wartungswisspassch.sviluppo.host Open in urlscan Pro
149.62.187.89  Malicious Activity! Public Scan

Submitted URL: https://infonexbpo.com/App/
Effective URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Submission: On May 28 via api from CZ — Scanned from CH

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 149.62.187.89, located in Italy and belongs to COLTENGINE COLTENGINE Network, IT. The main domain is wartungswisspassch.sviluppo.host.
TLS certificate: Issued by R3 on May 22nd 2024. Valid for: 3 months.
This is the only time wartungswisspassch.sviluppo.host was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Schweizerische Bundesbahnen (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 1 70.32.23.90 55293 (A2HOSTING)
1 11 149.62.187.89 47242 (COLTENGIN...)
3 141.101.90.105 13335 (CLOUDFLAR...)
1 141.101.90.107 13335 (CLOUDFLAR...)
14 3
Apex Domain
Subdomains
Transfer
11 sviluppo.host
wartungswisspassch.sviluppo.host
160 KB
4 swisspass.ch
login.swisspass.ch — Cisco Umbrella Rank: 294116
resources.swisspass.ch
219 KB
1 infonexbpo.com
infonexbpo.com
586 B
14 3
Domain Requested by
11 wartungswisspassch.sviluppo.host 1 redirects wartungswisspassch.sviluppo.host
3 login.swisspass.ch wartungswisspassch.sviluppo.host
1 resources.swisspass.ch wartungswisspassch.sviluppo.host
1 infonexbpo.com 1 redirects
14 4

This site contains no links.

Subject Issuer Validity Valid
wartungswisspassch.sviluppo.host
R3
2024-05-22 -
2024-08-20
3 months crt.sh
swisspass.ch
SwissSign RSA TLS DV ICA 2022 - 1
2024-03-14 -
2025-03-14
a year crt.sh

This page contains 2 frames:

Primary Page: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Frame ID: 501681B40DE16C30CE52E935626B05BA
Requests: 13 HTTP requests in this frame

Frame: https://wartungswisspassch.sviluppo.host/auth/userapp_files/saved_resource.html
Frame ID: D8411EFA012685119129990CCC19E8FF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Login | SwissPass

Page URL History Show full URLs

  1. https://infonexbpo.com/App/ HTTP 302
    https://wartungswisspassch.sviluppo.host/auth/ HTTP 302
    https://wartungswisspassch.sviluppo.host/auth/Entry.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • otSDKStub\.js

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

379 kB
Transfer

1121 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://infonexbpo.com/App/ HTTP 302
    https://wartungswisspassch.sviluppo.host/auth/ HTTP 302
    https://wartungswisspassch.sviluppo.host/auth/Entry.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Entry.php
wartungswisspassch.sviluppo.host/auth/
Redirect Chain
  • https://infonexbpo.com/App/
  • https://wartungswisspassch.sviluppo.host/auth/
  • https://wartungswisspassch.sviluppo.host/auth/Entry.php
131 KB
25 KB
Document
General
Full URL
https://wartungswisspassch.sviluppo.host/auth/Entry.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.62.187.89 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS
w3008.shared.host.it
Software
nginx / PHP/7.4.33
Resource Hash
729063f305e6efcd4a5eac69b799c96da4403fc5f082219d68f824b66213402d

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 28 May 2024 02:32:31 GMT
server
nginx
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
br
content-length
5
content-type
text/html; charset=UTF-8
date
Tue, 28 May 2024 02:32:30 GMT
location
./Entry.php
server
nginx
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.4.33
otSDKStub.js
wartungswisspassch.sviluppo.host/auth/userapp_files/
21 KB
7 KB
Script
General
Full URL
https://wartungswisspassch.sviluppo.host/auth/userapp_files/otSDKStub.js
Requested by
Host: wartungswisspassch.sviluppo.host
URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
149.62.187.89 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS
w3008.shared.host.it
Software
LiteSpeed /
Resource Hash
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://wartungswisspassch.sviluppo.host/auth/Entry.php
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 28 May 2024 02:32:31 GMT
content-encoding
br
last-modified
Wed, 27 Mar 2024 23:15:53 GMT
server
LiteSpeed
etag
"526c-6604a8a9-fd1c4fd27883e841;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
6575
expires
Tue, 04 Jun 2024 02:32:31 GMT
styles.8501c3a64c32c7c4.css
wartungswisspassch.sviluppo.host/auth/userapp_files/
177 KB
21 KB
Stylesheet
General
Full URL
https://wartungswisspassch.sviluppo.host/auth/userapp_files/styles.8501c3a64c32c7c4.css
Requested by
Host: wartungswisspassch.sviluppo.host
URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
149.62.187.89 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS
w3008.shared.host.it
Software
LiteSpeed /
Resource Hash
8e12bf257a56e15f5cb4fcc36e706ae4615dc43b497e24933a52886fc15587a1

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://wartungswisspassch.sviluppo.host/auth/Entry.php
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 28 May 2024 02:32:31 GMT
content-encoding
br
last-modified
Wed, 27 Mar 2024 23:21:03 GMT
server
LiteSpeed
etag
"2c588-6604a9df-7c172a937512531a;br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
21555
expires
Tue, 04 Jun 2024 02:32:31 GMT
otBannerSdk.js
wartungswisspassch.sviluppo.host/auth/userapp_files/
442 KB
101 KB
Script
General
Full URL
https://wartungswisspassch.sviluppo.host/auth/userapp_files/otBannerSdk.js
Requested by
Host: wartungswisspassch.sviluppo.host
URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
149.62.187.89 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS
w3008.shared.host.it
Software
LiteSpeed /
Resource Hash
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://wartungswisspassch.sviluppo.host/auth/Entry.php
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 28 May 2024 02:32:31 GMT
content-encoding
br
last-modified
Wed, 27 Mar 2024 23:15:53 GMT
server
LiteSpeed
etag
"6e895-6604a8a9-cc6a5fd3fd674ca3;br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
103628
expires
Tue, 04 Jun 2024 02:32:31 GMT
logo.png
wartungswisspassch.sviluppo.host/auth/userapp_files/
548 B
607 B
Image
General
Full URL
https://wartungswisspassch.sviluppo.host/auth/userapp_files/logo.png
Requested by
Host: wartungswisspassch.sviluppo.host
URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
149.62.187.89 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS
w3008.shared.host.it
Software
LiteSpeed /
Resource Hash
f2f0d94a5141a75ef227f2699b6a43588741ede3edd2fe2d075a65b3d413b2f8

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://wartungswisspassch.sviluppo.host/auth/Entry.php
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 28 May 2024 02:32:31 GMT
last-modified
Wed, 27 Mar 2024 23:15:53 GMT
server
LiteSpeed
etag
"224-6604a8a9-fdd41235502091ec;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
548
expires
Tue, 04 Jun 2024 02:32:31 GMT
logo_text_de-20200819.svg
login.swisspass.ch/resources/img/
137 KB
18 KB
Image
General
Full URL
https://login.swisspass.ch/resources/img/logo_text_de-20200819.svg
Requested by
Host: wartungswisspassch.sviluppo.host
URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://wartungswisspassch.sviluppo.host/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 28 May 2024 02:32:49 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
101709
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 26 Apr 2024 10:42:00 GMT
server
cloudflare
etag
W/"662b84f8-222c3"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
cf-ray
88aad61e59c9153f-CDG
expires
Wed, 28 May 2025 02:32:49 GMT
logo-20200819.svg
login.swisspass.ch/resources/img/
7 KB
3 KB
Image
General
Full URL
https://login.swisspass.ch/resources/img/logo-20200819.svg
Requested by
Host: wartungswisspassch.sviluppo.host
URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://wartungswisspassch.sviluppo.host/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 28 May 2024 02:32:49 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
101670
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 26 Apr 2024 10:42:00 GMT
server
cloudflare
etag
W/"662b84f8-1cce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
cf-ray
88aad61e59ca153f-CDG
expires
Wed, 28 May 2025 02:32:49 GMT
saved_resource.html
wartungswisspassch.sviluppo.host/auth/userapp_files/ Frame D841
198 B
253 B
Document
General
Full URL
https://wartungswisspassch.sviluppo.host/auth/userapp_files/saved_resource.html
Requested by
Host: wartungswisspassch.sviluppo.host
URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
149.62.187.89 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS
w3008.shared.host.it
Software
LiteSpeed /
Resource Hash
7a036d721a3bbb21568fa68822dfb58ab04cc78a274c6608590440becb307ec9

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://wartungswisspassch.sviluppo.host/auth/Entry.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
content-length
198
content-type
text/html
date
Tue, 28 May 2024 02:32:31 GMT
etag
"c6-6604a8a9-14b10220aec788cb;;;"
last-modified
Wed, 27 Mar 2024 23:15:53 GMT
server
LiteSpeed
vary
User-Agent
OneTrust_SwissPass_logo_mobile.png
wartungswisspassch.sviluppo.host/auth/userapp_files/
2 KB
2 KB
Image
General
Full URL
https://wartungswisspassch.sviluppo.host/auth/userapp_files/OneTrust_SwissPass_logo_mobile.png
Requested by
Host: wartungswisspassch.sviluppo.host
URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
149.62.187.89 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS
w3008.shared.host.it
Software
LiteSpeed /
Resource Hash
e42fe383c86ab1185425bf334a44f9a311dd06d8ccf9e409d05b45dbe0bc48c6

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://wartungswisspassch.sviluppo.host/auth/Entry.php
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 28 May 2024 02:32:31 GMT
last-modified
Wed, 27 Mar 2024 23:15:53 GMT
server
LiteSpeed
etag
"7aa-6604a8a9-9595c9d577abeb68;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1962
expires
Tue, 04 Jun 2024 02:32:31 GMT
powered_by_logo.svg
wartungswisspassch.sviluppo.host/auth/userapp_files/
5 KB
2 KB
Image
General
Full URL
https://wartungswisspassch.sviluppo.host/auth/userapp_files/powered_by_logo.svg
Requested by
Host: wartungswisspassch.sviluppo.host
URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
149.62.187.89 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS
w3008.shared.host.it
Software
LiteSpeed /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://wartungswisspassch.sviluppo.host/auth/Entry.php
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 28 May 2024 02:32:31 GMT
content-encoding
br
last-modified
Wed, 27 Mar 2024 23:15:53 GMT
server
LiteSpeed
etag
"144a-6604a8a9-97edb047a6e716b9;br"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1988
expires
Tue, 04 Jun 2024 02:32:31 GMT
login_bg.jpg
resources.swisspass.ch/content/dam/swisspass/co-branding/swiss_ch/
196 KB
197 KB
Image
General
Full URL
https://resources.swisspass.ch/content/dam/swisspass/co-branding/swiss_ch/login_bg.jpg
Requested by
Host: wartungswisspassch.sviluppo.host
URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a037c0bde953b48561826f3df16031f7ddfce33c4018619d3f39c6af6eec1b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://wartungswisspassch.sviluppo.host/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 28 May 2024 02:32:49 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
age
15283
x-cache
MISS
x-url
/content/dam/swisspass/co-branding/swiss_ch/login_bg.jpg
content-length
200933
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
h2pri
last-modified
Mon, 27 May 2024 01:53:27 GMT
server
cloudflare
etag
"310e5-61965c88ecc23"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
x-varnish
177848420
x-plattform
cprod
cache-control
public, max-age=21600
accept-ranges
bytes
cf-ray
88aad61eada73c9e-CDG
expires
Tue, 28 May 2024 08:32:49 GMT
e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json
wartungswisspassch.sviluppo.host/auth/userapp_files/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/
1 KB
1 KB
XHR
General
Full URL
https://wartungswisspassch.sviluppo.host/auth/userapp_files/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json
Requested by
Host: wartungswisspassch.sviluppo.host
URL: https://wartungswisspassch.sviluppo.host/auth/userapp_files/otSDKStub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
149.62.187.89 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS
w3008.shared.host.it
Software
LiteSpeed /
Resource Hash
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://wartungswisspassch.sviluppo.host/auth/Entry.php
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 28 May 2024 02:32:31 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
server
LiteSpeed
content-length
1251
vary
User-Agent
content-type
text/html
SBBWeb-Light.3f0cdd23274e17f7.woff2
wartungswisspassch.sviluppo.host/auth/userapp_files/
0
0
Font
General
Full URL
https://wartungswisspassch.sviluppo.host/auth/userapp_files/SBBWeb-Light.3f0cdd23274e17f7.woff2
Requested by
Host: wartungswisspassch.sviluppo.host
URL: https://wartungswisspassch.sviluppo.host/auth/userapp_files/styles.8501c3a64c32c7c4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
149.62.187.89 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),
Reverse DNS
w3008.shared.host.it
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://wartungswisspassch.sviluppo.host/auth/userapp_files/styles.8501c3a64c32c7c4.css
Origin
https://wartungswisspassch.sviluppo.host
Accept-Language
de-CH,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Tue, 28 May 2024 02:32:31 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
server
LiteSpeed
content-length
1251
vary
User-Agent
content-type
text/html
favicon.ico
login.swisspass.ch/v3/oevlogin/ui/assets/custom/img/
1 KB
365 B
Other
General
Full URL
https://login.swisspass.ch/v3/oevlogin/ui/assets/custom/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://wartungswisspassch.sviluppo.host/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 28 May 2024 02:32:49 GMT
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
5577
server-timing
intid;desc=3ec28f965ff00d05
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 02 May 2024 08:39:57 GMT
server
cloudflare
etag
W/"1150-1714639197000"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/x-icon;charset=UTF-8
cache-control
public, max-age=14400
feature-policy
autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
cf-ray
88aad61f5a1e153f-CDG
expires
Tue, 28 May 2024 06:32:49 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Schweizerische Bundesbahnen (Transportation)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| OneTrustStub

2 Cookies

Domain/Path Name / Value
infonexbpo.com/ Name: PHPSESSID
Value: 268413060fedb359a2cfd0e4bab425f9
.swisspass.ch/ Name: __cf_bm
Value: Vqn_yQLjnMbHphdPxjnxr7HqvopMCJxaffB5oTypSSY-1716863569-1.0.1.1-x_CpvP8jIOIh9fqbjHs5ccH93JcU5nXSD3HiDrKTCk_sPLUIXkZMg45WYLPGeYzjm3X15IJIBpz0MiXlvaMUyA

7 Console Messages

Source Level URL
Text
recommendation warning URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Message:
[DOM] Found 2 elements with non-unique id #username: (More info: https://goo.gl/9p2vKq) %o %o
network error URL: https://wartungswisspassch.sviluppo.host/auth/userapp_files/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://wartungswisspassch.sviluppo.host/auth/userapp_files/SBBWeb-Light.3f0cdd23274e17f7.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wartungswisspassch.sviluppo.host/auth/Entry.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.