portalkonto-aktualisierungsbb.ch Open in urlscan Pro
107.180.118.84 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portalkonto-aktualisierungsbb.com/
Effective URL:
https://portalkonto-aktualisierungsbb.ch/
Submission Tags: suspect
Submission: On December 18 via api (December 18th 2024, 4:30:19 pm UTC) from BR — Scanned from CA

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 19 HTTP transactions. The main IP is 107.180.118.84, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is portalkonto-aktualisierungsbb.ch.
TLS certificate: Issued by R10 on December 17th 2024. Valid for: 3 months.

This is the only time portalkonto-aktualisierungsbb.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
1 10	107.180.118.84 107.180.118.84	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2	2607:f8b0:400... 2607:f8b0:400d:c07::5f	15169 (GOOGLE) (GOOGLE)
1 2	23.48.203.11 23.48.203.11	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
2	2600:1408:c40... 2600:1408:c400:11::17cd:6b58	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
4	2600:1408:20:... 2600:1408:20:abf::228b	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
19	6

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

portalkonto-aktualisierungsbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 107.180.118.84 (Ashburn, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 84.118.180.107.host.secureserver.net

portalkonto-aktualisierungsbb.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c07::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.48.203.11 (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-48-203-11.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.163.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:11::17cd:6b58 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

events.api.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1408:20:abf::228b (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

csp.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	portalkonto-aktualisierungsbb.ch 1 redirects portalkonto-aktualisierungsbb.ch	2 MB
6	secureserver.net events.api.secureserver.net — Cisco Umbrella Rank: 13900 csp.secureserver.net — Cisco Umbrella Rank: 13675	588 B
2	wsimg.com 1 redirects img1.wsimg.com — Cisco Umbrella Rank: 10742	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
1	gstatic.com fonts.gstatic.com	42 KB
1	portalkonto-aktualisierungsbb.com 1 redirects portalkonto-aktualisierungsbb.com	317 B
19	6

	Domain	Requested by
10	portalkonto-aktualisierungsbb.ch	1 redirects portalkonto-aktualisierungsbb.ch
4	csp.secureserver.net	img1.wsimg.com
2	events.api.secureserver.net	img1.wsimg.com
2	img1.wsimg.com	1 redirects portalkonto-aktualisierungsbb.ch
2	fonts.googleapis.com	portalkonto-aktualisierungsbb.ch
1	fonts.gstatic.com	fonts.googleapis.com
1	portalkonto-aktualisierungsbb.com	1 redirects
19	7

This site contains no links.

Subject Issuer	Validity	Valid
webdisk.portalkonto-aktualisierungsbb.ch R10	`2024-12-17` - `2025-03-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.api.secureserver.net Starfield Secure Certificate Authority - G2	`2024-07-15` - `2025-08-16`	a year	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2024-10-17` - `2025-11-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://portalkonto-aktualisierungsbb.ch/
Frame ID: F7A45CEBA6A7007D33FDFD1ACAD6C769
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://portalkonto-aktualisierungsbb.com/ HTTP 307
https://portalkonto-aktualisierungsbb.com/ HTTP 301
https://portalkonto-aktualisierungsbb.ch/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

89 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

1
Countries

1735 kB
Transfer

2089 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portalkonto-aktualisierungsbb.com/ HTTP 307
https://portalkonto-aktualisierungsbb.com/ HTTP 301
https://portalkonto-aktualisierungsbb.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

Request Chain 13

https://portalkonto-aktualisierungsbb.ch/favicon.ico HTTP 302
https://portalkonto-aktualisierungsbb.ch/wp-includes/images/w-logo-blue-white-bg.png

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
portalkonto-aktualisierungsbb.ch/
Redirect Chain

http://portalkonto-aktualisierungsbb.com/
https://portalkonto-aktualisierungsbb.com/
https://portalkonto-aktualisierungsbb.ch/

3 KB
1 KB

313ms
95ms

Document
text/html

107.180.118.84
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://portalkonto-aktualisierungsbb.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.118.84 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 84.118.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 874ae3a6eb5912922f7124632ca942c5c90b45bf23863bfe217360dd7ee27784

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 936
content-type: text/html
date: Wed, 18 Dec 2024 16:30:12 GMT
etag: "132134b-8ff-6297a73f42e28-br"
last-modified: Tue, 17 Dec 2024 17:16:08 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 75
Content-Type: text/html; charset=utf-8
Date: Wed, 18 Dec 2024 16:30:11 GMT
Location: https://portalkonto-aktualisierungsbb.ch
Server: ip-10-123-125-165.ec2.internal
Vary: Accept-Encoding
X-Request-Id: 316fdb42-d368-46bd-a9d0-b5e80e94e9d5

GET
H2 200 bootstrap.min.css
portalkonto-aktualisierungsbb.ch/css/ 118 KB
18 KB 710ms
707ms Stylesheet
text/css 107.180.118.84
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://portalkonto-aktualisierungsbb.ch/css/bootstrap.min.css
Requested by: Host: portalkonto-aktualisierungsbb.ch
URL: https://portalkonto-aktualisierungsbb.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.118.84 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 84.118.180.107.host.secureserver.net
Software: Apache /
Resource Hash: eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/

Response headers

content-encoding: br
etag: "1b002b9-1d9ac-6297a73f52441-br"
accept-ranges: bytes
content-length: 18174
date: Wed, 18 Dec 2024 16:30:12 GMT
last-modified: Tue, 17 Dec 2024 17:16:08 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 business-casual.css
portalkonto-aktualisierungsbb.ch/css/ 3 KB
965 B 710ms
708ms Stylesheet
text/css 107.180.118.84
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://portalkonto-aktualisierungsbb.ch/css/business-casual.css
Requested by: Host: portalkonto-aktualisierungsbb.ch
URL: https://portalkonto-aktualisierungsbb.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.118.84 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 84.118.180.107.host.secureserver.net
Software: Apache /
Resource Hash: cf4c96062528fea25ea17e39fea89f1364effd762c4fac2185d70a370899a35a

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/

Response headers

content-encoding: br
etag: "1b002ba-cce-6297a73f52ff9-br"
accept-ranges: bytes
content-length: 907
date: Wed, 18 Dec 2024 16:30:12 GMT
last-modified: Tue, 17 Dec 2024 17:16:08 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 font-awesome.min.css
portalkonto-aktualisierungsbb.ch/font-awesome/css/ 26 KB
6 KB 708ms
706ms Stylesheet
text/css 107.180.118.84
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://portalkonto-aktualisierungsbb.ch/font-awesome/css/font-awesome.min.css
Requested by: Host: portalkonto-aktualisierungsbb.ch
URL: https://portalkonto-aktualisierungsbb.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.118.84 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 84.118.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/

Response headers

content-encoding: br
etag: "1b002b6-6857-6297a73f50cd1-br"
accept-ranges: bytes
content-length: 5730
date: Wed, 18 Dec 2024 16:30:12 GMT
last-modified: Tue, 17 Dec 2024 17:16:08 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 57 KB
2 KB 172ms
85ms Stylesheet
text/css 2607:f8b0:400d:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Host: portalkonto-aktualisierungsbb.ch
URL: https://portalkonto-aktualisierungsbb.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

640dddc7f86dda6d7eb12403f32f32b80dd4a4483a2b9a6c5a60558e6f2a3d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 16:30:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 16:30:12 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 4 KB
807 B 137ms
50ms Stylesheet
text/css 2607:f8b0:400d:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Slab:100,300,400,600,700,100italic,300italic,400italic,600italic,700italic

Requested by

Host: portalkonto-aktualisierungsbb.ch
URL: https://portalkonto-aktualisierungsbb.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55dd12be5213da819545d631cc1207265e1f1bec752ed013cf6cc27530f091d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 16:30:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 16:30:12 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 office.jpg
portalkonto-aktualisierungsbb.ch/img/ 1 MB
1 MB 188ms
187ms Image
image/jpeg 107.180.118.84
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalkonto-aktualisierungsbb.ch/img/office.jpg
Requested by: Host: portalkonto-aktualisierungsbb.ch
URL: https://portalkonto-aktualisierungsbb.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.118.84 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 84.118.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 447b869269892cb9e0724846be809daaf2bb250b2e2231fe0d89c0e7f73066e7

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/

Response headers

accept-ranges: bytes
content-length: 1528235
etag: "1b002bd-1751ab-6297a73f55322"
date: Wed, 18 Dec 2024 16:30:12 GMT
last-modified: Tue, 17 Dec 2024 17:16:08 GMT
content-type: image/jpeg
server: Apache

GET
H2 200 jquery.js Show response
portalkonto-aktualisierungsbb.ch/js/ 94 KB
32 KB 708ms
707ms Script
text/javascript 107.180.118.84
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://portalkonto-aktualisierungsbb.ch/js/jquery.js
Requested by: Host: portalkonto-aktualisierungsbb.ch
URL: https://portalkonto-aktualisierungsbb.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.118.84 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 84.118.180.107.host.secureserver.net
Software: Apache /
Resource Hash: a5c22fa7fe4e7c59991b0894caa81d132009e1effe998c96c8bff1e64c129673

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/

Response headers

content-encoding: br
etag: "1b002ac-17643-6297a73f4b2f9-br"
accept-ranges: bytes
content-length: 32344
date: Wed, 18 Dec 2024 16:30:12 GMT
last-modified: Tue, 17 Dec 2024 17:16:08 GMT
vary: Accept-Encoding
server: Apache
content-type: text/javascript

GET
H2 200 bootstrap.min.js Show response
portalkonto-aktualisierungsbb.ch/js/ 36 KB
9 KB 681ms
680ms Script
text/javascript 107.180.118.84
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://portalkonto-aktualisierungsbb.ch/js/bootstrap.min.js
Requested by: Host: portalkonto-aktualisierungsbb.ch
URL: https://portalkonto-aktualisierungsbb.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.118.84 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 84.118.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 1f5ad4e1d4bc0e523f82ddfeeb1b7d44b7a3e9d989aaf246908c4f0ecc07908c

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/

Response headers

content-encoding: br
etag: "1b002ad-901e-6297a73f4beb1-br"
accept-ranges: bytes
content-length: 9468
date: Wed, 18 Dec 2024 16:30:12 GMT
last-modified: Tue, 17 Dec 2024 17:16:08 GMT
vary: Accept-Encoding
server: Apache
content-type: text/javascript

GET
H2

200

scc-c2.min.js Show response
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

105 KB
21 KB

35ms
35ms

Script
text/javascript

23.48.203.11
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by: Host: portalkonto-aktualisierungsbb.ch
URL: https://portalkonto-aktualisierungsbb.ch/
Protocol: H2
Server: 23.48.203.11 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-48-203-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/

Response headers

content-encoding: gzip
x-amz-meta-version: 0.4.7
etag: "6a7950cc31489069917bf817b62b2bfe"
x-amz-version-id: 4pexUB2ckSZgPfbjokD3loiC8DEV2lsi
expires: Wed, 18 Dec 2024 17:00:12 GMT
date: Wed, 18 Dec 2024 16:30:12 GMT
last-modified: Tue, 24 Sep 2024 20:55:06 GMT
content-type: text/javascript
vary: Accept-Encoding
x-amz-id-2: jVVv6prr2/c0CB2VQs1A7plU3xjChg/nlvqbi7t5x+50yXNkT887cY+K3B2E3Eu4tkQI2NHtLzNgHV6M2f6FhQ==
cache-control: max-age=1800
timing-allow-origin: *
x-amz-request-id: 3RJ0CMGA19VJGFPX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20968
x-amz-server-side-encryption: AES256

Redirect headers

expires: Thu, 18 Dec 2025 16:30:12 GMT
cache-control: max-age=31536000
location: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
content-length: 0
access-control-allow-origin: *
date: Wed, 18 Dec 2024 16:30:12 GMT
timing-allow-origin: *

GET
H2 200 bg.jpg
portalkonto-aktualisierungsbb.ch/img/ 104 KB
104 KB 95ms
95ms Image
image/jpeg 107.180.118.84
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalkonto-aktualisierungsbb.ch/img/bg.jpg
Requested by: Host: portalkonto-aktualisierungsbb.ch
URL: https://portalkonto-aktualisierungsbb.ch/css/business-casual.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.118.84 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 84.118.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 09e17e506b6f75a7b50a72cd4332966346f358af0275ddd965c1e65baa208d4e

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/css/business-casual.css

Response headers

accept-ranges: bytes
content-length: 106754
etag: "1b002be-1a102-6297a73f55eda"
date: Wed, 18 Dec 2024 16:30:12 GMT
last-modified: Tue, 17 Dec 2024 17:16:08 GMT
content-type: image/jpeg
server: Apache

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v40/ 42 KB
42 KB 142ms
34ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://portalkonto-aktualisierungsbb.ch
Referer: https://fonts.googleapis.com/

Response headers

age: 511240
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 12 Dec 2025 18:29:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 18:29:33 GMT
last-modified: Thu, 14 Dec 2023 02:05:10 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43068
x-xss-protection: 0
server: sffe

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
294 B 161ms
38ms Fetch
image/gif 2600:1408:c400:11::17cd:6b58
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:11::17cd:6b58 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
x-robots-tag: noindex, nofollow
cache-control: private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://portalkonto-aktualisierungsbb.ch
content-length: 43
x-xss-protection: 1; mode=block
date: Wed, 18 Dec 2024 16:30:13 GMT
content-type: image/gif
x-frame-options: DENY

GET
H2 200 event Show response
events.api.secureserver.net/t/1/tl/ 43 B
294 B 162ms
41ms Fetch
image/gif 2600:1408:c400:11::17cd:6b58
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://events.api.secureserver.net/t/1/tl/event?dh=portalkonto-aktualisierungsbb.ch&dr=&ua=Mozilla%2F5.0%20(Android%2013%3B%20Mobile%3B%20rv%3A112.0)%20Gecko%2F112.0%20Firefox%2F112.0&client_name=scc-c2&cv=0.4.7&vg=c3e8c6f6-13b0-4869-b7ac-d77b5bf42d35&vtg=c3e8c6f6-13b0-4869-b7ac-d77b5bf42d35&dp=%2F&trace_id=d3047cdb1c414a3498a9b349dda05584&cts=2024-12-18T16%3A30%3A13.127Z&hit_id=48b6a2b9-90f8-4a6e-ab17-9d0a6f418c6c&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl505354%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%2210184708%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=2137096853&z=1200289654&tce=1734539412076&tcs=1734539411896&tdc=1734539413119&tdclee=1734539412979&tdcles=1734539412978&tdi=1734539412978&tdl=1734539412185&tdle=1734539411896&tdls=1734539411859&tfs=1734539411857&tns=1734539411515&trqs=1734539412076&tre=1734539412173&trps=1734539412171&tles=1734539413119&tlee=0&nt=navigate&nav_type=hard

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:c400:11::17cd:6b58 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
x-robots-tag: noindex, nofollow
cache-control: private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://portalkonto-aktualisierungsbb.ch
content-length: 43
x-xss-protection: 1; mode=block
date: Wed, 18 Dec 2024 16:30:13 GMT
content-type: image/gif
x-frame-options: DENY

GET
H2

200

w-logo-blue-white-bg.png
portalkonto-aktualisierungsbb.ch/wp-includes/images/
Redirect Chain

https://portalkonto-aktualisierungsbb.ch/favicon.ico
https://portalkonto-aktualisierungsbb.ch/wp-includes/images/w-logo-blue-white-bg.png

4 KB
4 KB

93ms
92ms

Other
image/png

107.180.118.84
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://portalkonto-aktualisierungsbb.ch/wp-includes/images/w-logo-blue-white-bg.png
Protocol: H2
Server: 107.180.118.84 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 84.118.180.107.host.secureserver.net
Software: Apache /
Resource Hash: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portalkonto-aktualisierungsbb.ch/

Response headers

accept-ranges: bytes
content-length: 4119
etag: "1320761-1017-5d0dca9a37e40"
date: Wed, 18 Dec 2024 16:30:14 GMT
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
content-type: image/png
server: Apache

Redirect headers

x-redirect-by: WordPress
link: <https://portalkonto-aktualisierungsbb.ch/wp-json/>; rel="https://api.w.org/"
location: https://portalkonto-aktualisierungsbb.ch/wp-includes/images/w-logo-blue-white-bg.png
content-encoding: br
content-length: 1
date: Wed, 18 Dec 2024 16:30:13 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.26
vary: Accept-Encoding
server: Apache

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 243ms
138ms Preflight
application/json 2600:1408:20:abf::228b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:20:abf::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://portalkonto-aktualisierungsbb.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Wed, 18 Dec 2024 16:30:13 GMT
Expires: Wed, 18 Dec 2024 16:30:13 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: C_vHbGXNIAMEnZw=
x-amzn-requestid: aa0122d8-f33a-48b9-a762-37f0b2a1cc8d
x-amzn-trace-id: Root=1-6762f895-324b7cb46e8b029c206dd349
x-envoy-upstream-service-time: 6

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 248ms
246ms Fetch
application/json 2600:1408:20:abf::228b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:20:abf::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Authorization: api-key b18ef4f046435b64a469b32c3c1c20a3
Referer: https://portalkonto-aktualisierungsbb.ch/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
Cache-Control: max-age=0, no-cache, no-store
x-amz-apigw-id: C_vHcHBPoAMEfXA=
x-envoy-upstream-service-time: 93
Pragma: no-cache
x-amzn-trace-id: Root=1-6762f895-104f60df6292fb106ccb8e7b
Connection: keep-alive
x-amzn-requestid: 23e9a1d4-f6a7-4e57-82fd-4372cd546347
Expires: Wed, 18 Dec 2024 16:30:13 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 18 Dec 2024 16:30:13 GMT
Content-Type: application/json

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 237ms
234ms Fetch
application/json 2600:1408:20:abf::228b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:20:abf::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Authorization: api-key 8da2217409854bee82e12dc4ca0b39fb
Referer: https://portalkonto-aktualisierungsbb.ch/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/json

Response headers

Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
Cache-Control: max-age=0, no-cache, no-store
x-amz-apigw-id: C_vHcEkuoAMEVmA=
x-envoy-upstream-service-time: 97
Pragma: no-cache
x-amzn-trace-id: Root=1-6762f895-7a74fc7f3a0370bc27462289
Connection: keep-alive
x-amzn-requestid: a8c95e87-0c37-47b6-8dd6-680d7adf6732
Expires: Wed, 18 Dec 2024 16:30:13 GMT
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Wed, 18 Dec 2024 16:30:13 GMT
Content-Type: application/json

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 279ms
169ms Preflight
application/json 2600:1408:20:abf::228b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:1408:20:abf::228b Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://portalkonto-aktualisierungsbb.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Wed, 18 Dec 2024 16:30:13 GMT
Expires: Wed, 18 Dec 2024 16:30:13 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: C_vHcF-eIAMEJSw=
x-amzn-requestid: 15c7d2cb-f33a-448c-8bac-5a43b96639dd
x-amzn-trace-id: Root=1-6762f895-7410d322119394343a5de5cf
x-envoy-upstream-service-time: 56

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.portalkonto-aktualisierungsbb.ch/	1970-01-21 10:34:35	Name: _tccl_visitor Value: c3e8c6f6-13b0-4869-b7ac-d77b5bf42d35
.portalkonto-aktualisierungsbb.ch/	1970-01-21 01:49:01	Name: _tccl_visit Value: c3e8c6f6-13b0-4869-b7ac-d77b5bf42d35
.portalkonto-aktualisierungsbb.ch/	1970-01-21 01:49:00	Name: _scc_session Value: pc=1&C_TOUCH=2024-12-18T16:30:12.941Z

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csp.secureserver.net
events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
img1.wsimg.com
portalkonto-aktualisierungsbb.ch
portalkonto-aktualisierungsbb.com
107.180.118.84
142.251.163.94
23.48.203.11
2600:1408:20:abf::228b
2600:1408:c400:11::17cd:6b58
2607:f8b0:400d:c07::5f
3.33.251.168
09e17e506b6f75a7b50a72cd4332966346f358af0275ddd965c1e65baa208d4e
1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a
1f5ad4e1d4bc0e523f82ddfeeb1b7d44b7a3e9d989aaf246908c4f0ecc07908c
447b869269892cb9e0724846be809daaf2bb250b2e2231fe0d89c0e7f73066e7
55dd12be5213da819545d631cc1207265e1f1bec752ed013cf6cc27530f091d0
640dddc7f86dda6d7eb12403f32f32b80dd4a4483a2b9a6c5a60558e6f2a3d89
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
874ae3a6eb5912922f7124632ca942c5c90b45bf23863bfe217360dd7ee27784
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
a5c22fa7fe4e7c59991b0894caa81d132009e1effe998c96c8bff1e64c129673
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cf4c96062528fea25ea17e39fea89f1364effd762c4fac2185d70a370899a35a
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

portalkonto-aktualisierungsbb.ch Open in urlscan Pro 107.180.118.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

43 %IPv6

6 Domains

7 Subdomains

6 IPs

1 Countries

1735 kBTransfer

2089 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

3 Cookies

Indicators

portalkonto-aktualisierungsbb.ch Open in urlscan Pro
107.180.118.84 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

1
Countries

1735 kB
Transfer

2089 kB
Size

3
Cookies

19 HTTP transactions
0 data transactions