eservic-cembrach.com Open in urlscan Pro
3.89.213.158 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16...
Submission: On December 02 via api (December 2nd 2022, 6:03:13 pm UTC) from JP — Scanned from JP

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 26 HTTP transactions. The main IP is 3.89.213.158, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is eservic-cembrach.com.
TLS certificate: Issued by R3 on December 2nd 2022. Valid for: 3 months.

This is the only time eservic-cembrach.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Cembra (Banking)

Domain & IP information

	IP Address	AS Autonomous System
8	3.89.213.158 3.89.213.158	14618 (AMAZON-AES) (AMAZON-AES)
2 20	193.223.58.9 193.223.58.9	3303 (SWISSCOM ...) (SWISSCOM Swisscom Switzerland Ltd)
26	2

8 3.89.213.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-213-158.compute-1.amazonaws.com

eservic-cembrach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 193.223.58.9 (Hedingen, Switzerland) 2 redirects

ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)

www.cembra.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	cembra.ch 2 redirects www.cembra.ch	535 KB
8	eservic-cembrach.com eservic-cembrach.com	91 KB
26	2

	Domain	Requested by
20	www.cembra.ch	2 redirects eservic-cembrach.com www.cembra.ch
8	eservic-cembrach.com	eservic-cembrach.com
26	2

This site contains no links.

Subject Issuer	Validity	Valid
eservic-cembrach.com R3	`2022-12-02` - `2023-03-02`	3 months	crt.sh
www.cembra.ch SwissSign RSA TLS EV ICA 2021 - 1	`2022-07-14` - `2023-07-14`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php
Frame ID: A6BB415FF80F86999C64786740D72049
Requests: 8 HTTP requests in this frame

Frame: https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop
Frame ID: 9D3D21C5CFA3F162CEFFFE3B34512C06
Requests: 6 HTTP requests in this frame

Frame: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop
Frame ID: F9AB8A24CE01E0F92C4E63C20CCFBFC2
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cembra Money Bank

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

625 kB
Transfer

1232 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://www.cembra.ch/de/Login/ServiceMessage HTTP 301
https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop

Request Chain 6

https://www.cembra.ch/de/Login/ServiceCarousel HTTP 301
https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.php Show response
eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/ 7 KB
3 KB 628ms
186ms Document
text/html 3.89.213.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.89.213.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-213-158.compute-1.amazonaws.com
Software: nginx / PHP/8.0.26 PleskLin
Resource Hash: 4bc7da1368289bf55857c1ce43a1d0ee56a45768caa12c3135c9a7aef445a84a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 2545
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 18:03:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.0.26 PleskLin

GET
H2 200 bootstrap-btn.css
eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/ 8 KB
1 KB 198ms
195ms Stylesheet
text/css 3.89.213.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/bootstrap-btn.css
Requested by: Host: eservic-cembrach.com
URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.89.213.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-213-158.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e9704f509569e642ea78ac8e5f224884cbdc2167baf8fa0cbd43869fac2942e0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 18:03:08 GMT
content-encoding: br
last-modified: Fri, 02 Dec 2022 16:35:05 GMT
server: nginx
etag: W/"638a2939-1ff9"
x-powered-by: PleskLin
content-type: text/css

GET
H2 404 bootstrap.min.css
eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/ 0
0 196ms
193ms Stylesheet
text/html 3.89.213.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/bootstrap.min.css
Requested by: Host: eservic-cembrach.com
URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.89.213.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-213-158.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 18:03:08 GMT
content-encoding: br
last-modified: Fri, 02 Dec 2022 13:35:51 GMT
server: nginx
etag: W/"328-5eed86a873193"
content-type: text/html

GET
H2 200 default.css
eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/ 19 KB
4 KB 193ms
191ms Stylesheet
text/css 3.89.213.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/default.css
Requested by: Host: eservic-cembrach.com
URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.89.213.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-213-158.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: b063205531bb6cb6d3603dafaa67e5efcff57fb12c3c1ffcc7438bc78c92e719

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 18:03:08 GMT
content-encoding: br
last-modified: Fri, 02 Dec 2022 16:35:05 GMT
server: nginx
etag: W/"638a2939-4d86"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 cembra-money-bank.jpeg
eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/ 16 KB
16 KB 368ms
367ms Image
image/jpeg 3.89.213.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/cembra-money-bank.jpeg
Requested by: Host: eservic-cembrach.com
URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.89.213.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-213-158.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: ce0392488bdaf30d30425a7459ed5c3d0da132ec5d6ef14150a3d9aa24e5fdc4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 18:03:09 GMT
last-modified: Fri, 02 Dec 2022 16:35:05 GMT
server: nginx
etag: "638a2939-3e73"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 15987

GET
H2 404 loading.gif
eservic-cembrach.com/login/resources/nevislogrend/applications/EService/webdata/images/ 808 B
808 B 368ms
364ms Image
text/html 3.89.213.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eservic-cembrach.com/login/resources/nevislogrend/applications/EService/webdata/images/loading.gif
Requested by: Host: eservic-cembrach.com
URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.89.213.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-213-158.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 18:03:09 GMT
content-encoding: br
last-modified: Fri, 02 Dec 2022 13:35:51 GMT
server: nginx
etag: W/"328-5eed86a873193"
content-type: text/html

GET
H/1.1

200
OK

/ Show response
www.cembra.ch/de/Login/ServiceMessage/ Frame 9D3D
Redirect Chain

https://www.cembra.ch/de/Login/ServiceMessage
https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop

1 KB
2 KB

212ms
211ms

Document
text/html

193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop

Requested by

Host: eservic-cembrach.com
URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

55a820be664fe9abbc4b1213b905232f49b6d826477939ee3d0a9982cb26596f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://eservic-cembrach.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 1001
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 18:03:10 GMT
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Accept-Encoding

Redirect headers

Content-Length: 185
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 18:03:09 GMT
Location: https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop
Strict-Transport-Security: max-age=16070400; includeSubDomains

GET
H/1.1

200
OK

ServiceCarousel Show response
www.cembra.ch/de/Login/ Frame F9AB
Redirect Chain

https://www.cembra.ch/de/Login/ServiceCarousel
https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop

4 KB
2 KB

204ms
203ms

Document
text/html

193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop

Requested by

Host: eservic-cembrach.com
URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/index.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

5066c2a170a75b9a5dc5fa10cbc5b5f0cc59179882f8c02d6619c642a42f01ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://eservic-cembrach.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 1438
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Dec 2022 18:03:10 GMT
Expires: -1
Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Accept-Encoding

Redirect headers

Content-Length: 185
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 18:03:09 GMT
Location: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop
Strict-Transport-Security: max-age=16070400; includeSubDomains

GET
H2 200 eservice-login-background.jpeg
eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/ 34 KB
34 KB 533ms
527ms Image
image/jpeg 3.89.213.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/eservice-login-background.jpeg
Requested by: Host: eservic-cembrach.com
URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/default.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.89.213.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-213-158.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: ed5c4f940fbb29ad6ea580e52d696b5badd28efa17ef068f0dda1f5c4026ca45

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 18:03:09 GMT
last-modified: Fri, 02 Dec 2022 16:35:05 GMT
server: nginx
etag: "638a2939-88e5"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 35045

GET
H2 200 vistasansbook-071211005emigrewebonly.woff
eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/ 32 KB
32 KB 352ms
349ms Font
application/font-woff 3.89.213.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/vistasansbook-071211005emigrewebonly.woff
Requested by: Host: eservic-cembrach.com
URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/default.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.89.213.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-89-213-158.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: b37a9db57ad291741c5a43f24d69e73bd672e47034dd6f8e28599fb907abb768

Request headers

Referer: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/default.css
Origin: https://eservic-cembrach.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 18:03:09 GMT
last-modified: Fri, 02 Dec 2022 16:35:05 GMT
server: nginx
etag: "638a2939-7e58"
x-powered-by: PleskLin
content-type: application/font-woff
accept-ranges: bytes
content-length: 32344

GET
H/1.1 200
OK login.css
www.cembra.ch/Frontend/CembraInternet/ Frame F9AB 237 KB
24 KB 193ms
193ms Stylesheet
text/css 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cembra.ch/Frontend/CembraInternet/login.css

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

cde700dc8a0702914ba678850bebb21cfd0140466f090eb0d45302d258674ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:10 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Mon, 11 Sep 2017 15:10:36 GMT
ETag: "07ecb1e102bd31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 23918

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
www.cembra.ch/assets/js/ Frame F9AB 91 KB
32 KB 192ms
191ms Script
application/javascript 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cembra.ch/assets/js/jquery-1.10.2.min.js

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

cd8f413e39247d48ea354b8fb11c227e72f641403bd8d4dd81cd7473d60daafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:10 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Mon, 11 Sep 2017 15:10:36 GMT
ETag: "07ecb1e102bd31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 32884

GET
H/1.1 200
OK bootstrap.min.js Show response
www.cembra.ch/assets/js/ Frame F9AB 27 KB
7 KB 196ms
195ms Script
application/javascript 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cembra.ch/assets/js/bootstrap.min.js

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

404abc720db631404f659a0873fe1df65fca1288110bf7713d4a8a090e1726af

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:10 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Mon, 11 Sep 2017 15:10:36 GMT
ETag: "07ecb1e102bd31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 7358

GET
H/1.1 200
OK cmb_eservice_newapp_de1_2022.jpg
www.cembra.ch/~/media/images/sublayouts/login/de/ Frame F9AB 91 KB
92 KB 222ms
202ms Image
image/jpeg 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cembra.ch/~/media/images/sublayouts/login/de/cmb_eservice_newapp_de1_2022.jpg?h=205&la=de&w=980

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

a0656555e87f578d00b2da72d7ce34373f373c0806ec71871690abe5176d1906

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:10 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Tue, 15 Nov 2022 14:22:06 GMT
Content-Type: image/jpeg
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="CMB_eService_NewApp_DE1_2022.jpg"
Accept-Ranges: bytes
Content-Length: 93642
Expires: Fri, 09 Dec 2022 18:03:11 GMT

GET
H/1.1 200
OK cmb_eservice_newapp_de2_2022.jpg
www.cembra.ch/~/media/images/sublayouts/login/de/ Frame F9AB 67 KB
68 KB 206ms
200ms Image
image/jpeg 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cembra.ch/~/media/images/sublayouts/login/de/cmb_eservice_newapp_de2_2022.jpg?h=205&la=de&w=980

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

22639cd1d52c4ceb7c68dda2d28fbfcb821f5b9d64b9632d1c34102fd3d306d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:10 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Tue, 15 Nov 2022 14:22:17 GMT
Content-Type: image/jpeg
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="CMB_eService_NewApp_DE2_2022.jpg"
Accept-Ranges: bytes
Content-Length: 68764
Expires: Fri, 09 Dec 2022 18:03:11 GMT

GET
H/1.1 200
OK cmb_eservice_newapp_de3_2022.jpg
www.cembra.ch/~/media/images/sublayouts/login/de/ Frame F9AB 69 KB
69 KB 202ms
202ms Image
image/jpeg 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cembra.ch/~/media/images/sublayouts/login/de/cmb_eservice_newapp_de3_2022.jpg?h=205&la=de&w=980

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

d0469af52588e0a9d83bf6f65784bb1a241f27b3387946bf4ecc86b288fdd2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:10 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Tue, 15 Nov 2022 14:22:28 GMT
Content-Type: image/jpeg
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="CMB_eService_NewApp_DE3_2022.jpg"
Accept-Ranges: bytes
Content-Length: 70301
Expires: Fri, 09 Dec 2022 18:03:11 GMT

GET
H/1.1 200
OK eservice_slider_schutz_de_980x320.jpg
www.cembra.ch/~/media/images/sublayouts/login/de/ Frame F9AB 30 KB
30 KB 366ms
203ms Image
image/jpeg 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cembra.ch/~/media/images/sublayouts/login/de/eservice_slider_schutz_de_980x320.jpg?h=205&la=de&w=980

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

9efa1dd36e9d6b40641dcfa69df8efa24ec0948a6b914aac50324ee2e52d6723

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/de/Login/ServiceCarousel?display=desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:10 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Thu, 17 Jan 2019 07:18:34 GMT
Content-Type: image/jpeg
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="eService_Slider_Schutz_DE_980x320.jpg"
Accept-Ranges: bytes
Content-Length: 30542
Expires: Fri, 09 Dec 2022 18:03:11 GMT

GET
H/1.1 200
OK login.css
www.cembra.ch/Frontend/CembraInternet/ Frame 9D3D 237 KB
24 KB 383ms
194ms Stylesheet
text/css 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cembra.ch/Frontend/CembraInternet/login.css

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

cde700dc8a0702914ba678850bebb21cfd0140466f090eb0d45302d258674ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:10 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Mon, 11 Sep 2017 15:10:36 GMT
ETag: "07ecb1e102bd31:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 23918

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
www.cembra.ch/assets/js/ Frame 9D3D 91 KB
32 KB 568ms
192ms Script
application/javascript 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cembra.ch/assets/js/jquery-1.10.2.min.js

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

cd8f413e39247d48ea354b8fb11c227e72f641403bd8d4dd81cd7473d60daafb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:10 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Mon, 11 Sep 2017 15:10:36 GMT
ETag: "07ecb1e102bd31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 32884

GET
H/1.1 200
OK bootstrap.min.js Show response
www.cembra.ch/assets/js/ Frame 9D3D 27 KB
7 KB 570ms
193ms Script
application/javascript 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cembra.ch/assets/js/bootstrap.min.js

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

404abc720db631404f659a0873fe1df65fca1288110bf7713d4a8a090e1726af

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:10 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Mon, 11 Sep 2017 15:10:36 GMT
ETag: "07ecb1e102bd31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 7358

GET
H/1.1 200
OK info-purple.png
www.cembra.ch/~/media/images/sublayouts/login/ Frame 9D3D 44 KB
44 KB 591ms
199ms Image
image/png 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cembra.ch/~/media/images/sublayouts/login/info-purple.png?h=35&la=de&w=35

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

0eaf7b9d7710f17e57ab9c7f76d941570633c5993fcd5c8503cb7bc81941af8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/de/Login/ServiceMessage/?display=desktop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:11 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Wed, 26 Nov 2014 23:16:32 GMT
Content-Type: image/png
Cache-Control: private, max-age=604800
Content-Disposition: inline; filename="info-purple.png"
Accept-Ranges: bytes
Content-Length: 44758
Expires: Fri, 09 Dec 2022 18:03:12 GMT

GET
H/1.1 200
OK slider-left.png
www.cembra.ch/assets/img/ Frame F9AB 1 KB
1 KB 549ms
194ms Image
image/png 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cembra.ch/assets/img/slider-left.png

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/Frontend/CembraInternet/login.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

1bc5e610982370f1f00157fd084a3cdd62e980a7352752c9e09bb64f1bc3bc62

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/Frontend/CembraInternet/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:11 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges: bytes
ETag: "0519a1d102bd31:0"
Content-Length: 1224
Content-Type: image/png

GET
H/1.1 200
OK slider-right.png
www.cembra.ch/assets/img/ Frame F9AB 1 KB
1 KB 559ms
194ms Image
image/png 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cembra.ch/assets/img/slider-right.png

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/Frontend/CembraInternet/login.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

1ca024361b724ae43c75054e59a366a1ef518496a2c120bf136a12f888eab49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.cembra.ch/Frontend/CembraInternet/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:11 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges: bytes
ETag: "0519a1d102bd31:0"
Content-Length: 1221
Content-Type: image/png

GET
H/1.1 200
OK vistaslab-book-071211001EmigreWebOnly.woff
www.cembra.ch/assets/font/ Frame F9AB 34 KB
34 KB 349ms
192ms Font
font/x-woff 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cembra.ch/assets/font/vistaslab-book-071211001EmigreWebOnly.woff

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/Frontend/CembraInternet/login.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

5f636f3e95d09d3a339033f986b09d3ee20cdef5d710904726d96e1defe21411

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://www.cembra.ch/Frontend/CembraInternet/login.css
Origin: https://www.cembra.ch
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:10 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges: bytes
ETag: "0519a1d102bd31:0"
Content-Length: 34988
Content-Type: font/x-woff

GET
H/1.1 200
OK vistasansbook-071211005EmigreWebOnly.woff
www.cembra.ch/assets/font/ Frame F9AB 32 KB
32 KB 350ms
193ms Font
font/x-woff 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cembra.ch/assets/font/vistasansbook-071211005EmigreWebOnly.woff

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/Frontend/CembraInternet/login.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

b37a9db57ad291741c5a43f24d69e73bd672e47034dd6f8e28599fb907abb768

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://www.cembra.ch/Frontend/CembraInternet/login.css
Origin: https://www.cembra.ch
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:10 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges: bytes
ETag: "0519a1d102bd31:0"
Content-Length: 32344
Content-Type: font/x-woff

GET
H/1.1 200
OK vistasansbook-071211005EmigreWebOnly.woff
www.cembra.ch/assets/font/ Frame 9D3D 32 KB
32 KB 346ms
192ms Font
font/x-woff 193.223.58.9
SWISSCOM Swisscom...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cembra.ch/assets/font/vistasansbook-071211005EmigreWebOnly.woff

Requested by

Host: www.cembra.ch
URL: https://www.cembra.ch/Frontend/CembraInternet/login.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

193.223.58.9 Hedingen, Switzerland, ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH),

Reverse DNS

Software

Resource Hash

b37a9db57ad291741c5a43f24d69e73bd672e47034dd6f8e28599fb907abb768

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Referer: https://www.cembra.ch/Frontend/CembraInternet/login.css
Origin: https://www.cembra.ch
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 18:03:11 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Last-Modified: Mon, 11 Sep 2017 15:10:34 GMT
Accept-Ranges: bytes
ETag: "0519a1d102bd31:0"
Content-Length: 32344
Content-Type: font/x-woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Cembra (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange undefined| msViewportStyle

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			eservic-cembrach.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: q9aeden6ipj009va241svrmfco

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://eservic-cembrach.com/interbankng/a1454840f3a0d7bc5c3bb9c682ae1d8d1184cbc07380d4136fcd1865c25b112bd6f4ea809f1de11b5c16bdf0786b0349/img/bootstrap.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://eservic-cembrach.com/login/resources/nevislogrend/applications/EService/webdata/images/loading.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eservic-cembrach.com
www.cembra.ch
193.223.58.9
3.89.213.158
0eaf7b9d7710f17e57ab9c7f76d941570633c5993fcd5c8503cb7bc81941af8a
1bc5e610982370f1f00157fd084a3cdd62e980a7352752c9e09bb64f1bc3bc62
1ca024361b724ae43c75054e59a366a1ef518496a2c120bf136a12f888eab49f
22639cd1d52c4ceb7c68dda2d28fbfcb821f5b9d64b9632d1c34102fd3d306d2
404abc720db631404f659a0873fe1df65fca1288110bf7713d4a8a090e1726af
4bc7da1368289bf55857c1ce43a1d0ee56a45768caa12c3135c9a7aef445a84a
5066c2a170a75b9a5dc5fa10cbc5b5f0cc59179882f8c02d6619c642a42f01ab
55a820be664fe9abbc4b1213b905232f49b6d826477939ee3d0a9982cb26596f
5f636f3e95d09d3a339033f986b09d3ee20cdef5d710904726d96e1defe21411
9efa1dd36e9d6b40641dcfa69df8efa24ec0948a6b914aac50324ee2e52d6723
a0656555e87f578d00b2da72d7ce34373f373c0806ec71871690abe5176d1906
b063205531bb6cb6d3603dafaa67e5efcff57fb12c3c1ffcc7438bc78c92e719
b37a9db57ad291741c5a43f24d69e73bd672e47034dd6f8e28599fb907abb768
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
cd8f413e39247d48ea354b8fb11c227e72f641403bd8d4dd81cd7473d60daafb
cde700dc8a0702914ba678850bebb21cfd0140466f090eb0d45302d258674ff0
ce0392488bdaf30d30425a7459ed5c3d0da132ec5d6ef14150a3d9aa24e5fdc4
d0469af52588e0a9d83bf6f65784bb1a241f27b3387946bf4ecc86b288fdd2f1
e9704f509569e642ea78ac8e5f224884cbdc2167baf8fa0cbd43869fac2942e0
ed5c4f940fbb29ad6ea580e52d696b5badd28efa17ef068f0dda1f5c4026ca45

eservic-cembrach.com Open in urlscan Pro 3.89.213.158 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

625 kBTransfer

1232 kBSize

1 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

eservic-cembrach.com Open in urlscan Pro
3.89.213.158 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

625 kB
Transfer

1232 kB
Size

1
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!