sg-madis.ch Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sg-madis.ch/trxm/db/	15 KB 4 KB	108ms 52ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sg-madis.ch/trxm/db/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash a52097c20282053f31c7a732f95db82e5ff37ce69abd0f1150a0bf85f702d8c1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-cache-status DYNAMIC cf-ray 82908c78ccc46ade-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 20 Nov 2023 12:03:16 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFk%2BRqTZAvYwoht1U%2FkzaLan2q2yRUgc780UsK2gKX6kFtoV5enu5iuyYvTXZd9XJ4k%2BvhOnXj99ozC7YBzYaXKe9VMwWRLFI%2BFMVuhb%2BRFdLT4sB29TC6OKU4GIGi5fz0Az%2FqT8QYijIg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16
GET H2	200	polyfills.es5.js Show response sg-madis.ch/public/scripts/	637 KB 93 KB	38ms 35ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sg-madis.ch/public/scripts/polyfills.es5.js Requested by Host: sg-madis.ch URL: https://sg-madis.ch/trxm/db/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d877de7b4275a1596393dea968491619835c2ef6f697833afa3e29b9f60c02f Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/trxm/db/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Aug 2023 20:42:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 42 etag W/"9f344-60297a1cabe80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NpKPuPkrNuyDg%2BSf8NeLbGfjAmNY6LTSvVovNBpts4y4H9SkwpM7LTseinuI4tairi8sXibiVSS8IFr6ZBRkcajrSHBPsNA4KTIXqnId8Rfl2eXe%2BbGInQXwmx8j3flRSaNw2KpcbtMxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 82908c792d256ade-FRA alt-svc h3=":443"; ma=86400
GET H2	200	native-shim.js Show response sg-madis.ch/public/scripts/	2 KB 1 KB	19ms 17ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sg-madis.ch/public/scripts/native-shim.js Requested by Host: sg-madis.ch URL: https://sg-madis.ch/trxm/db/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3bf7b013d798a458b822b2c4e46a65fa2b3af38ab3ae9f594e954f0b344da2e6 Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/trxm/db/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Aug 2023 20:42:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 42 etag W/"861-60297a1bb7c40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Jia4mrTqUDRjiqaSgFZ7sOO1XXtiS3oYyJVzKjaLi5lpt58j0LGbjCkRHb%2Fs3T2pSmeSuKLGD8zmNOZvtzip2G9TnL72JO7cozjbgIVAXhhhjBy8TUtGP8vP72vFPboTotv8Eku6NWsLg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 82908c792d266ade-FRA alt-svc h3=":443"; ma=86400
GET H2	200	custom-elements.min.js Show response sg-madis.ch/public/scripts/	19 KB 6 KB	20ms 19ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sg-madis.ch/public/scripts/custom-elements.min.js Requested by Host: sg-madis.ch URL: https://sg-madis.ch/trxm/db/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b86d62cd6db965295cd25c44221ae2f91e9a84aebdff867b32619dcdc6354391 Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/trxm/db/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Aug 2023 20:42:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 42 etag W/"4bdd-60297a1416a40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HT85CQi13ZDMvSZBYksyOXWThefhvlD8fUm3nqJ6Ozs7Z4Z6ZzycWS6KZMR6glKC4075heeUI6ruGQf3Mpev%2F3oj3K3CyI2M%2FJK%2BOEFcFtNa6kCMbiN7tKfR5vDnFT2pN9HA17wdbZp6g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 82908c792d276ade-FRA alt-svc h3=":443"; ma=86400
GET H2	200	cms_snippets.es5.js Show response sg-madis.ch/public/scripts/	33 KB 9 KB	23ms 22ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sg-madis.ch/public/scripts/cms_snippets.es5.js Requested by Host: sg-madis.ch URL: https://sg-madis.ch/trxm/db/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b39d491f064026fc999911e62780f377c7ce085d501257cc2bbc67cb1935fac Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/trxm/db/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Aug 2023 20:42:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 42 etag W/"835a-60297a1416a40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJcmUFw5gab6iLb1%2FARIAw4ojgmiC9pZdSJhKAt%2ByMO%2BggFne4TWD9Z3htX1LmDBwXET2fkVvbaDTlaYoDICZJBlLMgMcZaxR0tY7T0cFb1lDKRKWfxgz2wxoQH%2BZfexgWBL%2FmSngga0MQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 82908c792d286ade-FRA alt-svc h3=":443"; ma=86400
GET H2	200	db-eccs-pws-pwcc-clientlib-trxm.css sg-madis.ch/public/css/	107 KB 16 KB	22ms 20ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sg-madis.ch/public/css/db-eccs-pws-pwcc-clientlib-trxm.css Requested by Host: sg-madis.ch URL: https://sg-madis.ch/trxm/db/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ddafdf6c974bffccfc995d3df0bf8bff1675acb8115c7775b35540760280952 Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/trxm/db/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Aug 2023 20:41:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1519 etag W/"1aa90-60297a01f7f80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2i9yfONXC9GGdGk4kC%2BH%2FX1nSfFfQigO9rbT42UledtFUcsq%2BWFH1WHMDW%2FS4ghjKtqjIQBBBnOCUJhtyUYoh2vXyQv1G85B9jvouryf%2Bc%2B3Gtj2E6LhqE0PGfPywPw0ov6WzG7XZcBLw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82908c792d1f6ade-FRA alt-svc h3=":443"; ma=86400
GET H2	200	base.css sg-madis.ch/public/css/	346 KB 54 KB	31ms 29ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sg-madis.ch/public/css/base.css Requested by Host: sg-madis.ch URL: https://sg-madis.ch/trxm/db/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe95ebf129bff5c16c70b1840eab25fce75586a4374517954071f01859929afb Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/trxm/db/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Aug 2023 20:41:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 135 etag W/"5661c-60297a0103d40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m75CZf3JZ2pIA8WcMN8%2BOpxrPvbdyZY0FHXWmWTe3mJRkG3ZyrmbJ8HvvrMZLaorL3iKxpjCBDEsOTXcApF65pIbC9Vi53aa56J%2F4MzisJ8ECdgbZm2Qtj8yXgAnhmy%2BhnT%2FUHMnrSIuIQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82908c792d226ade-FRA alt-svc h3=":443"; ma=86400
GET H2	200	loginout.css sg-madis.ch/public/css/	5 KB 2 KB	19ms 18ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sg-madis.ch/public/css/loginout.css Requested by Host: sg-madis.ch URL: https://sg-madis.ch/trxm/db/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b8d43923889c9727513b12ffd595be3e151ef5f6c7b06e14df15b7d3e6cd3c5 Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/trxm/db/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 10 Aug 2023 20:41:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 42 etag W/"135a-60297a02ec1c0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SSiMu2WYvmEIouRKG7O0VOvYS0p824ATyGbdOM6EcM120URi3B%2FBiWDbw8sXNZt4XjD%2BJHnX4q7ge1GKxq%2B%2BzrRIwsqsuEL%2FJDe3DtuBiOgHovPYa6X1rBm6UIermXSoLe1cL7ujWZQhA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82908c792d296ade-FRA alt-svc h3=":443"; ma=86400
GET H2	200	logo_db.gif sg-madis.ch/public/images/login_files/	2 KB 2 KB	20ms 19ms	Image image/gif	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sg-madis.ch/public/images/login_files/logo_db.gif Requested by Host: sg-madis.ch URL: https://sg-madis.ch/trxm/db/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 102d5e9253625aeb5d47ad0350763b534b95a92a240f353e8bd9bb43ef1722c2 Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/trxm/db/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT cf-cache-status HIT last-modified Thu, 10 Aug 2023 20:42:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 42 etag "774-60297a338f480" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRKuLUs7IYgEY4HhliH6hVLqHNLMfZ3sBLEY7o2iB44YAlGowvAZugs2V3BWnLTdtPPOrXLsSiD1JnfT3Mr%2FoJq3JNZ%2FY6thrvyIu18zMAFMXl6H3KgP9KWszF9Q72Aq6iLsO%2B1WuC8Lbw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 82908c792d2b6ade-FRA alt-svc h3=":443"; ma=86400 content-length 1908
GET H3	200	ic_help.gif sg-madis.ch/public/images/login_files/	356 B 859 B	51ms 51ms	Image image/gif	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sg-madis.ch/public/images/login_files/ic_help.gif Requested by Host: sg-madis.ch URL: https://sg-madis.ch/trxm/db/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5fa586c418c08dce89bb46bfa91597e880cdb2cd405a7da519bafb1c2ff5ae1 Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/trxm/db/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT cf-cache-status MISS last-modified Thu, 10 Aug 2023 20:42:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "164-60297a338f480" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1JdbmY7iVV7DLXkAbanaWuEGvYjuG070QhqpNMPN%2BigQXXmcSy5BZiJvoywB5G%2Fy0%2BodWu5NQaZXvCaHFAjk45Y%2FsQtX5QX8DVzrneU%2F4mvUqxpysGgGGrtKckT5XWNjvrfttbqsBDA%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 82908c7998163c9f-CDG alt-svc h3=":443"; ma=86400 content-length 356
GET H3	200	print.css sg-madis.ch/public/css/	12 KB 4 KB	56ms 56ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sg-madis.ch/public/css/print.css Requested by Host: sg-madis.ch URL: https://sg-madis.ch/trxm/db/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d64f45be4a1b6eba167704bb5057667101c83ccb99afe6e89b4dae7a3bc4a0f3 Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/trxm/db/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 10 Aug 2023 20:41:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"30d0-60297a03e0400" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgK5iiQBulKlmc%2FyKd8Ykdv13D%2Fiu8pvQSz1Z6Bjawt7UXdVG9Gp0yo0s%2F8P3gZ5tmZO8XtSq7rgKknV68KhbjduK9oa9eURA%2Fc3mdYW6%2BkSIPCYKc%2FP9fbeYSuJMgeJ%2BKYqwldLlpq7Bw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82908c7a28d63c9f-CDG alt-svc h3=":443"; ma=86400
GET H3	200	bg_headerContainer.svg sg-madis.ch/public/images/	24 KB 9 KB	59ms 58ms	Image image/svg+xml	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sg-madis.ch/public/images/bg_headerContainer.svg Requested by Host: sg-madis.ch URL: https://sg-madis.ch/public/css/base.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d8e151c9a4662eed5ed30c64a2ae9feaa84748d92286849c9093b68724634bd Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/public/css/base.css User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT content-encoding br cf-cache-status MISS last-modified Thu, 10 Aug 2023 20:41:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6002-60297a08a4f40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BbPuA%2BtWbcpUTTqZ4p4be06HqvjUuixgmYnsvNdanWYVRLrWMV3rGyTxCxIslMTvqVD9QpJbGCzCrOdRCfTwUZsDXsTMsuMT024XlT2LkoB4ciFpVr%2BQawe4Qf%2F4W3m%2FH0VV2fuK0pHPw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 82908c7a38e73c9f-CDG alt-svc h3=":443"; ma=86400
GET H3	200	bg_phishingDistractor.png sg-madis.ch/public/images/	542 B 1003 B	48ms 48ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sg-madis.ch/public/images/bg_phishingDistractor.png Requested by Host: sg-madis.ch URL: https://sg-madis.ch/public/css/loginout.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0310ab7647fe10856bd7f0b0614e1cbce195abc9916d665a5eba3e70b1e711c Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/public/css/loginout.css User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT cf-cache-status MISS last-modified Thu, 10 Aug 2023 20:41:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "21e-60297a08a4f40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fh41zxMepYc6uS4AoGnQQAj7J2hfICjRmgYjEF1qyoTQYY2z8I17BDVP%2BXqcdDMZ0cYuSmTecf14m9v2goIsppWnVgzvMUiX3ppHvrGMbqzsfGGE8ijrWFi9X0zD%2FQMmlIb0C31aQHdaHQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 82908c7a48f43c9f-CDG alt-svc h3=":443"; ma=86400 content-length 542
GET H3	200	bt_primary_default.png sg-madis.ch/public/images/	397 B 863 B	57ms 57ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sg-madis.ch/public/images/bt_primary_default.png Requested by Host: sg-madis.ch URL: https://sg-madis.ch/public/css/base.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c2bceb05d1e6ffbad84c59a08f4943d37a1323fe48573d7ad9afc5121cbc95f Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/public/css/base.css User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT cf-cache-status MISS last-modified Thu, 10 Aug 2023 20:41:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "18d-60297a08a4f40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2F3UT3lhf%2BbRcCwYJDIMu1NSeSHkLbywYkhF%2Bf9saQmliskGn40OYAwvfvqCxbJX8QW1FR1KblMZ9M7YJ%2FnFMUlArz2HdeGWsuo5%2BVRgdWVL4Ao6GuwOpaMw%2BoVa4AJy7wtgZPswbfnWBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 82908c7a48f83c9f-CDG alt-svc h3=":443"; ma=86400 content-length 397
GET H3	404	logo_verimi.svg sg-madis.ch/public/images/	8 KB 8 KB	63ms 63ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sg-madis.ch/public/images/logo_verimi.svg Requested by Host: sg-madis.ch URL: https://sg-madis.ch/public/css/base.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash 4765ba305cd3fbb925665c207ffc14bea411231edc1c3b799148fda5bbe37b96 Request headers accept-language de-DE,de;q=0.9 Referer https://sg-madis.ch/public/css/base.css User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers pragma no-cache date Mon, 20 Nov 2023 12:03:16 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUSwNmcDV2LOOsUrAELilJwbOmV9IytYMSEFXptReG%2BPigBIEvdbKESL%2Bmb8Evv%2Fvjr0ATfqSSjfQnWHCwPHPQyn9l1XAqREbGlIjSrCo23md7LapTj0h28uVMSjp4VomPQiIFsABJI3BA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 82908c7a48fe3c9f-CDG alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	UniversDeutscheBankW01-Reg.woff sg-madis.ch/public/webfonts/	48 KB 47 KB	78ms 78ms	Font application/font-woff	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sg-madis.ch/public/webfonts/UniversDeutscheBankW01-Reg.woff Requested by Host: sg-madis.ch URL: https://sg-madis.ch/public/css/base.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4713858ba9e8292ca443bde63df83f9d13b3eab4c92e7455a2983de7d2e4165c Request headers Referer https://sg-madis.ch/public/css/base.css Origin https://sg-madis.ch accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT content-encoding br cf-cache-status MISS last-modified Thu, 10 Aug 2023 20:42:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"c084-60297a207c780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbBAicm4cj9Pm7GE5%2FRZ3iLEElRCZ2ijrUEYh1K%2FXFiOU43cGTXLmfHk3WrsEFaRV8FHVmNYTOBYsuBHNRCiB16eoaFAhtCM1Z3Vn4crDhi%2BShhZTesEJ2ki1w%2BM37sEjrpuCNrbuX3yCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 82908c7a49003c9f-CDG alt-svc h3=":443"; ma=86400
GET H3	200	pfbicons.woff sg-madis.ch/public/webfonts/	57 KB 32 KB	71ms 71ms	Font application/font-woff	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sg-madis.ch/public/webfonts/pfbicons.woff Requested by Host: sg-madis.ch URL: https://sg-madis.ch/public/css/base.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7274c97d9d713e6c4a515d61678edb6a3cb6e61d855276a64f37d41c3e25e354 Request headers Referer https://sg-madis.ch/public/css/base.css Origin https://sg-madis.ch accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Mon, 20 Nov 2023 12:03:16 GMT content-encoding br cf-cache-status MISS last-modified Thu, 10 Aug 2023 20:42:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"e2c4-60297a1f88540" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uhWN1Jgczc%2BmpJhIEfAzgjQCAlJrP%2BKZYOrYf4c0kaknotle8dWwLp5lzdquLtIM8yLeq0%2FL087wSmp1L3kpd29ez5dXSNOPKq6eo0VtEdBxM8vrheL1MeoaZ0%2BQ5sr45b%2FCb2Ef6%2BCFA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 82908c7a49043c9f-CDG alt-svc h3=":443"; ma=86400

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Deutsche Bank (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| setImmediate function| clearImmediate object| cmsSnippets function| __CE_installPolyfill object| cmsStore undefined| f object| __eventListeners function| checkCapsLock

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sg-madis.ch/public/images/logo_verimi.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sg-madis.ch
2a06:98c1:3121::3
0b8d43923889c9727513b12ffd595be3e151ef5f6c7b06e14df15b7d3e6cd3c5
102d5e9253625aeb5d47ad0350763b534b95a92a240f353e8bd9bb43ef1722c2
1d877de7b4275a1596393dea968491619835c2ef6f697833afa3e29b9f60c02f
3b39d491f064026fc999911e62780f377c7ce085d501257cc2bbc67cb1935fac
3bf7b013d798a458b822b2c4e46a65fa2b3af38ab3ae9f594e954f0b344da2e6
4713858ba9e8292ca443bde63df83f9d13b3eab4c92e7455a2983de7d2e4165c
4765ba305cd3fbb925665c207ffc14bea411231edc1c3b799148fda5bbe37b96
4ddafdf6c974bffccfc995d3df0bf8bff1675acb8115c7775b35540760280952
6d8e151c9a4662eed5ed30c64a2ae9feaa84748d92286849c9093b68724634bd
7274c97d9d713e6c4a515d61678edb6a3cb6e61d855276a64f37d41c3e25e354
7c2bceb05d1e6ffbad84c59a08f4943d37a1323fe48573d7ad9afc5121cbc95f
a52097c20282053f31c7a732f95db82e5ff37ce69abd0f1150a0bf85f702d8c1
b86d62cd6db965295cd25c44221ae2f91e9a84aebdff867b32619dcdc6354391
c0310ab7647fe10856bd7f0b0614e1cbce195abc9916d665a5eba3e70b1e711c
d64f45be4a1b6eba167704bb5057667101c83ccb99afe6e89b4dae7a3bc4a0f3
e5fa586c418c08dce89bb46bfa91597e880cdb2cd405a7da519bafb1c2ff5ae1
fe95ebf129bff5c16c70b1840eab25fce75586a4374517954071f01859929afb