swisspass-sicherheit.web.app Open in urlscan Pro
2620:0:890::100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://swisspass-sicherheit.web.app/
Submission: On April 11 via api (April 11th 2023, 3:03:41 pm UTC) from JP — Scanned from JP

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is swisspass-sicherheit.web.app.
TLS certificate: Issued by GTS CA 1D4 on March 6th 2023. Valid for: 3 months.

This is the only time swisspass-sicherheit.web.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Schweizerische Bundesbahnen (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
1 18	35.246.169.151 35.246.169.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.193.186.62 18.193.186.62	16509 (AMAZON-02) (AMAZON-02)
1	193.203.121.145 193.203.121.145	31004 (SBB-CFF-F...) (SBB-CFF-FFS Telecom SBB)
1	13.32.49.135 13.32.49.135	16509 (AMAZON-02) (AMAZON-02)
21	5

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

swisspass-sicherheit.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 35.246.169.151 (Frankfurt am Main, Germany) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.169.246.35.bc.googleusercontent.com

swisspasshilfe.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.186.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-186-62.eu-central-1.compute.amazonaws.com

cdn.app.sbb.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.203.121.145 (Switzerland)

ASN31004 (SBB-CFF-FFS Telecom SBB, CH)

resources.swisspass.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.49.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-49-135.nrt57.r.cloudfront.net

logs1407.xiti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	wpengine.com 1 redirects swisspasshilfe.wpengine.com	1 MB
1	xiti.com logs1407.xiti.com — Cisco Umbrella Rank: 88712	308 B
1	swisspass.ch resources.swisspass.ch	221 KB
1	sbb.ch cdn.app.sbb.ch — Cisco Umbrella Rank: 334503	14 KB
1	web.app swisspass-sicherheit.web.app	601 B
21	5

	Domain	Requested by
18	swisspasshilfe.wpengine.com	1 redirects swisspass-sicherheit.web.app swisspasshilfe.wpengine.com
1	logs1407.xiti.com	swisspasshilfe.wpengine.com
1	resources.swisspass.ch	swisspasshilfe.wpengine.com
1	cdn.app.sbb.ch	swisspasshilfe.wpengine.com
1	swisspass-sicherheit.web.app
21	5

This site contains no links.

Subject Issuer	Validity	Valid
web.app GTS CA 1D4	`2023-03-06` - `2023-06-04`	3 months	crt.sh
*.wpengine.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.app.sbb.ch Amazon RSA 2048 M01	`2023-02-10` - `2023-10-14`	8 months	crt.sh
resources.swisspass.ch SwissSign RSA TLS OV ICA 2021 - 1	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.xiti.com Thawte RSA CA 2018	`2022-04-29` - `2023-04-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://swisspass-sicherheit.web.app/
Frame ID: 1FE4F0D67564979FEC003936D35B1810
Requests: 1 HTTP requests in this frame

Frame: https://swisspasshilfe.wpengine.com/app/id/pass/
Frame ID: 4290AC073BF030DE15AFFECB8E29CECB
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SwissPass Portal

Detected technologies

AT Internet XiTi (Analytics) Expand

Overall confidence: 100%
Detected patterns

xiti\.com/hit\.xiti

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1396 kB
Transfer

2221 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://swisspasshilfe.wpengine.com/idp/co-branding?resource=co-branding&lang=fr&provider=sbbkn HTTP 301
https://swisspasshilfe.wpengine.com/idp/co-branding/?resource=co-branding&lang=fr&provider=sbbkn

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
swisspass-sicherheit.web.app/ 529 B
601 B 340ms
258ms Document
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://swisspass-sicherheit.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

507a643be1f4f4c9520055b1564077a898b156a05a5d2408fe54caed5e7da9ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 236
content-type: text/html; charset=utf-8
date: Tue, 11 Apr 2023 15:03:36 GMT
etag: "c869d4f28389b90a4e319b24092e3eca931c28669e8bd6405f585a10b0ad4e1b-br"
last-modified: Tue, 11 Apr 2023 12:00:33 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-tyo11983-TYO
x-timer: S1681225416.131988,VS0,VE215

GET
H2 200 / Show response
swisspasshilfe.wpengine.com/app/id/pass/ Frame 4290 50 KB
11 KB 1057ms
486ms Document
text/html 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Requested by: Host: swisspass-sicherheit.web.app
URL: https://swisspass-sicherheit.web.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 85f462d788bd2ed45b1acf2bb74939a403b9a0f2c7b98054739d89e678315677

Request headers

Referer: https://swisspass-sicherheit.web.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html
date: Tue, 11 Apr 2023 15:03:37 GMT
etag: W/"c890-5f90da785ad00-gzip"
last-modified: Tue, 11 Apr 2023 11:18:44 GMT
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 41
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

GET
H2 200 sso.min-20200819.css
swisspasshilfe.wpengine.com/app/id/pass/index_files/ Frame 4290 180 KB
24 KB 418ms
417ms Stylesheet
text/css 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/sso.min-20200819.css
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 17b7c94cb891331ef612c7b2b3648f007c1c4f6a2eb420199bb275d91450959b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:37 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 11:18:45 GMT
server: nginx
etag: W/"64354215-2cf00"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 modernizr-20200819.js Show response
swisspasshilfe.wpengine.com/app/id/pass/index_files/ Frame 4290 8 KB
4 KB 308ms
307ms Script
application/javascript 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/modernizr-20200819.js
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4a3d4cf982535aaf485c6e3af9ad1498df5c065adf94eed056f0aa13c31e92ed

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:37 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 11:18:45 GMT
server: nginx
etag: W/"64354215-1e59"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 otSDKStub.js Show response
swisspasshilfe.wpengine.com/app/id/pass/index_files/ Frame 4290 20 KB
7 KB 282ms
281ms Script
application/javascript 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/otSDKStub.js
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:37 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 11:18:45 GMT
server: nginx
etag: W/"64354215-519f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 launch-6cc731e967aa.min.js Show response
swisspasshilfe.wpengine.com/app/id/pass/index_files/ Frame 4290 139 KB
41 KB 408ms
407ms Script
application/javascript 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/launch-6cc731e967aa.min.js
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 811e8df757d166dce4bda35c81d2f639eed22055abd034720214c7125b21b737

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 11:18:45 GMT
server: nginx
etag: W/"64354215-22aa8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 otBannerSdk.js Show response
swisspasshilfe.wpengine.com/app/id/pass/index_files/ Frame 4290 324 KB
74 KB 409ms
408ms Script
application/javascript 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/otBannerSdk.js
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 204a3299ddc67db6fd1836653ece6696c46f1b2d7fb7abcb4fe9132abe2b6612

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 11:18:45 GMT
server: nginx
etag: W/"64354215-50f06"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 logo.png
swisspasshilfe.wpengine.com/app/id/pass/index_files/ Frame 4290 752 KB
753 KB 409ms
408ms Image
image/png 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/logo.png
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f3658338df6f21268d6907332ba6f3cf9e649462194476d5539b6a198efdd6b0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
last-modified: Tue, 11 Apr 2023 11:18:45 GMT
server: nginx
etag: "64354215-bc16a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 770410

GET
H2 200 logopass.png
swisspasshilfe.wpengine.com/app/id/pass/index_files/ Frame 4290 19 KB
19 KB 408ms
408ms Image
image/png 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/logopass.png
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6dc2b32636e09159a8f25d527d944aae49e84e45936c5850bb96fafc85f86ade

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
last-modified: Tue, 11 Apr 2023 11:18:45 GMT
server: nginx
etag: "64354215-4ab8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 19128

GET
H2 200 pss.png
swisspasshilfe.wpengine.com/app/id/pass/index_files/ Frame 4290 105 KB
105 KB 409ms
408ms Image
image/png 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/pss.png
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 91134963643090e67d09747d67c7b0cc111ba642b39c7b04031fd43b9707380e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
last-modified: Tue, 11 Apr 2023 11:18:45 GMT
server: nginx
etag: "64354215-1a397"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 107415

GET
H2 200 jquery-20200819.js Show response
swisspasshilfe.wpengine.com/app/id/pass/index_files/ Frame 4290 95 KB
34 KB 328ms
328ms Script
application/javascript 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/jquery-20200819.js
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 24f31a4afb4d98c85b6cff4c9a953654a77986d6c4c9e9cae52cf57e59095e01

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:37 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 11:18:45 GMT
server: nginx
etag: W/"64354215-17c54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 vendor.min-20200819.js Show response
swisspasshilfe.wpengine.com/app/id/pass/index_files/ Frame 4290 175 KB
54 KB 286ms
286ms Script
application/javascript 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/vendor.min-20200819.js
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: be0223ae72bc8c610c7a5453d349964cbe78ff8646695a58bc13a4cf0a8d81d6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 11:18:45 GMT
server: nginx
etag: W/"64354215-2bc0a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 swisspass.min-20200819.js Show response
swisspasshilfe.wpengine.com/app/id/pass/index_files/ Frame 4290 97 KB
26 KB 408ms
407ms Script
application/javascript 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/swisspass.min-20200819.js
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 225e078f0432e7459d74e8d9245f1982570a3897d664ca2d219ccd09b244ab95

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 11:18:45 GMT
server: nginx
etag: W/"64354215-183fc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 SBBWeb-Light.woff2
cdn.app.sbb.ch/fonts/v1_6_subset/ Frame 4290 14 KB
14 KB 1033ms
527ms Font
application/font-woff2 18.193.186.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Light.woff2
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/sso.min-20200819.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.186.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-186-62.eu-central-1.compute.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: 5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf

Request headers

Referer: https://swisspasshilfe.wpengine.com/
Origin: https://swisspasshilfe.wpengine.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
content-encoding: br
last-modified: Fri, 17 Dec 2021 15:16:26 GMT
server: nginx/1.23.2
etag: W/"61bca9ca-3784"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public, private
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires: Wed, 10 Apr 2024 15:03:38 GMT

GET
H2 404 e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json Show response
swisspasshilfe.wpengine.com/app/id/pass/index_files/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ Frame 4290 196 B
337 B 409ms
409ms XHR
text/html 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/otSDKStub.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
x-cache-group: normal
content-encoding: br
x-cacheable: non200
server: nginx
vary: Accept-Encoding
x-cache: HIT: 27
content-type: text/html; charset=iso-8859-1
cache-control: max-age=600, must-revalidate

GET
H/1.1 200
OK login_bg.jpg
resources.swisspass.ch/content/dam/swisspass/co-branding/sbbkn/ Frame 4290 221 KB
221 KB 1332ms
252ms Image
image/jpeg 193.203.121.145
SBB-CFF-FFS Telec...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.swisspass.ch/content/dam/swisspass/co-branding/sbbkn/login_bg.jpg

Requested by

Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.203.121.145 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH),

Reverse DNS

Software

Apache /

Resource Hash

c299a55acdc9c551ab7e67912892c6db8ed164dbcebaca370aa75f0f1297c8d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 15:03:39 GMT
Strict-Transport-Security: max-age=16070400
X-Content-Type-Options: nosniff
X-Cache: HIT
x-url: /content/dam/swisspass/co-branding/sbbkn/login_bg.jpg
Connection: Keep-Alive
Content-Length: 226097
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Last-Modified: Tue, 11 Apr 2023 01:02:19 GMT
Server: Apache
ETag: "37331-5f9050b162c95"
Vary: User-Agent,X-Requested-With
X-Frame-Options: SAMEORIGIN
X-Varnish: 146636765 145419124
Content-Type: image/jpeg
X-Plattform: cprod
Cache-Control: max-age=21600
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=500
Expires: Tue, 11 Apr 2023 21:02:13 GMT

GET
H2 404 icomoon.woff2
swisspasshilfe.wpengine.com/app/fonts/icomoon/ Frame 4290 0
0 400ms
400ms Font
text/html 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/fonts/icomoon/icomoon.woff2?7m5yri
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/sso.min-20200819.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/sso.min-20200819.css
Origin: https://swisspasshilfe.wpengine.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html

GET
H2 404 icomoon.ttf
swisspasshilfe.wpengine.com/app/fonts/icomoon/ Frame 4290 0
0 343ms
342ms Font
text/html 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/fonts/icomoon/icomoon.ttf?7m5yri
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/sso.min-20200819.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/sso.min-20200819.css
Origin: https://swisspasshilfe.wpengine.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html

GET
H2

200

/ Show response
swisspasshilfe.wpengine.com/idp/co-branding/ Frame 4290
Redirect Chain

https://swisspasshilfe.wpengine.com/idp/co-branding?resource=co-branding&lang=fr&provider=sbbkn
https://swisspasshilfe.wpengine.com/idp/co-branding/?resource=co-branding&lang=fr&provider=sbbkn

22 KB
6 KB

304ms
304ms

XHR
text/html

35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/idp/co-branding/?resource=co-branding&lang=fr&provider=sbbkn
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/
Protocol: H2
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: f3e63fd554d8a3f7814fb43cf63d7458dba2cf74f8e78636cbcccc9df986dec7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/app/id/pass/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
x-cache-group: normal
content-encoding: br
x-cacheable: SHORT
server: nginx
x-powered-by: WP Engine
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-cache: HIT: 17
content-type: text/html; charset=UTF-8
cache-control: max-age=600, must-revalidate
link: <https://swisspasshilfe.wpengine.com/index.php?rest_route=/>; rel="https://api.w.org/"

Redirect headers

date: Tue, 11 Apr 2023 15:03:38 GMT
x-cache-group: normal
x-cacheable: non200
server: nginx
x-redirect-by: WordPress
x-powered-by: WP Engine
x-cache: HIT: 23
content-type: text/html; charset=UTF-8
location: https://swisspasshilfe.wpengine.com/idp/co-branding/?resource=co-branding&lang=fr&provider=sbbkn
cache-control: max-age=600, must-revalidate
content-length: 0

GET
H2 200 hit.xiti
logs1407.xiti.com/ Frame 4290 35 B
308 B 207ms
110ms Image
image/gif 13.32.49.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logs1407.xiti.com/hit.xiti?s=611076&idclient=af65d661-b59f-442a-bd7d-14e5cfc3693d-NO&ts=1681225418580&vtag=5.29.4&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=15x3x38&lng=en-US&idp=1503384502030&jv=0&p=login::(CH)%20%7C%20SwissPass&s2=1&x3=[swisspasshilfe.wpengine.com%2Fapp%2Fid%2Fpass%2F]&x4=[%2Flogin]&x5=[]&x6=[]&x7=[fr]&x8=[]&x11=[https%3A%2F%2Fswisspasshilfe.wpengine.com%2Fapp%2Fid%2Fpass%2F]&x12=[0]&x13=[SwissPass]&s:tms_version=swisspass.ch%20(digitalDataLayer)%3A%3Aproduction%3A%3A2022-07-11T13%3A22%3A43Z&s:login_status=0&s:login_type=SwissPass&ref=https://swisspass-sicherheit.web.app/

Requested by

Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.49.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-49-135.nrt57.r.cloudfront.net

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://swisspasshilfe.wpengine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
via: 1.1 a08449218a1b8c326aa3cbb3062341b4.cloudfront.net (CloudFront)
strict-transport-security: max-age=15768000
x-amz-cf-pop: NRT57-C1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 35
x-amz-cf-id: wkIFMOK3yXUTRWkqLXFppBH8uf5a7v7FfzYp870IqoJVLcVBOGeaHQ==

GET
H2 404 icomoon.woff
swisspasshilfe.wpengine.com/app/fonts/icomoon/ Frame 4290 0
0 287ms
286ms Font
text/html 35.246.169.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://swisspasshilfe.wpengine.com/app/fonts/icomoon/icomoon.woff?7m5yri
Requested by: Host: swisspasshilfe.wpengine.com
URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/sso.min-20200819.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.246.169.151 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.169.246.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/sso.min-20200819.css
Origin: https://swisspasshilfe.wpengine.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 15:03:38 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Schweizerische Bundesbahnen (Transportation)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://swisspass-sicherheit.web.app/ Message: The key "target-densitydpi" is not supported.
network	error	URL: https://swisspasshilfe.wpengine.com/app/id/pass/index_files/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://swisspasshilfe.wpengine.com/app/fonts/icomoon/icomoon.woff2?7m5yri Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://swisspasshilfe.wpengine.com/app/fonts/icomoon/icomoon.ttf?7m5yri Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://swisspasshilfe.wpengine.com/app/fonts/icomoon/icomoon.woff?7m5yri Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.app.sbb.ch
logs1407.xiti.com
resources.swisspass.ch
swisspass-sicherheit.web.app
swisspasshilfe.wpengine.com
13.32.49.135
18.193.186.62
193.203.121.145
2620:0:890::100
35.246.169.151
17b7c94cb891331ef612c7b2b3648f007c1c4f6a2eb420199bb275d91450959b
204a3299ddc67db6fd1836653ece6696c46f1b2d7fb7abcb4fe9132abe2b6612
225e078f0432e7459d74e8d9245f1982570a3897d664ca2d219ccd09b244ab95
24f31a4afb4d98c85b6cff4c9a953654a77986d6c4c9e9cae52cf57e59095e01
4a3d4cf982535aaf485c6e3af9ad1498df5c065adf94eed056f0aa13c31e92ed
507a643be1f4f4c9520055b1564077a898b156a05a5d2408fe54caed5e7da9ce
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dc2b32636e09159a8f25d527d944aae49e84e45936c5850bb96fafc85f86ade
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
811e8df757d166dce4bda35c81d2f639eed22055abd034720214c7125b21b737
85f462d788bd2ed45b1acf2bb74939a403b9a0f2c7b98054739d89e678315677
91134963643090e67d09747d67c7b0cc111ba642b39c7b04031fd43b9707380e
be0223ae72bc8c610c7a5453d349964cbe78ff8646695a58bc13a4cf0a8d81d6
c299a55acdc9c551ab7e67912892c6db8ed164dbcebaca370aa75f0f1297c8d4
f3658338df6f21268d6907332ba6f3cf9e649462194476d5539b6a198efdd6b0
f3e63fd554d8a3f7814fb43cf63d7458dba2cf74f8e78636cbcccc9df986dec7

swisspass-sicherheit.web.app Open in urlscan Pro 2620:0:890::100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

95 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

1396 kBTransfer

2221 kBSize

0 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

5 Console Messages

Security Headers

Indicators

swisspass-sicherheit.web.app Open in urlscan Pro
2620:0:890::100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

95 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1396 kB
Transfer

2221 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!