secureemail-ch.bankzweiplus.ch Open in urlscan Pro
160.219.36.55  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response secureemail-ch.bankzweiplus.ch/mailclient/register.php/	18 KB 19 KB	320ms 94ms	Document text/html	160.219.36.55 Bank J. Safra Sar...
General Check archive.org Show headers Download Go to Full URL https://secureemail-ch.bankzweiplus.ch/mailclient/register.php/?ID=20210909091922ZBulc7HYjfGtU6KjHh2kz Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 160.219.36.55 , Switzerland, ASN15661 (Bank J. Safra Sarasin AG, CH), Reverse DNS bankzweiplus.de Software Apache / Resource Hash da1c339fdfc8cd520cd6d996c46387adee3236cba2be5e68f96de1705acc2b5b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Host secureemail-ch.bankzweiplus.ch Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Thu, 09 Sep 2021 15:09:52 GMT Server Apache Set-Cookie SECURE_SESS-S=AS7JxvvcLGSRytLVkP9G7WWZqtcvHn1cNRrFG47Ma9CG9iWhneaE5s3dnqameM_dVyCc; Path=/; Secure; HttpOnly; SameSite=Lax Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache X-UA-Compatible IE=EmulateIE8 X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=31536000; includeSubDomains Keep-Alive timeout=10, max=500 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	pdf_reply.css secureemail-ch.bankzweiplus.ch/css/	7 KB 7 KB	38ms 38ms	Stylesheet text/css	160.219.36.55 Bank J. Safra Sar...
General Check archive.org Show headers Download Go to Full URL https://secureemail-ch.bankzweiplus.ch/css/pdf_reply.css Requested by Host: secureemail-ch.bankzweiplus.ch URL: https://secureemail-ch.bankzweiplus.ch/mailclient/register.php/?ID=20210909091922ZBulc7HYjfGtU6KjHh2kz Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 160.219.36.55 , Switzerland, ASN15661 (Bank J. Safra Sarasin AG, CH), Reverse DNS bankzweiplus.de Software Apache / Resource Hash 24516355604b7c36ab8d4e329135db7496094895375b57b378dfcc9bb7ac8241 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host secureemail-ch.bankzweiplus.ch Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://secureemail-ch.bankzweiplus.ch/mailclient/register.php/?ID=20210909091922ZBulc7HYjfGtU6KjHh2kz Cookie SECURE_SESS-S=AS7JxvvcLGSRytLVkP9G7WWZqtcvHn1cNRrFG47Ma9CG9iWhneaE5s3dnqameM_dVyCc Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://secureemail-ch.bankzweiplus.ch/mailclient/register.php/?ID=20210909091922ZBulc7HYjfGtU6KjHh2kz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 15:09:52 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Last-Modified Fri, 23 Apr 2021 13:04:46 GMT Server Apache ETag "1a83-5c0a370aad780" X-Frame-Options SAMEORIGIN Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=499 Content-Length 6787 X-UA-Compatible IE=EmulateIE8
GET H/1.1	200 OK	hJ8qlhG4D7Fp54PoZ0yj.jpg secureemail-ch.bankzweiplus.ch/tmp/	3 KB 3 KB	74ms 37ms	Image image/jpeg	160.219.36.55 Bank J. Safra Sar...
General Check archive.org Show headers Download Go to Show image Full URL https://secureemail-ch.bankzweiplus.ch/tmp/hJ8qlhG4D7Fp54PoZ0yj.jpg Requested by Host: secureemail-ch.bankzweiplus.ch URL: https://secureemail-ch.bankzweiplus.ch/mailclient/register.php/?ID=20210909091922ZBulc7HYjfGtU6KjHh2kz Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 160.219.36.55 , Switzerland, ASN15661 (Bank J. Safra Sarasin AG, CH), Reverse DNS bankzweiplus.de Software Apache / Resource Hash 2c907320d992d7308fffec27c012333dca30314241ba7b4e8c740f5d1177ccd7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host secureemail-ch.bankzweiplus.ch Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://secureemail-ch.bankzweiplus.ch/mailclient/register.php/?ID=20210909091922ZBulc7HYjfGtU6KjHh2kz Cookie SECURE_SESS-S=AS7JxvvcLGSRytLVkP9G7WWZqtcvHn1cNRrFG47Ma9CG9iWhneaE5s3dnqameM_dVyCc Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://secureemail-ch.bankzweiplus.ch/mailclient/register.php/?ID=20210909091922ZBulc7HYjfGtU6KjHh2kz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 15:09:52 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Last-Modified Thu, 09 Sep 2021 15:09:52 GMT Server Apache ETag W/"c48-5cb91640b1070" X-Frame-Options SAMEORIGIN Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=500 Content-Length 3144 X-UA-Compatible IE=EmulateIE8
GET H/1.1	200 OK	mobile.css secureemail-ch.bankzweiplus.ch/css/	7 KB 7 KB	75ms 37ms	Stylesheet text/css	160.219.36.55 Bank J. Safra Sar...
General Check archive.org Show headers Download Go to Full URL https://secureemail-ch.bankzweiplus.ch/css/mobile.css Requested by Host: secureemail-ch.bankzweiplus.ch URL: https://secureemail-ch.bankzweiplus.ch/mailclient/register.php/?ID=20210909091922ZBulc7HYjfGtU6KjHh2kz Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 160.219.36.55 , Switzerland, ASN15661 (Bank J. Safra Sarasin AG, CH), Reverse DNS bankzweiplus.de Software Apache / Resource Hash 513b1c050427ad3d47558c3a5aaca29b8bc8ae87062cf5de230ebc0cc99ac8e9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host secureemail-ch.bankzweiplus.ch Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://secureemail-ch.bankzweiplus.ch/mailclient/register.php/?ID=20210909091922ZBulc7HYjfGtU6KjHh2kz Cookie SECURE_SESS-S=AS7JxvvcLGSRytLVkP9G7WWZqtcvHn1cNRrFG47Ma9CG9iWhneaE5s3dnqameM_dVyCc Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://secureemail-ch.bankzweiplus.ch/mailclient/register.php/?ID=20210909091922ZBulc7HYjfGtU6KjHh2kz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 15:09:52 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Last-Modified Fri, 23 Apr 2021 13:04:46 GMT Server Apache ETag "1ae3-5c0a370aad780" X-Frame-Options SAMEORIGIN Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=10, max=498 Content-Length 6883 X-UA-Compatible IE=EmulateIE8

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster number| GWJS_Session_timer_variable function| GWJS_Start_Session_timer function| GWJS_Stop_Session_timer object| GWNAV_Session_StartTime number| GWNAV_Session_Timeout function| GWNAV_Session_timer function| checkTime function| getDate function| GWJS_global_onload_call function| GWJS_move_debug_window function| GWJS_checkEnterKey function| GWJS_reset function| GWJS_SubmitFormTarget function| GWJS_SubmitTarget function| GWJS_MarkGwListTable function| GWJS_SetRadioValue function| GWJS_SetSelectValue function| GWJS_HideElements function| GWJS_ShowElements function| GWJS_ShowElementsTR function| GWJS_ShowBlockElements function| Check4AllowedChars function| checkDateFormat function| parseDate function| checkSelectBoxConsistence function| apply function| setLang

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			secureemail-ch.bankzweiplus.ch/	1969-12-31 23:59:59	Name: SECURE_SESS-S Value: AS7JxvvcLGSRytLVkP9G7WWZqtcvHn1cNRrFG47Ma9CG9iWhneaE5s3dnqameM_dVyCc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

secureemail-ch.bankzweiplus.ch
160.219.36.55
24516355604b7c36ab8d4e329135db7496094895375b57b378dfcc9bb7ac8241
2c907320d992d7308fffec27c012333dca30314241ba7b4e8c740f5d1177ccd7
513b1c050427ad3d47558c3a5aaca29b8bc8ae87062cf5de230ebc0cc99ac8e9
da1c339fdfc8cd520cd6d996c46387adee3236cba2be5e68f96de1705acc2b5b