benny2015.com Open in urlscan Pro
136.243.130.69  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response benny2015.com/mpe/pass/	50 KB 11 KB	123ms 26ms	Document text/html	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / PleskLin Resource Hash 85f462d788bd2ed45b1acf2bb74939a403b9a0f2c7b98054739d89e678315677 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding br Content-Type text/html Date Thu, 09 Feb 2023 21:08:03 GMT ETag W/"63e50f34-c890" Last-Modified Thu, 09 Feb 2023 15:20:20 GMT Server nginx Strict-Transport-Security max-age=15768000; includeSubDomains Transfer-Encoding chunked X-Powered-By PleskLin
GET H/1.1	200 OK	sso.min-20200819.css benny2015.com/mpe/pass/index_files/	180 KB 21 KB	664ms 664ms	Stylesheet text/css	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/mpe/pass/index_files/sso.min-20200819.css Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / PleskLin Resource Hash 17b7c94cb891331ef612c7b2b3648f007c1c4f6a2eb420199bb275d91450959b Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/mpe/pass/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:03 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Thu, 09 Feb 2023 15:20:20 GMT Server nginx ETag W/"63e50f34-2cf00" X-Powered-By PleskLin Transfer-Encoding chunked Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	modernizr-20200819.js Show response benny2015.com/mpe/pass/index_files/	8 KB 3 KB	31ms 12ms	Script application/javascript	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/mpe/pass/index_files/modernizr-20200819.js Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / PleskLin Resource Hash 4a3d4cf982535aaf485c6e3af9ad1498df5c065adf94eed056f0aa13c31e92ed Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/mpe/pass/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:03 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Thu, 09 Feb 2023 15:20:20 GMT Server nginx ETag W/"63e50f34-1e59" X-Powered-By PleskLin Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	otSDKStub.js Show response benny2015.com/mpe/pass/index_files/	20 KB 7 KB	282ms 250ms	Script application/javascript	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/mpe/pass/index_files/otSDKStub.js Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / PleskLin Resource Hash 7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/mpe/pass/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:03 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Thu, 09 Feb 2023 15:20:20 GMT Server nginx ETag W/"63e50f34-519f" X-Powered-By PleskLin Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	launch-6cc731e967aa.min.js Show response benny2015.com/mpe/pass/index_files/	139 KB 38 KB	49ms 49ms	Script application/javascript	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/mpe/pass/index_files/launch-6cc731e967aa.min.js Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / PleskLin Resource Hash 811e8df757d166dce4bda35c81d2f639eed22055abd034720214c7125b21b737 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/mpe/pass/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Thu, 09 Feb 2023 15:20:20 GMT Server nginx ETag W/"63e50f34-22aa8" X-Powered-By PleskLin Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	otBannerSdk.js Show response benny2015.com/mpe/pass/index_files/	324 KB 68 KB	32ms 32ms	Script application/javascript	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/mpe/pass/index_files/otBannerSdk.js Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / PleskLin Resource Hash 204a3299ddc67db6fd1836653ece6696c46f1b2d7fb7abcb4fe9132abe2b6612 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/mpe/pass/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Thu, 09 Feb 2023 15:20:20 GMT Server nginx ETag W/"63e50f34-50f06" X-Powered-By PleskLin Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	logo.png benny2015.com/mpe/pass/index_files/	2 KB 2 KB	45ms 12ms	Image image/png	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://benny2015.com/mpe/pass/index_files/logo.png Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / PleskLin Resource Hash d45fd2cc05090e4b504f361216b1032409ed3cdf9904f50ce56e8a6b0f3c006e Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/mpe/pass/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Last-Modified Thu, 09 Feb 2023 15:20:20 GMT Server nginx ETag "63e50f34-71a" X-Powered-By PleskLin Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1818
GET H/1.1	200 OK	logopass.png benny2015.com/mpe/pass/index_files/	19 KB 19 KB	78ms 22ms	Image image/png	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://benny2015.com/mpe/pass/index_files/logopass.png Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / PleskLin Resource Hash 6dc2b32636e09159a8f25d527d944aae49e84e45936c5850bb96fafc85f86ade Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/mpe/pass/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Last-Modified Thu, 09 Feb 2023 15:20:20 GMT Server nginx ETag "63e50f34-4ab8" X-Powered-By PleskLin Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 19128
GET H/1.1	200 OK	pss.png benny2015.com/mpe/pass/index_files/	105 KB 105 KB	75ms 18ms	Image image/png	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://benny2015.com/mpe/pass/index_files/pss.png Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / PleskLin Resource Hash 91134963643090e67d09747d67c7b0cc111ba642b39c7b04031fd43b9707380e Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/mpe/pass/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Last-Modified Thu, 09 Feb 2023 15:20:20 GMT Server nginx ETag "63e50f34-1a397" X-Powered-By PleskLin Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 107415
GET H/1.1	200 OK	jquery-20200819.js Show response benny2015.com/mpe/pass/index_files/	95 KB 32 KB	64ms 64ms	Script application/javascript	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/mpe/pass/index_files/jquery-20200819.js Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / PleskLin Resource Hash 24f31a4afb4d98c85b6cff4c9a953654a77986d6c4c9e9cae52cf57e59095e01 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/mpe/pass/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Thu, 09 Feb 2023 15:20:20 GMT Server nginx ETag W/"63e50f34-17c54" X-Powered-By PleskLin Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	vendor.min-20200819.js Show response benny2015.com/mpe/pass/index_files/	175 KB 50 KB	51ms 51ms	Script application/javascript	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/mpe/pass/index_files/vendor.min-20200819.js Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / PleskLin Resource Hash be0223ae72bc8c610c7a5453d349964cbe78ff8646695a58bc13a4cf0a8d81d6 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/mpe/pass/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Thu, 09 Feb 2023 15:20:20 GMT Server nginx ETag W/"63e50f34-2bc0a" X-Powered-By PleskLin Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	swisspass.min-20200819.js Show response benny2015.com/mpe/pass/index_files/	97 KB 24 KB	51ms 51ms	Script application/javascript	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/mpe/pass/index_files/swisspass.min-20200819.js Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / PleskLin Resource Hash 225e078f0432e7459d74e8d9245f1982570a3897d664ca2d219ccd09b244ab95 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/mpe/pass/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Thu, 09 Feb 2023 15:20:20 GMT Server nginx ETag W/"63e50f34-183fc" X-Powered-By PleskLin Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H2	200	SBBWeb-Light.woff2 cdn.app.sbb.ch/fonts/v1_6_subset/	14 KB 14 KB	91ms 15ms	Font application/font-woff2	52.29.111.168 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Light.woff2 Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/index_files/sso.min-20200819.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.29.111.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-111-168.eu-central-1.compute.amazonaws.com Software nginx/1.23.2 / Resource Hash 5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf Request headers Referer https://benny2015.com/ Origin https://benny2015.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Thu, 09 Feb 2023 21:08:04 GMT content-encoding br last-modified Fri, 17 Dec 2021 15:16:26 GMT server nginx/1.23.2 etag W/"61bca9ca-3784" vary Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/font-woff2 access-control-allow-origin * cache-control max-age=31536000, public, private access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With expires Fri, 09 Feb 2024 21:08:04 GMT
GET H/1.1	404 Not Found	e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json Show response benny2015.com/mpe/pass/index_files/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/	808 B 698 B	39ms 15ms	XHR text/html	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/mpe/pass/index_files/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/index_files/otSDKStub.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / Resource Hash b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/mpe/pass/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Wed, 25 Mar 2020 15:58:44 GMT Server nginx ETag W/"328-5a1aff15ec0a2" Transfer-Encoding chunked Content-Type text/html Connection keep-alive
GET H/1.1	200 OK	login_bg.jpg resources.swisspass.ch/content/dam/swisspass/co-branding/sbbkn/	221 KB 221 KB	103ms 20ms	Image image/jpeg	193.203.121.145 SBB-CFF-FFS Telec...
General Check archive.org Show headers Download Go to Show image Full URL https://resources.swisspass.ch/content/dam/swisspass/co-branding/sbbkn/login_bg.jpg Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 193.203.121.145 , Switzerland, ASN31004 (SBB-CFF-FFS Telecom SBB, CH), Reverse DNS Software Apache / Resource Hash c299a55acdc9c551ab7e67912892c6db8ed164dbcebaca370aa75f0f1297c8d4 Security Headers Name Value Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=16070400 X-Content-Type-Options nosniff X-Cache HIT x-url /content/dam/swisspass/co-branding/sbbkn/login_bg.jpg Connection Keep-Alive Content-Length 226097 X-XSS-Protection 1; mode=block Referrer-Policy same-origin Last-Modified Thu, 09 Feb 2023 02:10:05 GMT Server Apache ETag "37331-5f43ae11b3148" Vary User-Agent,X-Requested-With X-Frame-Options SAMEORIGIN X-Varnish 60130109 59506841 Content-Type image/jpeg X-Plattform cprod Cache-Control max-age=21600 Accept-Ranges bytes Keep-Alive timeout=10, max=500 Expires Fri, 10 Feb 2023 03:06:50 GMT
GET H/1.1	404 Not Found	icomoon.woff2 benny2015.com/fonts/icomoon/	0 0	27ms 15ms	Font text/html	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/fonts/icomoon/icomoon.woff2?7m5yri Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/index_files/sso.min-20200819.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers Referer https://benny2015.com/mpe/pass/index_files/sso.min-20200819.css Origin https://benny2015.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Wed, 25 Mar 2020 15:58:44 GMT Server nginx ETag W/"328-5a1aff15ec0a2" Transfer-Encoding chunked Content-Type text/html Connection keep-alive
GET H/1.1	404 Not Found	co-branding Show response benny2015.com/idp/	808 B 698 B	225ms 223ms	XHR text/html	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/idp/co-branding?resource=co-branding&lang=fr&provider=sbbkn Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/index_files/jquery-20200819.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / Resource Hash b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers Accept */* Referer https://benny2015.com/mpe/pass/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Wed, 25 Mar 2020 15:58:44 GMT Server nginx ETag W/"328-5a1aff15ec0a2" Transfer-Encoding chunked Content-Type text/html Connection keep-alive
GET H/1.1	404 Not Found	icomoon.ttf benny2015.com/fonts/icomoon/	0 0	17ms 11ms	Font text/html	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/fonts/icomoon/icomoon.ttf?7m5yri Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/index_files/sso.min-20200819.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers Referer https://benny2015.com/mpe/pass/index_files/sso.min-20200819.css Origin https://benny2015.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Wed, 25 Mar 2020 15:58:44 GMT Server nginx ETag W/"328-5a1aff15ec0a2" Transfer-Encoding chunked Content-Type text/html Connection keep-alive
GET H/1.1	404 Not Found	icomoon.woff benny2015.com/fonts/icomoon/	0 0	16ms 9ms	Font text/html	136.243.130.69 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://benny2015.com/fonts/icomoon/icomoon.woff?7m5yri Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/index_files/sso.min-20200819.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 136.243.130.69 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS web2-alfacast-hosting.de Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers Referer https://benny2015.com/mpe/pass/index_files/sso.min-20200819.css Origin https://benny2015.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers Date Thu, 09 Feb 2023 21:08:04 GMT Strict-Transport-Security max-age=15768000; includeSubDomains Content-Encoding br Last-Modified Wed, 25 Mar 2020 15:58:44 GMT Server nginx ETag W/"328-5a1aff15ec0a2" Transfer-Encoding chunked Content-Type text/html Connection keep-alive
GET H2	200	hit.xiti logs1407.xiti.com/	35 B 307 B	64ms 12ms	Image image/gif	65.9.68.209 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://logs1407.xiti.com/hit.xiti?s=611076&idclient=060b3dd2-cf85-464b-83af-eef1fa935c1b&ts=1675976884650&vtag=5.29.4&ptag=js&r=1600x1200x24x24&re=1600x1200&hl=21x8x4&lng=en-US&idp=2108049731708&jv=0&p=login::(CH)%20%7C%20SwissPass&s2=1&x3=[benny2015.com%2Fmpe%2Fpass%2F]&x4=[%2Flogin]&x5=[]&x6=[]&x7=[fr]&x8=[]&x11=[https%3A%2F%2Fbenny2015.com%2Fmpe%2Fpass%2F]&x12=[0]&x13=[SwissPass]&s:tms_version=swisspass.ch%20(digitalDataLayer)%3A%3Aproduction%3A%3A2022-07-11T13%3A22%3A43Z&s:login_status=0&s:login_type=SwissPass&ref= Requested by Host: benny2015.com URL: https://benny2015.com/mpe/pass/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.68.209 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-68-209.fra56.r.cloudfront.net Software / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language de-DE,de;q=0.9 Referer https://benny2015.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36 Response headers date Thu, 09 Feb 2023 21:08:04 GMT via 1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront) strict-transport-security max-age=15768000 x-amz-cf-pop FRA56-C1 x-cache Miss from cloudfront content-type image/gif cache-control no-store content-length 35 x-amz-cf-id 2U2rEpG-EOi1ReGFxqkR_C8tEy6aZ7FWpHlk0JyL168Y7JdwRRD6nA==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Schweizerische Bundesbahnen (Transportation)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| digitalDataLayer object| html5 object| Modernizr object| OneTrustStub object| digitalData object| dataLayerEvent function| OptanonWrapper function| validateForm function| closeModal function| $ function| jQuery object| jQuery112009289451335030439 function| A11yDialog function| iFrameResize function| Cleave function| OevcResourceLoader object| dp object| oevc object| webtrends boolean| isMobile function| validate object| options object| attrs object| allowedProviders object| rememberMe boolean| providerAllowsRememberMe object| _satellite boolean| __satelliteLoaded object| ATInternet function| ATCustomEvent object| ATInternetTag

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.benny2015.com/	1970-01-20 19:04:37	Name: atuserid Value: %7B%22name%22%3A%22atuserid%22%2C%22val%22%3A%22060b3dd2-cf85-464b-83af-eef1fa935c1b%22%2C%22options%22%3A%7B%22end%22%3A%222024-03-12T21%3A08%3A04.645Z%22%2C%22path%22%3A%22%2F%22%7D%7D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://benny2015.com/fonts/icomoon/icomoon.woff2?7m5yri Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://benny2015.com/mpe/pass/index_files/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://benny2015.com/fonts/icomoon/icomoon.ttf?7m5yri Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://benny2015.com/fonts/icomoon/icomoon.woff?7m5yri Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://benny2015.com/idp/co-branding?resource=co-branding&lang=fr&provider=sbbkn Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

benny2015.com
cdn.app.sbb.ch
logs1407.xiti.com
resources.swisspass.ch
136.243.130.69
193.203.121.145
52.29.111.168
65.9.68.209
17b7c94cb891331ef612c7b2b3648f007c1c4f6a2eb420199bb275d91450959b
204a3299ddc67db6fd1836653ece6696c46f1b2d7fb7abcb4fe9132abe2b6612
225e078f0432e7459d74e8d9245f1982570a3897d664ca2d219ccd09b244ab95
24f31a4afb4d98c85b6cff4c9a953654a77986d6c4c9e9cae52cf57e59095e01
4a3d4cf982535aaf485c6e3af9ad1498df5c065adf94eed056f0aa13c31e92ed
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dc2b32636e09159a8f25d527d944aae49e84e45936c5850bb96fafc85f86ade
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
811e8df757d166dce4bda35c81d2f639eed22055abd034720214c7125b21b737
85f462d788bd2ed45b1acf2bb74939a403b9a0f2c7b98054739d89e678315677
91134963643090e67d09747d67c7b0cc111ba642b39c7b04031fd43b9707380e
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
be0223ae72bc8c610c7a5453d349964cbe78ff8646695a58bc13a4cf0a8d81d6
c299a55acdc9c551ab7e67912892c6db8ed164dbcebaca370aa75f0f1297c8d4
d45fd2cc05090e4b504f361216b1032409ed3cdf9904f50ce56e8a6b0f3c006e