=31536000, public, private access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With expires Wed, 28 May 2025 21:41:12 GMT
GET H2	200	SBBWeb-Roman.woff2 cdn.app.sbb.ch/fonts/v1_6_subset/	14 KB 14 KB	135ms 81ms	Font application/font-woff2	18.158.38.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Roman.woff2 Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/base.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.38.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-38-146.eu-central-1.compute.amazonaws.com Software nginx/1.25.5 / Resource Hash `966a89b8080879ba41c6b9f15c5efb58182c33a0d2d1e08748beb554b28b4997` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/ Origin https://xvb.zca.mybluehost.me Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT content-encoding br last-modified Wed, 31 Jan 2024 10:14:44 GMT server nginx/1.25.5 etag W/"65ba1d94-3748" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/font-woff2 access-control-allow-origin * cache-control max-age=31536000, public, private access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With expires Wed, 28 May 2025 21:41:12 GMT
GET H2	200	SBBWeb-Bold.woff2 cdn.app.sbb.ch/fonts/v1_6_subset/	14 KB 15 KB	136ms 82ms	Font application/font-woff2	18.158.38.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Bold.woff2 Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/base.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.38.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-38-146.eu-central-1.compute.amazonaws.com Software nginx/1.25.5 / Resource Hash `f069a80a8f0838dc76f55359c8599ee04d3c66004c6513de7cbf382df4bb59e2` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/ Origin https://xvb.zca.mybluehost.me Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT content-encoding br last-modified Wed, 31 Jan 2024 10:14:44 GMT server nginx/1.25.5 etag W/"65ba1d94-37c0" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/font-woff2 access-control-allow-origin * cache-control max-age=31536000, public, private access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With expires Wed, 28 May 2025 21:41:12 GMT
GET H2	200	images xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	2 KB 2 KB	513ms 511ms	Image image/png	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/images Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software nginx/1.21.6 / Resource Hash `d5a335190307402516082d0274bde12fa482d20ce04da3a36f79296b244509e4` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT x-nginx-cache WordPress last-modified Fri, 15 Sep 2023 16:11:42 GMT server nginx/1.21.6 x-server-cache false x-newfold-cache-level 2 x-endurance-cache-level 2 cache-control max-age=21600 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 2059 expires Wed, 29 May 2024 03:41:12 GMT
GET H2	200	button-anmelden-mit-swisspass.png xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	4 KB 4 KB	512ms 511ms	Image image/png	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/button-anmelden-mit-swisspass.png Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash `2935f6cbdebc3fdf2a3807e29d6cb7c47ae93ab1b509f9c8fec2f61bd524abd0` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT x-nginx-cache WordPress last-modified Fri, 15 Sep 2023 16:11:42 GMT server Apache x-newfold-cache-level 2 x-endurance-cache-level 2 content-type image/png cache-control max-age=31536000 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 3957 expires Wed, 28 May 2025 21:41:12 GMT
GET H2	200	button-anmelden-mit-swissid.png xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	4 KB 4 KB	559ms 558ms	Image image/png	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/button-anmelden-mit-swissid.png Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash `bd640fb21af72b1ef707112f2b83238f8a6bec2a585fdc40da41c9346eecb4bd` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT x-nginx-cache WordPress last-modified Fri, 15 Sep 2023 16:11:42 GMT server Apache x-newfold-cache-level 2 x-endurance-cache-level 2 content-type image/png cache-control max-age=31536000 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 3803 expires Wed, 28 May 2025 21:41:12 GMT
GET H2	200	197560.png xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	16 KB 16 KB	788ms 787ms	Image image/png	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/197560.png Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash `0d075f82e2b4f4fa762101ae95488a425d2df9f40c5b7e120954509c635879bf` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT x-nginx-cache WordPress last-modified Fri, 15 Sep 2023 16:11:42 GMT server Apache x-newfold-cache-level 2 x-endurance-cache-level 2 content-type image/png cache-control max-age=31536000 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 16395 expires Wed, 28 May 2025 21:41:12 GMT
GET H2	200	197374.png xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	19 KB 19 KB	1073ms 1072ms	Image image/png	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/197374.png Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash `16d2af8dfe6bff63fd76dc7434e09f1c98de85b1aa8d35ab98b473bae3c1f97d` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT x-nginx-cache WordPress last-modified Fri, 15 Sep 2023 16:11:42 GMT server Apache x-newfold-cache-level 2 x-endurance-cache-level 2 content-type image/png cache-control max-age=31536000 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 19575 expires Wed, 28 May 2025 21:41:12 GMT
GET H2	200	197571.png xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/	11 KB 11 KB	1167ms 1166ms	Image image/png	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/197571.png Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash `9ead1bc194a3a01035de7f65160c91b32604d2c788b35a914543c34ef451cd3a` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 21:41:12 GMT x-nginx-cache WordPress last-modified Fri, 15 Sep 2023 16:11:42 GMT server Apache x-newfold-cache-level 2 x-endurance-cache-level 2 content-type image/png cache-control max-age=31536000 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 11636 expires Wed, 28 May 2025 21:41:12 GMT
GET		/ xvb.zca.mybluehost.me/ Redirect Chain https://xvb.zca.mybluehost.me/index.php?ml=svefg&r=59980&p=NjY1NjRmNzZlMWI4Ny00MDQ3Mi5waHA=&pt=KENIKSB8IFNCQg== https://xvb.zca.mybluehost.me/?ml=svefg&r=59980&p=NjY1NjRmNzZlMWI4Ny00MDQ3Mi5waHA=&pt=KENIKSB8IFNCQg==	0 0

POST H2	200	processor.php Show response xvb.zca.mybluehost.me/sb1/abonne/panel/process/	0 47 B	649ms 649ms	XHR text/html	50.87.253.50 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://xvb.zca.mybluehost.me/sb1/abonne/panel/process/processor.php Requested by Host: xvb.zca.mybluehost.me URL: https://xvb.zca.mybluehost.me/sb1/abonne/panel/res/jq.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.87.253.50 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2161.bluehost.com Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept / Referer https://xvb.zca.mybluehost.me/sb1/abonne/delogin/66564f76e1b87-40472.php X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 28 May 2024 21:41:13 GMT x-nginx-cache WordPress server Apache x-newfold-cache-level 2 x-endurance-cache-level 2 content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET		favicon.ico www.coins-ph-verification.anisovil.pro/deush/ch/home/SBB/xa/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: xvb.zca.mybluehost.me
URL: https://xvb.zca.mybluehost.me/?ml=svefg&r=59980&p=NjY1NjRmNzZlMWI4Ny00MDQ3Mi5waHA=&pt=KENIKSB8IFNCQg==

Domain: www.coins-ph-verification.anisovil.pro
URL: https://www.coins-ph-verification.anisovil.pro/deush/ch/home/SBB/xa/favicon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Schweizerische Bundesbahnen (Transportation)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			xvb.zca.mybluehost.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1670d2fc2d37cce57e34cd8d40a050ec

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/head.min.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/gpt.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/otTCF.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/pubads_impl_2022071401.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/12.min.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/0.min.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/otBannerSdk.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/lux.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xvb.zca.mybluehost.me/sb1/abonne/delogin/index_files/2.min.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.coins-ph-verification.anisovil.pro/deush/ch/home/SBB/xa/favicon.ico Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.app.sbb.ch
swisspass-login-uid-pw-rem00626487856274562.pages.dev
www.coins-ph-verification.anisovil.pro
xvb.zca.mybluehost.me
www.coins-ph-verification.anisovil.pro
xvb.zca.mybluehost.me
172.66.44.101
18.158.38.146
50.87.253.50
0d075f82e2b4f4fa762101ae95488a425d2df9f40c5b7e120954509c635879bf
16d2af8dfe6bff63fd76dc7434e09f1c98de85b1aa8d35ab98b473bae3c1f97d
2935f6cbdebc3fdf2a3807e29d6cb7c47ae93ab1b509f9c8fec2f61bd524abd0
442f8504927c54cdfd132124b08fe51c84bdf36ce82cf4c8b61c0e79b24ad138
521eb0b9467c45550a9e77792fae579b48bb0c8e41679653578cbbf6924fd83f
57ff8cee5f79f79b415d76d23ecfb07914e0444e26a94ea235ba19877d52c39f
966a89b8080879ba41c6b9f15c5efb58182c33a0d2d1e08748beb554b28b4997
9716b689c64d0366f1a86573b15b50f25b5ed54e2eff6021bee345cb6f6f2e1e
9ead1bc194a3a01035de7f65160c91b32604d2c788b35a914543c34ef451cd3a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
bd640fb21af72b1ef707112f2b83238f8a6bec2a585fdc40da41c9346eecb4bd
d54c676681d2c4e3b931e77908b1345441a0cf6e8f2339d4d3a56c1083aab7e6
d5a335190307402516082d0274bde12fa482d20ce04da3a36f79296b244509e4
e0db5598dde76502dda5a883d2b2d5843c53584a8d04ad90e6f0e0f2656e59ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fd777f1560d2eb9b6b335eff85d886a4f02cf6ea5ccc9c3b63496bca1f8777
f069a80a8f0838dc76f55359c8599ee04d3c66004c6513de7cbf382df4bb59e2

xvb.zca.mybluehost.me Open in urlscan Pro 50.87.253.50 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

93 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

200 kBTransfer

465 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

xvb.zca.mybluehost.me Open in urlscan Pro
50.87.253.50 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

200 kB
Transfer

465 kB
Size

1
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!