Report - col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/

Report Overview

Submitted URL
col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
IP
162.241.244.46
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2024-05-07 17:27:33
Access
public
Website Title
Login | SwissPass
Final URL
col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Tags
swosspass phishing transport
urlquery detections
Phishing - SwissPass

Detections

urlquery
24
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
col.vvg.mybluehost.me	unknown	2016-10-05	2024-03-13	2024-03-13	5.8 kB	578 kB	162.241.244.46
ocsp.swisssign.ch	unknown	unknown	2023-01-12	2024-05-06	748 B	14 kB	23.36.79.32
www.swisspass.ch	501260	unknown	2015-03-10	2024-04-29	908 B	149 kB	193.203.121.166
cdn.app.sbb.ch	610967	unknown	2018-04-04	2024-05-06	519 B	15 kB	3.66.100.247

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/	1.6 kB	2023-05-23	2024-05-23
Pretty URL col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/ IP 162.241.244.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-23 05:07:26 Last Seen2024-05-23 14:20:41 Times Seen490 Hash d2991ddf7f3235e307b70e484c62b482 debfdf857d21a51fbf7651bdf710e8de6ff11b0e 090c678b08b7ed12afbf72c33c9a8fa024e12352d0676d76e47fc0ab0715243b Loading...

	col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/	102 B	2023-05-23	2024-05-23
Pretty URL col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/ IP 162.241.244.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-23 05:07:26 Last Seen2024-05-23 14:20:41 Times Seen490 Hash 65d2e07d7f42df5ccfef51c1072f9d7b c5977a9ca4791317591fbf71546895958e92f3ce 5525638c23ce7eb7607d09dd40673dc70fc68dd1d69aa9358f3cfb369e7bc7a5 Loading...

	col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/js/jquery-20200819.js.download	97 kB	2023-03-10	2024-05-28
Pretty URL col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/js/jquery-20200819.js.download IP 162.241.244.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 03:55:08 Last Seen2024-05-28 18:17:50 Times Seen1809 Hash 43327285f22db304e1bc08eae9c9522e aff0883be1487a752a7431783bf2e5eb2c39353f 24f31a4afb4d98c85b6cff4c9a953654a77986d6c4c9e9cae52cf57e59095e01 Loading...

	col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/js/vendor.min-20200819.js.download	179 kB	2023-03-09	2024-05-28
Pretty URL col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/js/vendor.min-20200819.js.download IP 162.241.244.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:10:15 Last Seen2024-05-28 18:17:50 Times Seen1534 Hash ccfc9b3b004cfb4f51ae7853af5f78d9 2c52cec1f06c406c4d5d2cf34e870ef15a85dad7 be0223ae72bc8c610c7a5453d349964cbe78ff8646695a58bc13a4cf0a8d81d6 Loading...

	col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/js/swisspass.min-20200819.js.download	99 kB	2023-03-09	2024-05-28
Pretty URL col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/js/swisspass.min-20200819.js.download IP 162.241.244.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:10:14 Last Seen2024-05-28 18:17:50 Times Seen1515 Hash e37fe394cc3945b173b27bcd3b2b9779 1e2fd6607c9dfe3a1c5beebbe89dd1d7e8b657ce 225e078f0432e7459d74e8d9245f1982570a3897d664ca2d219ccd09b244ab95 Loading...

	col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/	4.2 kB	2023-05-23	2024-05-23
Pretty URL col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/ IP 162.241.244.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-23 05:07:26 Last Seen2024-05-23 14:20:41 Times Seen486 Hash 0d78863ce031f0ad6c3aeb3dde918a1b b91e9be2c56067a3c33bd6b742996adac8f41aac 0bda67d50dd7e429f46e18161fd7ef3f0be9f6f6b6919efb1275a5c9d1b0039c Loading...

	col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/	961 B	2023-05-23	2024-05-23
Pretty URL col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/ IP 162.241.244.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-23 05:07:26 Last Seen2024-05-23 14:20:41 Times Seen486 Hash 31183fcc3cd59e53b87dc2e14d5355a4 d8550e31b9485a1fa7f73ad6a61617a7d7b5498e 0675c21e881f0ad8022a4877c6f12aef4169a0ab5709b04b30a9e33320920587 Loading...

	col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/	0 B	2023-03-07	2024-05-29
Pretty URL col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/ IP 162.241.244.46 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-29 00:33:41 Times Seen38431971 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (16)

URL IP Response Size

col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/

162.241.244.46

200 OK

15 kB

URL User Request GET HTTP/2
col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
IP
162.241.244.46:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subjectcpcontacts.col.vvg.mybluehost.me
Fingerprint82:CC:A3:36:CC:7C:62:FA:0C:67:9C:73:CA:E5:7E:3F:3F:E6:18:74
ValidityWed, 13 Mar 2024 09:16:28 GMT - Tue, 11 Jun 2024 09:16:27 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2819), with CRLF line terminators
Size
15 kB (14645 bytes)
Hash
2c73b62984f35c4eeefaea5da4185585
404d3a6b83d2d86f8c1286bee618ec64ff2f602f
253cc6b9492d92ebefa081634dd02241b33c4bd83e17af332305f8e91cf39ace

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /wp-admin/CHFINAL/fadcb/ HTTP/1.1
Host: col.vvg.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 07 May 2024 13:16:50 GMT
accept-ranges: bytes
cache-control: max-age=7200
expires: Tue, 07 May 2024 19:26:57 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 14645
content-type: text/html
date: Tue, 07 May 2024 17:26:57 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec

23.36.79.32

6.9 kB

URL
ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
IP
23.36.79.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
6.9 kB (6897 bytes)
Hash
77895cd7f01c290adccaa5c2cbf0fd37
661937cfcee3766ee5a1e8ab1e33757ad654e845
5171c569ffbc89d2fc02f65ed692aa5a491029b29d8dc120e7b1f17ac05ea8b1

HTTP Headers

POST /sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec HTTP/1.1
Host: ocsp.swisssign.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 6897
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
Expires: Tue, 07 May 2024 18:26:58 GMT
Date: Tue, 07 May 2024 17:26:58 GMT
Connection: keep-alive

ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec

23.36.79.32

6.9 kB

URL
ocsp.swisssign.ch/sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec
IP
23.36.79.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
6.9 kB (6897 bytes)
Hash
77895cd7f01c290adccaa5c2cbf0fd37
661937cfcee3766ee5a1e8ab1e33757ad654e845
5171c569ffbc89d2fc02f65ed692aa5a491029b29d8dc120e7b1f17ac05ea8b1

HTTP Headers

POST /sign/ocs-aaccced5-66e8-4069-9b1b-fd29ab73efec HTTP/1.1
Host: ocsp.swisssign.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 6897
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: max-age=3600
Expires: Tue, 07 May 2024 18:26:58 GMT
Date: Tue, 07 May 2024 17:26:58 GMT
Connection: keep-alive

www.swisspass.ch//resources/img/logo_text_de-20200819.svg

193.203.121.166

200 OK

140 kB

URL GET HTTP/1.1
www.swisspass.ch//resources/img/logo_text_de-20200819.svg
IP
193.203.121.166:443
ASN
#31004 Schweizerische Bundesbahnen SBB

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerSwissSign AG
Subjectswisspass.ch
Fingerprint0F:CC:F3:F9:E7:22:13:51:BD:03:15:EE:A8:31:BE:24:0B:CA:37:16
ValidityThu, 14 Mar 2024 05:50:58 GMT - Fri, 14 Mar 2025 05:50:58 GMT

File type
SVG Scalable Vector Graphics image
Size
140 kB (139971 bytes)
Hash
512410d9227bb0c2481e175dce0eda72
1deb5d9f09592101e632a8351865d54b1d6a27f7
c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET //resources/img/logo_text_de-20200819.svg HTTP/1.1
Host: www.swisspass.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:26:58 GMT
Server: Apache
Content-Length: 139971
last-modified: Fri, 26 Apr 2024 10:42:00 GMT
etag: "662b84f8-222c3"
expires: Wed, 07 May 2025 17:26:58 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Feature-Policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Set-Cookie: AL_SESS-S=Abh6el43CnVHj4GJCrzCQs08h5pE6yPounwzP0nkne8Z7rcavR5vsUQo2dsfyGFrg3f0; Path=/; Domain=.swisspass.ch; Secure; HttpOnly; SameSite=None
Keep-Alive: timeout=10, max=500
Connection: Keep-Alive
Content-Type: image/svg+xml

col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/loader-20200819.png

162.241.244.46

200 OK

3.1 kB

URL GET HTTP/2
col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/loader-20200819.png
IP
162.241.244.46:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.col.vvg.mybluehost.me
Fingerprint82:CC:A3:36:CC:7C:62:FA:0C:67:9C:73:CA:E5:7E:3F:3F:E6:18:74
ValidityWed, 13 Mar 2024 09:16:28 GMT - Tue, 11 Jun 2024 09:16:27 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
3.1 kB (3095 bytes)
Hash
b26f67a4fda44a2221c7c1393009374c
f2179ce94b37bf26cc425efcdbe67d70ef07f77a
b270f77f27d46cad139cd4b587d6f6d09535a4df2d655e2e735a1372b3fa31fe

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /wp-admin/CHFINAL/fadcb/loader-20200819.png HTTP/1.1
Host: col.vvg.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=55b2c035833799141697ba5fd42285c0; path=/
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3095
content-type: text/html; charset=UTF-8
date: Tue, 07 May 2024 17:26:58 GMT
server: Apache
X-Firefox-Spdy: h2

www.swisspass.ch//resources/img/logo-20200819.svg

193.203.121.166

200 OK

7.4 kB

URL GET HTTP/1.1
www.swisspass.ch//resources/img/logo-20200819.svg
IP
193.203.121.166:443
ASN
#31004 Schweizerische Bundesbahnen SBB

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerSwissSign AG
Subjectswisspass.ch
Fingerprint0F:CC:F3:F9:E7:22:13:51:BD:03:15:EE:A8:31:BE:24:0B:CA:37:16
ValidityThu, 14 Mar 2024 05:50:58 GMT - Fri, 14 Mar 2025 05:50:58 GMT

File type
SVG Scalable Vector Graphics image
Size
7.4 kB (7374 bytes)
Hash
795242580bfa3135028bd0750fdc1654
2c344b6662e62ddbdba49f635e1c33a827fe75d4
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET //resources/img/logo-20200819.svg HTTP/1.1
Host: www.swisspass.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:26:58 GMT
Server: Apache
Content-Length: 7374
last-modified: Fri, 26 Apr 2024 10:42:00 GMT
etag: "662b84f8-1cce"
expires: Wed, 07 May 2025 17:26:58 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=16070400
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Feature-Policy: autoplay 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self'; xr-spatial-tracking 'self'
Set-Cookie: AL_SESS-S=AdXg5A2HtaLCQcP!L85No7j060ldt4N8_a3Px4irCKs2khcW6!XxwCXmQkmmeAVxyHL9; Path=/; Domain=.swisspass.ch; Secure; HttpOnly; SameSite=None
Keep-Alive: timeout=10, max=500
Connection: Keep-Alive
Content-Type: image/svg+xml

cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Light.woff2

3.66.100.247

200 OK

14 kB

URL GET HTTP/2
cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Light.woff2
IP
3.66.100.247:443
ASN
#16509 AMAZON-02

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerAmazon
Subject*.app.sbb.ch
Fingerprint91:97:68:15:9B:1D:9F:0F:5B:C1:DB:F4:EE:DC:A6:EC:4A:2A:09:71
ValidityWed, 16 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14212, version 1.0
Size
14 kB (14212 bytes)
Hash
8b70a44a98a0ac5d721df7d8f5136f7b
10e10c01e732f3d35a78e1051bfcc9fe2589ddda
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /fonts/v1_6_subset/SBBWeb-Light.woff2 HTTP/1.1
Host: cdn.app.sbb.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://col.vvg.mybluehost.me
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 17:26:58 GMT
content-type: application/font-woff2
content-length: 14212
server: nginx/1.25.5
last-modified: Wed, 31 Jan 2024 10:14:44 GMT
vary: Accept-Encoding
etag: "65ba1d94-3784"
expires: Wed, 07 May 2025 17:26:58 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-control: max-age=31536000, public, private
accept-ranges: bytes
set-cookie: 9527f1a32486d650b0687919ffd41c2b=14ba294d363bbe4673f9250350b99672; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/js/jquery-20200819.js.download

162.241.244.46

200 OK

44 kB

URL GET HTTP/2
col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/js/jquery-20200819.js.download
IP
162.241.244.46:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.col.vvg.mybluehost.me
Fingerprint82:CC:A3:36:CC:7C:62:FA:0C:67:9C:73:CA:E5:7E:3F:3F:E6:18:74
ValidityWed, 13 Mar 2024 09:16:28 GMT - Tue, 11 Jun 2024 09:16:27 GMT

File type
gzip compressed data, from Unix
Size
44 kB (43458 bytes)
Hash
2387ef3a624b3680fa1ef8580690ef45
f41cd6dcf480b4cd8ecc213c1a4037bad46e4f43
b586228c312584e9f83b324ff1ed71b3c2a60406b2ccc8286615c1c3f329f4a7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /wp-admin/CHFINAL/fadcb/js/jquery-20200819.js.download HTTP/1.1
Host: col.vvg.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 07 May 2024 13:16:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 07 May 2024 23:26:58 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Tue, 07 May 2024 17:26:58 GMT
server: Apache
X-Firefox-Spdy: h2

col.vvg.mybluehost.me/wp-admin/fonts/icomoon/icomoon.woff2?7m5yri

162.241.244.46

200 OK

17 kB

URL GET HTTP/2
col.vvg.mybluehost.me/wp-admin/fonts/icomoon/icomoon.woff2?7m5yri
IP
162.241.244.46:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.col.vvg.mybluehost.me
Fingerprint82:CC:A3:36:CC:7C:62:FA:0C:67:9C:73:CA:E5:7E:3F:3F:E6:18:74
ValidityWed, 13 Mar 2024 09:16:28 GMT - Tue, 11 Jun 2024 09:16:27 GMT

File type
data
Size
17 kB (17144 bytes)
Hash
a284b24e5cebebecbc4ea03e4f02ff5a
e109c309c6b583f1eb82f11c2cf77a8d1c476016
0a3d2315cb5625c75a828c5353c1359178102639e20d3f77b6ca0cadea59660b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /wp-admin/fonts/icomoon/icomoon.woff2?7m5yri HTTP/1.1
Host: col.vvg.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/css/sso.min-20200819.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=03455e6e6d0397b76bddd332d1462c3b; path=/
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/html; charset=UTF-8
date: Tue, 07 May 2024 17:26:58 GMT
server: Apache
X-Firefox-Spdy: h2

col.vvg.mybluehost.me/idp/co-branding?resource=co-branding&lang=de&provider=sbbkn

162.241.244.46

200 OK

3.1 kB

URL GET HTTP/2
col.vvg.mybluehost.me/idp/co-branding?resource=co-branding&lang=de&provider=sbbkn
IP
162.241.244.46:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.col.vvg.mybluehost.me
Fingerprint82:CC:A3:36:CC:7C:62:FA:0C:67:9C:73:CA:E5:7E:3F:3F:E6:18:74
ValidityWed, 13 Mar 2024 09:16:28 GMT - Tue, 11 Jun 2024 09:16:27 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
3.1 kB (3095 bytes)
Hash
b26f67a4fda44a2221c7c1393009374c
f2179ce94b37bf26cc425efcdbe67d70ef07f77a
b270f77f27d46cad139cd4b587d6f6d09535a4df2d655e2e735a1372b3fa31fe

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /idp/co-branding?resource=co-branding&lang=de&provider=sbbkn HTTP/1.1
Host: col.vvg.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Cookie: PHPSESSID=03455e6e6d0397b76bddd332d1462c3b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 17:26:59 GMT
server: nginx/1.21.6
content-type: text/html; charset=UTF-8
content-length: 3095
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2

col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/img/favicon.ico

162.241.244.46

200 OK

1.2 kB

URL GET HTTP/2
col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/img/favicon.ico
IP
162.241.244.46:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.col.vvg.mybluehost.me
Fingerprint82:CC:A3:36:CC:7C:62:FA:0C:67:9C:73:CA:E5:7E:3F:3F:E6:18:74
ValidityWed, 13 Mar 2024 09:16:28 GMT - Tue, 11 Jun 2024 09:16:27 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
6d866d9c4568bf7fc03e597e74ce7e28
e1b3d9f0e9cdcb785a94b6c1e1fe651a4ff98dcb
7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /wp-admin/CHFINAL/fadcb/img/favicon.ico HTTP/1.1
Host: col.vvg.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Cookie: PHPSESSID=03455e6e6d0397b76bddd332d1462c3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 07 May 2024 13:16:50 GMT
accept-ranges: bytes
content-length: 1150
cache-control: max-age=31536000
expires: Wed, 07 May 2025 17:26:59 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/x-icon
date: Tue, 07 May 2024 17:26:59 GMT
server: Apache
X-Firefox-Spdy: h2

col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/js/vendor.min-20200819.js.download

162.241.244.46

200 OK

179 kB

URL GET HTTP/2
col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/js/vendor.min-20200819.js.download
IP
162.241.244.46:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.col.vvg.mybluehost.me
Fingerprint82:CC:A3:36:CC:7C:62:FA:0C:67:9C:73:CA:E5:7E:3F:3F:E6:18:74
ValidityWed, 13 Mar 2024 09:16:28 GMT - Tue, 11 Jun 2024 09:16:27 GMT

File type

Size
179 kB (179210 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /wp-admin/CHFINAL/fadcb/js/vendor.min-20200819.js.download HTTP/1.1
Host: col.vvg.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 07 May 2024 13:16:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 07 May 2024 23:26:58 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Tue, 07 May 2024 17:26:58 GMT
server: Apache
X-Firefox-Spdy: h2

col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/js/swisspass.min-20200819.js.download

162.241.244.46

200 OK

99 kB

URL GET HTTP/2
col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/js/swisspass.min-20200819.js.download
IP
162.241.244.46:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.col.vvg.mybluehost.me
Fingerprint82:CC:A3:36:CC:7C:62:FA:0C:67:9C:73:CA:E5:7E:3F:3F:E6:18:74
ValidityWed, 13 Mar 2024 09:16:28 GMT - Tue, 11 Jun 2024 09:16:27 GMT

File type

Size
99 kB (99324 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /wp-admin/CHFINAL/fadcb/js/swisspass.min-20200819.js.download HTTP/1.1
Host: col.vvg.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 07 May 2024 13:16:50 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Tue, 07 May 2024 23:26:58 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Tue, 07 May 2024 17:26:58 GMT
server: Apache
X-Firefox-Spdy: h2

col.vvg.mybluehost.me/wp-admin/fonts/icomoon/icomoon.woff?7m5yri

162.241.244.46

200 OK

14 kB

URL GET HTTP/2
col.vvg.mybluehost.me/wp-admin/fonts/icomoon/icomoon.woff?7m5yri
IP
162.241.244.46:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.col.vvg.mybluehost.me
Fingerprint82:CC:A3:36:CC:7C:62:FA:0C:67:9C:73:CA:E5:7E:3F:3F:E6:18:74
ValidityWed, 13 Mar 2024 09:16:28 GMT - Tue, 11 Jun 2024 09:16:27 GMT

File type

Size
14 kB (14049 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /wp-admin/fonts/icomoon/icomoon.woff?7m5yri HTTP/1.1
Host: col.vvg.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/css/sso.min-20200819.css
Cookie: PHPSESSID=03455e6e6d0397b76bddd332d1462c3b
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/html; charset=UTF-8
date: Tue, 07 May 2024 17:26:59 GMT
server: Apache
X-Firefox-Spdy: h2

col.vvg.mybluehost.me/wp-admin/fonts/icomoon/icomoon.ttf?7m5yri

162.241.244.46

200 OK

14 kB

URL GET HTTP/2
col.vvg.mybluehost.me/wp-admin/fonts/icomoon/icomoon.ttf?7m5yri
IP
162.241.244.46:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.col.vvg.mybluehost.me
Fingerprint82:CC:A3:36:CC:7C:62:FA:0C:67:9C:73:CA:E5:7E:3F:3F:E6:18:74
ValidityWed, 13 Mar 2024 09:16:28 GMT - Tue, 11 Jun 2024 09:16:27 GMT

File type

Size
14 kB (14049 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /wp-admin/fonts/icomoon/icomoon.ttf?7m5yri HTTP/1.1
Host: col.vvg.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/css/sso.min-20200819.css
Cookie: PHPSESSID=03455e6e6d0397b76bddd332d1462c3b
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3095
content-type: text/html; charset=UTF-8
date: Tue, 07 May 2024 17:26:58 GMT
server: Apache
X-Firefox-Spdy: h2

col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/css/sso.min-20200819.css

162.241.244.46

200 OK

184 kB

URL GET HTTP/2
col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/css/sso.min-20200819.css
IP
162.241.244.46:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Certificate
IssuerLet's Encrypt
Subjectcpcontacts.col.vvg.mybluehost.me
Fingerprint82:CC:A3:36:CC:7C:62:FA:0C:67:9C:73:CA:E5:7E:3F:3F:E6:18:74
ValidityWed, 13 Mar 2024 09:16:28 GMT - Tue, 11 Jun 2024 09:16:27 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
184 kB (184065 bytes)
Hash
2bbf7f3318c47af5e7612c00944fad2e
3c1974c80924829ef60ad41f10e6c24e1299f2ec
fd23aeccc08239852a5ac678a7cc5b29c723987a0287674000b930cf606b115e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /wp-admin/CHFINAL/fadcb/css/sso.min-20200819.css HTTP/1.1
Host: col.vvg.mybluehost.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://col.vvg.mybluehost.me/wp-admin/CHFINAL/fadcb/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 07 May 2024 13:16:50 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Thu, 06 Jun 2024 17:26:58 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Tue, 07 May 2024 17:26:58 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML