www.sbb-investorendatenbank.ch
Open in
urlscan Pro
2001:1600:3:22:f816:3eff:fec1:8e59
Malicious Activity!
Public Scan
Submission: On April 14 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on March 3rd 2023. Valid for: 3 months.
This is the only time www.sbb-investorendatenbank.ch was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Schweizerische Bundesbahnen (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 2001:1600:3:2... 2001:1600:3:22:f816:3eff:fec1:8e59 | 29222 (INFOMANIA...) (INFOMANIAK-AS) | |
1 | 2606:4700:e2:... 2606:4700:e2::ac40:850f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 2606:4700::68... 2606:4700::6813:bc61 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2607:f8b0:400... 2607:f8b0:4004:c1b::5f | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4004:c08::5e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:440... 2606:4700:4400::ac40:9062 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 18.193.186.62 18.193.186.62 | 16509 (AMAZON-02) (AMAZON-02) | |
26 | 8 |
ASN29222 (INFOMANIAK-AS, CH)
www.sbb-investorendatenbank.ch |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-186-62.eu-central-1.compute.amazonaws.com
cdn.app.sbb.ch |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 394 |
154 KB |
8 |
sbb-investorendatenbank.ch
www.sbb-investorendatenbank.ch |
674 KB |
2 |
sbb.ch
cdn.app.sbb.ch — Cisco Umbrella Rank: 373720 |
29 KB |
2 |
gstatic.com
fonts.gstatic.com |
31 KB |
1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 610 |
306 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39 |
1 KB |
1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 889 |
237 KB |
26 | 7 |
Domain | Requested by | |
---|---|---|
11 | cdn.cookielaw.org |
www.sbb-investorendatenbank.ch
cdn.cookielaw.org |
8 | www.sbb-investorendatenbank.ch |
www.sbb-investorendatenbank.ch
|
2 | cdn.app.sbb.ch | |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | fonts.googleapis.com |
www.sbb-investorendatenbank.ch
|
1 | use.fontawesome.com |
www.sbb-investorendatenbank.ch
|
26 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.sbb-investorendatenbank.ch R3 |
2023-03-03 - 2023-06-01 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-06 - 2023-06-05 |
a year | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2023-04-01 - 2024-03-31 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2022-12-13 - 2023-12-13 |
a year | crt.sh |
*.app.sbb.ch Amazon RSA 2048 M01 |
2023-02-10 - 2023-10-14 |
8 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.sbb-investorendatenbank.ch/de/home
Frame ID: A994A253F107D80E360A12F3B57F85E9
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
SBB Investorendatenbank - SBB IDBBack ButtonSearch IconFilter IconDetected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
home
www.sbb-investorendatenbank.ch/de/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.8daad372.css
www.sbb-investorendatenbank.ch/build/ |
57 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frontend.d510e223.css
www.sbb-investorendatenbank.ch/build/ |
179 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
use.fontawesome.com/releases/v5.0.6/js/ |
657 KB 237 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-sbb-cff-ffs.svg
www.sbb-investorendatenbank.ch/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OtAutoBlock.js
cdn.cookielaw.org/consent/c31ff7b0-1d8a-44b5-bc2e-427985f7be6f/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.d94b3b43.js
www.sbb-investorendatenbank.ch/build/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.326109b0.js
www.sbb-investorendatenbank.ch/build/ |
504 KB 159 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frontend.fa46d0ba.js
www.sbb-investorendatenbank.ch/build/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
17 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c31ff7b0-1d8a-44b5-bc2e-427985f7be6f.json
cdn.cookielaw.org/consent/c31ff7b0-1d8a-44b5-bc2e-427985f7be6f/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-form.cac583c7.jpg
www.sbb-investorendatenbank.ch/build/images/ |
471 KB 471 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
68 B 306 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202301.2.0/ |
402 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
de-ch.json
cdn.cookielaw.org/consent/c31ff7b0-1d8a-44b5-bc2e-427985f7be6f/60f38ef9-5ba8-409d-a40f-0f95e256a5ca/ |
103 KB 15 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ |
13 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/v2/ |
61 KB 12 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ |
21 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SBBWeb-Bold.woff2
cdn.app.sbb.ch/fonts/v1_6_subset/ |
14 KB 15 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SBBWeb-Roman.woff2
cdn.app.sbb.ch/fonts/v1_6_subset/ |
14 KB 14 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ |
497 B 489 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SBB_POS_2F_CMYK_100.jpg
cdn.cookielaw.org/logos/d8f340ef-178f-4257-9ea8-01744cfc5459/a673aedd-6758-453a-83d8-a537788421a3/a8447a49-11f4-4616-a318-5e311eb6d25a/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Schweizerische Bundesbahnen (Transportation)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| OneTrustStub function| OptanonWrapper object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime function| jQuery function| $ object| plupload object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.sbb-investorendatenbank.ch/ | Name: BE_IDB Value: eac7311ebf7fe9e96702e8f762d0ab69 |
|
.sbb-investorendatenbank.ch/ | Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Apr+14+2023+15%3A15%3A10+GMT%2B0000+(GMT)&version=202301.2.0&isIABGlobal=false&hosts=&consentId=e6c1ef18-3c9e-4b8b-80bd-40245d5cda04&interactionCount=0&landingPath=https%3A%2F%2Fwww.sbb-investorendatenbank.ch%2Fde%2Fhome&groups=C0001%3A1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=16000000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.app.sbb.ch
cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
use.fontawesome.com
www.sbb-investorendatenbank.ch
18.193.186.62
2001:1600:3:22:f816:3eff:fec1:8e59
2606:4700:4400::ac40:9062
2606:4700::6813:bc61
2606:4700:e2::ac40:850f
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c1b::5f
045d414a8dff36c68dc0b7dbe8fd3c83cbbd01bd41c2caf5c3f81dc94b2e10d5
0fa90c9e195798597245f53e9dc98259304276626836677ffaf0f9fa18f9a189
1b31afdfd23628d9fb1118e31841278653c4ef36a6d0970c002d43e49b5d1856
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
36b0f5076f07503c5e4a5fcf2c4ca37a4c7e7fe1b64ef366347f1601315ae7ec
42d5f1ac11d95f844906a39f2b0a7e55892e88444cb52d5964174a1a28270be5
45abbca0c95283e2179604797b1c0eb7603f5097a3e73e04c75a7497953bda31
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6329df22901348ea1c63404342eef5287d21ac79dacc66675fc2c4e97ebc3f04
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6ecc782fdf8b71f0993958015815c2431063ab617a0e4a50bf63716ec99e624a
70fd7f6ced21739e10103744c72acdfc8e8422502d74d4fad2ddfab3aed0bbc5
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
7306da182a6148f6e3b58965d41572d13f419eb6fa1b9053d428c0372044441e
74f899c313865769fb7f010130cb78098f4e42f4ea82bd7f34606305d855d985
88d0f8aed05082a43897659a30169d121dc3933e7fd30dd767fcb7af54e25283
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
966a89b8080879ba41c6b9f15c5efb58182c33a0d2d1e08748beb554b28b4997
b2786f45998641ec83b120945d13346492fe82c2f07da829fc1befcaa15f4f56
b4fa567cbf1260f3a3eb142e37b6201533a0112b85b8986d1c78d773a8e955ad
c92dfe3b50f8022a96609c9ddf392ef347b92bb335a257976397606f6332127a
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
e71f43968a46fe2eb0b2f2b094e47a58d90d1a308ff868f2380b19eb45c34703
f069a80a8f0838dc76f55359c8599ee04d3c66004c6513de7cbf382df4bb59e2
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef