urlscan.io logo urlscan.io
SecurityTrails logo

ocrm.ch Open in urlscan Pro
80.74.147.33  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ocrm.ch/reserve/compose/
Effective URL: https://ocrm.ch/reserve/compose/
Submission Tags: falconsandbox
Submission: On June 20 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 12 HTTP transactions. The main IP is 80.74.147.33, located in Switzerland and belongs to ASN-METANET Routingpeering issues: noc@metanet.ch, CH. The main domain is ocrm.ch.
TLS certificate: Issued by R3 on May 7th 2024. Valid for: 3 months.
This is the only time ocrm.ch was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

IP Address AS Autonomous System
1 80.74.147.33 21069 (ASN-METAN...)
10 104.17.201.1 13335 (CLOUDFLAR...)
1 23.14.65.40 16625 (AKAMAI-AS)
12 4
Apex Domain
Subdomains		 Transfer
10 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 3546
218 KB
1 aexp-static.com
www.aexp-static.com — Cisco Umbrella Rank: 13568
42 KB
1 ocrm.ch
ocrm.ch
18 KB
12 3
Domain Requested by
10 res.cloudinary.com ocrm.ch
res.cloudinary.com
1 www.aexp-static.com res.cloudinary.com
1 ocrm.ch
12 3

This site contains no links.

Subject Issuer Validity Valid
ocrm.ch
R3		 2024-05-07 -
2024-08-05		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2024-04-23 -
2025-05-25		 a year crt.sh
m.americanexpress.com
DigiCert SHA2 Extended Validation Server CA		 2024-03-06 -
2025-03-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ocrm.ch/reserve/compose/
Frame ID: 9702217D1EDD538EC2E4164741BC9CF1
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ocrm.ch/reserve/compose/ HTTP 307
    https://ocrm.ch/reserve/compose/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • aexp-static\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

277 kB
Transfer

992 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ocrm.ch/reserve/compose/ HTTP 307
    https://ocrm.ch/reserve/compose/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ocrm.ch/reserve/compose/
Redirect Chain
  • http://ocrm.ch/reserve/compose/?
  • https://ocrm.ch/reserve/compose/?
41 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ocrm.ch/reserve/compose/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
80.74.147.33 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS
amphora.sui-inter.net
Software
nginx /
Resource Hash
a9fecab8cb41f5902321d1b485b69deac3b0df2ece862531a1bdb8913918b000
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Jun 2024 14:24:52 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
vary
Accept-Encoding

Redirect headers

Location
https://ocrm.ch/reserve/compose/?
Non-Authoritative-Reason
HttpsUpgrades
jquery.js
res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406480/assets/contents/ 		279 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406480/assets/contents/jquery.js
Requested by
Host: ocrm.ch
URL: https://ocrm.ch/reserve/compose/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126add89639e7ac92dff67c061c2e32486ecca91d0d1d1ed8f1bc5ee34596a27
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocrm.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:24:53 GMT
content-encoding
br
strict-transport-security
max-age=604800
last-modified
Mon, 29 Apr 2024 16:02:13 GMT
server
cloudflare
etag
W/"304fd509939802b85c4ffe9d58f3498f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
cld-cloudflare;dur=34;start=2024-06-20T14:24:53.296Z;desc=hit,rtt;dur=14
accept-ranges
none
cf-ray
896c6cccfd09bc5f-ZRH
timing-allow-origin
*
oce-min.css
res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714411265/assets/contents/ 		314 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714411265/assets/contents/oce-min.css
Requested by
Host: ocrm.ch
URL: https://ocrm.ch/reserve/compose/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09f26bec3ac1f8362719ac0a1b1e4700f7c6be37103eab13b4023753769217b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocrm.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:24:53 GMT
content-encoding
br
strict-transport-security
max-age=604800
server-timing
cld-cloudflare;dur=34;start=2024-06-20T14:24:53.294Z;desc=hit,rtt;dur=14
content-length
55392
last-modified
Mon, 29 Apr 2024 17:21:46 GMT
server
cloudflare
etag
W/"30e9fa04ac7cf714b8bd78144df29fb6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
cf-ray
896c6cccfd05bc5f-ZRH
timing-allow-origin
*
oce-fonts.css
res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/ 		203 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Requested by
Host: ocrm.ch
URL: https://ocrm.ch/reserve/compose/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
020eefc1c72728c88c35fc364802ef83d5c4ac34788475a7ac61d482127e07ad
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocrm.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:24:53 GMT
content-encoding
br
strict-transport-security
max-age=604800
server-timing
cld-cloudflare;dur=31;start=2024-06-20T14:24:53.289Z;desc=hit,rtt;dur=14
content-length
18654
last-modified
Mon, 29 Apr 2024 16:03:39 GMT
server
cloudflare
etag
W/"0e188c0e16d7c235dce188374371933d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
cf-ray
896c6cccfd08bc5f-ZRH
timing-allow-origin
*
oce-font.css
res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406473/assets/contents/ 		103 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406473/assets/contents/oce-font.css
Requested by
Host: ocrm.ch
URL: https://ocrm.ch/reserve/compose/?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dd6d1e570bb272ca7ff939832eda05c576213037bd6b845daf5be8f4ee3bbff
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ocrm.ch/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:24:53 GMT
content-encoding
br
strict-transport-security
max-age=604800
last-modified
Mon, 29 Apr 2024 16:03:59 GMT
server
cloudflare
etag
W/"9a3613abcbf580ee02944d3003da9cf5"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary
cache-control
public, no-transform, immutable, max-age=2592000
server-timing
cld-cloudflare;dur=44;start=2024-06-20T14:24:53.293Z;desc=hit,rtt;dur=14
accept-ranges
none
cf-ray
896c6cccfd01bc5f-ZRH
timing-allow-origin
*
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
610166ddd2d965283356d314f592522c1907a5334cec1daa0874fc61639a667c

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
Requested by
Host: res.cloudinary.com
URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Origin
https://ocrm.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:24:54 GMT
strict-transport-security
max-age=604800
x-cld-error
Resource not found - assets/contents/0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
content-transfer-encoding
binary
content-disposition
inline
server-timing
cld-cloudflare;dur=409;start=2024-06-20T14:24:53.974Z;desc=hit,rtt;dur=15
content-length
0
x-request-id
5b2317c996ba0dc824a168c25c2f2ae3
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Cld-Error,Content-Length,Content-Disposition,Server-Timing,Vary
cache-control
private, no-transform, max-age=0, no-cache
accept-ranges
bytes
cf-ray
896c6cd1390dbe64-ZRH
timing-allow-origin
*
3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
Requested by
Host: res.cloudinary.com
URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Origin
https://ocrm.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:24:54 GMT
strict-transport-security
max-age=604800
x-cld-error
Resource not found - assets/contents/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
content-transfer-encoding
binary
content-disposition
inline
server-timing
cld-cloudflare;dur=420;start=2024-06-20T14:24:53.977Z;desc=hit,rtt;dur=15
content-length
0
x-request-id
4d128f6ecfcf6fb74626ce29f49cfdf6
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Cld-Error,Content-Length,Content-Disposition,Server-Timing,Vary
cache-control
private, no-transform, max-age=0, no-cache
accept-ranges
bytes
cf-ray
896c6cd13915be64-ZRH
timing-allow-origin
*
dls-icons.woff
res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/dls-icons.woff?v=5.10.1
Requested by
Host: res.cloudinary.com
URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Origin
https://ocrm.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:24:54 GMT
strict-transport-security
max-age=604800
x-cld-error
Resource not found - assets/contents/dls-icons.woff
content-transfer-encoding
binary
content-disposition
inline
server-timing
cld-cloudflare;dur=251;start=2024-06-20T14:24:53.979Z;desc=hit,rtt;dur=15
content-length
0
x-request-id
f9dcfdee9db7cd94daa4f90331d03d43
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Cld-Error,Content-Length,Content-Disposition,Server-Timing,Vary
cache-control
private, no-transform, max-age=0, no-cache
accept-ranges
bytes
cf-ray
896c6cd13913be64-ZRH
timing-allow-origin
*
dls-icons.ttf
res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/dls-icons.ttf?v=5.10.1
Requested by
Host: res.cloudinary.com
URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Origin
https://ocrm.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:24:54 GMT
strict-transport-security
max-age=604800
x-cld-error
Resource not found - assets/contents/dls-icons.ttf
content-transfer-encoding
binary
content-disposition
inline
server-timing
cld-cloudflare;dur=289;start=2024-06-20T14:24:54.304Z;desc=hit,rtt;dur=22
content-length
0
x-request-id
aa45673b3e0790f0d47764335e97897e
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Cld-Error,Content-Length,Content-Disposition,Server-Timing,Vary
cache-control
private, no-transform, max-age=0, no-cache
accept-ranges
bytes
cf-ray
896c6cd35cbdbe64-ZRH
timing-allow-origin
*
0fababca-4914-46dd-9b0f-efbd51f67ae8-1.ttf
res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/0fababca-4914-46dd-9b0f-efbd51f67ae8-1.ttf
Requested by
Host: res.cloudinary.com
URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Origin
https://ocrm.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:24:54 GMT
strict-transport-security
max-age=604800
x-cld-error
Resource not found - assets/contents/0fababca-4914-46dd-9b0f-efbd51f67ae8-1.ttf
content-transfer-encoding
binary
content-disposition
inline
server-timing
cld-cloudflare;dur=269;start=2024-06-20T14:24:54.520Z;desc=hit,rtt;dur=19
content-length
0
x-request-id
c785914defe5242806342c7e404c93fd
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Cld-Error,Content-Length,Content-Disposition,Server-Timing,Vary
cache-control
private, no-transform, max-age=0, no-cache
accept-ranges
bytes
cf-ray
896c6cd4bf69be64-ZRH
timing-allow-origin
*
3be50273-0b2e-4aef-ae68-882eacd611f9-1.ttf
res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/3be50273-0b2e-4aef-ae68-882eacd611f9-1.ttf
Requested by
Host: res.cloudinary.com
URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.201.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Origin
https://ocrm.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:24:54 GMT
strict-transport-security
max-age=604800
x-cld-error
Resource not found - assets/contents/3be50273-0b2e-4aef-ae68-882eacd611f9-1.ttf
content-transfer-encoding
binary
content-disposition
inline
server-timing
cld-cloudflare;dur=305;start=2024-06-20T14:24:54.522Z;desc=hit,rtt;dur=19
content-length
0
x-request-id
2e4ee1864264465dcf31d49b6ab72a9c
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Cld-Error,Content-Length,Content-Disposition,Server-Timing,Vary
cache-control
private, no-transform, max-age=0, no-cache
accept-ranges
bytes
cf-ray
896c6cd4bf6dbe64-ZRH
timing-allow-origin
*
dls-icons.woff
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/iconfont/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/iconfont/dls-icons.woff?
Requested by
Host: res.cloudinary.com
URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/oce-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.14.65.40 Santiago, Chile, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-14-65-40.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ca7662fda5acafc5dbfb98b40f8ee040a29e87dabf976d351689480fea446c94

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://res.cloudinary.com/
Origin
https://ocrm.ch
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:24:55 GMT
last-modified
Fri, 18 Oct 2019 19:50:49 GMT
etag
"5daa1799-a6d8"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
content-length
42712

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage string| BMCIbfujZcpADx number| JXISseEbjpZtQA number| szWTHJrFNmtUPI number| GbJveFhZHfCBDR function| sGflAqMQPmCnIK function| gVpKkCuBrJNHAD function| adfoKcCgINyFJu function| GmfDMZgLtXNYzn string| KwzybclCjMqYnR string| UnFGgHQOrpRISe object| uRzWhbNejYOfPq number| VUveFRaNGhzSxd object| rVqCezKtOlWjpP function| $ function| jQuery

0 Cookies

7 Console Messages

Source Level URL
Text
javascript warning (Line 6)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406480/assets/contents/jquery.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/dls-icons.woff?v=5.10.1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/dls-icons.ttf?v=5.10.1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/0fababca-4914-46dd-9b0f-efbd51f67ae8-1.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://res.cloudinary.com/bwxfzlb9iu0ml9/raw/upload/v1714406475/assets/contents/3be50273-0b2e-4aef-ae68-882eacd611f9-1.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubDomains