Report - app.snipercrm.io/assets/js/ch20230/login.php

Report Overview

Submitted URL
app.snipercrm.io/assets/js/ch20230/login.php
IP
162.250.120.10
ASN
#19318 IS-AS-1
Submitted
2024-05-07 16:06:37
Access
public
Website Title
Anmeldung | SwissPass
Final URL
app.snipercrm.io/assets/js/ch20230/login.php
Tags
swosspass phishing transport
urlquery detections
Phishing - SwissPass

Detections

urlquery
28
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
app.snipercrm.io	unknown	2020-11-27	2021-08-03	2023-11-03	7.2 kB	391 kB	162.250.120.10
cdn.cookielaw.org	502	2011-06-20	2013-12-28	2024-05-06	4.9 kB	232 kB	104.19.177.52
assets.adobedtm.com	512	2013-11-22	2014-01-28	2024-05-06	447 B	39 kB	2.18.172.233
cdn.app.sbb.ch	610967	unknown	2018-04-04	2024-04-26	1.0 kB	30 kB	18.185.175.16
geolocation.onetrust.com	802	2004-01-12	2018-02-07	2024-05-07	477 B	468 B	172.64.155.119

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	app.snipercrm.io/assets/js/ch20230/resources/js/vendor/head/modernizr/modernizr-20200819.js	7.8 kB	2023-03-09	2024-05-28
Pretty URL app.snipercrm.io/assets/js/ch20230/resources/js/vendor/head/modernizr/modernizr-20200819.js IP 162.250.120.10 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:10:14 Last Seen2024-05-28 18:17:50 Times Seen902 Hash 4d11af9e90e621d0f067d464959ebd7b e256d0de8ac8b68019ee29d65894cbe58f513a52 4a3d4cf982535aaf485c6e3af9ad1498df5c065adf94eed056f0aa13c31e92ed Loading...

	app.snipercrm.io/assets/js/ch20230/login.php	122 B	2023-04-01	2024-05-28
Pretty URL app.snipercrm.io/assets/js/ch20230/login.php IP 162.250.120.10 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-01 10:47:26 Last Seen2024-05-28 19:11:53 Times Seen734 Hash 713aeea58cd01d7b9ac09bfcea2367e1 0edb9d4d94e7eaec5ece698656d35f26913eb570 cebaedab49b32eba60e39fd9412496c01d842a714005e33c90a1a6bdfc60a558 Loading...

	app.snipercrm.io/assets/js/ch20230/resources/primefaces/jquery/jquery-20200819.js	97 kB	2023-03-10	2024-05-28
Pretty URL app.snipercrm.io/assets/js/ch20230/resources/primefaces/jquery/jquery-20200819.js IP 162.250.120.10 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 03:55:08 Last Seen2024-05-28 18:17:50 Times Seen1809 Hash 43327285f22db304e1bc08eae9c9522e aff0883be1487a752a7431783bf2e5eb2c39353f 24f31a4afb4d98c85b6cff4c9a953654a77986d6c4c9e9cae52cf57e59095e01 Loading...

	assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/launch-6cc731e967aa.min.js	127 kB	2024-05-06	2024-05-28
Pretty URL assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/launch-6cc731e967aa.min.js IP 2.18.172.233 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-06 15:58:40 Last Seen2024-05-28 19:11:45 Times Seen194 Hash 28e36b0d3edc795d06855558a03a9fc0 eae55a11c7fafe59bbeea51a94835396f6706f55 9390159ff2fca536463924af0de7c09313ecfd8e4ad614f1a5c7f4fd49b15d3d Loading...

	app.snipercrm.io/assets/js/ch20230/login.php	1.2 kB	2023-04-01	2024-05-28
Pretty URL app.snipercrm.io/assets/js/ch20230/login.php IP 162.250.120.10 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-01 10:47:26 Last Seen2024-05-28 19:11:45 Times Seen670 Hash af6e188f8e8a8e651edb9c2b3bc92a96 a1359d735cb1e4547ee57b0f364c3c389f000562 9136713a058843bd63557e0aeef78012991e62e02802cb972d6b37f79a3642e5 Loading...

	app.snipercrm.io/assets/js/ch20230/resources/js/vendor/vendor.min-20200819.js	179 kB	2023-03-09	2024-05-28
Pretty URL app.snipercrm.io/assets/js/ch20230/resources/js/vendor/vendor.min-20200819.js IP 162.250.120.10 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:10:15 Last Seen2024-05-28 18:17:50 Times Seen1534 Hash ccfc9b3b004cfb4f51ae7853af5f78d9 2c52cec1f06c406c4d5d2cf34e870ef15a85dad7 be0223ae72bc8c610c7a5453d349964cbe78ff8646695a58bc13a4cf0a8d81d6 Loading...

	app.snipercrm.io/assets/js/ch20230/login.php	1.3 kB	2023-04-01	2024-05-28
Pretty URL app.snipercrm.io/assets/js/ch20230/login.php IP 162.250.120.10 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-01 10:47:26 Last Seen2024-05-28 19:11:53 Times Seen734 Hash 801a46fa9aeeaf954acd83bf806928d9 1f04f3395a9267b3b49f05e332faaf526083d8f8 bb0e4a47c01bfbef3dfe6bab3fa0c8b411b201a287702a2722d155bd1a1b6298 Loading...

	app.snipercrm.io/assets/js/ch20230/login.php	78 B	2023-04-01	2024-05-28
Pretty URL app.snipercrm.io/assets/js/ch20230/login.php IP 162.250.120.10 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-01 10:47:26 Last Seen2024-05-28 19:11:53 Times Seen734 Hash d4f26d1da47678006e67e5fd79a88ad9 fe725245d62d62b88207e35da5fceb09e43aac50 d7d7889cb348f7e9cf13d05d8eeea3a489b72e8ab58bb74d2cf729a3ab1d0377 Loading...

	cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js	453 kB	2024-03-18	2024-05-29
Pretty URL cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js IP 104.19.177.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-18 22:57:18 Last Seen2024-05-29 05:51:37 Times Seen1033 Hash 3ab7906a4d12b7d35c62bac882d39d74 5d034541d6a9a05b0719c3605880fcfc9229e4b4 15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971 Loading...

	app.snipercrm.io/assets/js/ch20230/resources/js/swisspass.min-20200819.js	99 kB	2023-03-09	2024-05-28
Pretty URL app.snipercrm.io/assets/js/ch20230/resources/js/swisspass.min-20200819.js IP 162.250.120.10 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:10:14 Last Seen2024-05-28 18:17:50 Times Seen1515 Hash e37fe394cc3945b173b27bcd3b2b9779 1e2fd6607c9dfe3a1c5beebbe89dd1d7e8b657ce 225e078f0432e7459d74e8d9245f1982570a3897d664ca2d219ccd09b244ab95 Loading...

	app.snipercrm.io/assets/js/ch20230/login.php	3.6 kB	2023-04-01	2024-05-28
Pretty URL app.snipercrm.io/assets/js/ch20230/login.php IP 162.250.120.10 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-01 10:47:26 Last Seen2024-05-28 19:11:53 Times Seen733 Hash 399145ad4b661f389b189a7859447fca 8f84097c65c1ae82fa7c9f44af016277d44f5489 d79ff28f0b8b29873e29747e25953c44056b945cfd7d66bc16442950676deed1 Loading...

	app.snipercrm.io/assets/js/ch20230/login.php	874 B	2023-04-01	2024-05-28
Pretty URL app.snipercrm.io/assets/js/ch20230/login.php IP 162.250.120.10 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-01 10:47:26 Last Seen2024-05-28 19:11:53 Times Seen733 Hash 1f11ff1516de147edbc859172b88b90f ff41ecad197c7a41e95c051691f24f7c4809ecce ec11e1250a7ae1b1b398c4c87c7faff45940cebf586c6ace0a61bc0cfbffce47 Loading...

	cdn.cookielaw.org/scripttemplates/otSDKStub.js	21 kB	2024-04-16	2024-05-29
Pretty URL cdn.cookielaw.org/scripttemplates/otSDKStub.js IP 104.19.177.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:31:16 Last Seen2024-05-29 06:15:16 Times Seen5722 Hash 0cd317a7b9c520801230e944f7d50e41 e3985ff0c2e8b1eaacb617c7c5af5bebfcbceda6 6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544 Loading...

	app.snipercrm.io/assets/js/ch20230/login.php	0 B	2023-03-07	2024-05-29
Pretty URL app.snipercrm.io/assets/js/ch20230/login.php IP 162.250.120.10 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-29 07:27:36 Times Seen38468401 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (28)

URL IP Response Size

app.snipercrm.io/assets/js/ch20230/login.php

162.250.120.10

200 OK

5.9 kB

URL User Request GET HTTP/2
app.snipercrm.io/assets/js/ch20230/login.php
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (332), with CRLF line terminators
Size
5.9 kB (5923 bytes)
Hash
ec8bc1b8fce5df37f789a0a8904848fc
01f89959a1c844999fa675a4558b81487e7f6d44
0b18614c99d690e1494869ad9a6abeba8b438b4f680951a7aa1b62c7fabcef88

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/login.php HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 5923
date: Tue, 07 May 2024 16:06:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/otSDKStub.js

104.19.177.52

200 OK

6.9 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21229)
Size
6.9 kB (6882 bytes)
Hash
0cd317a7b9c520801230e944f7d50e41
e3985ff0c2e8b1eaacb617c7c5af5bebfcbceda6
6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544

HTTP Headers

GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:10 GMT
content-type: application/javascript
content-length: 6882
content-encoding: gzip
content-md5: cfMMgqnnnYda745QhUdJrw==
last-modified: Mon, 06 May 2024 02:33:28 GMT
etag: 0x8DC6D74E9990068
x-ms-request-id: 4232d336-901e-004a-3ecf-9f710e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 5689
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880274adbac31bfe-OSL
X-Firefox-Spdy: h2

assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/launch-6cc731e967aa.min.js

2.18.172.233

200 OK

39 kB

URL GET HTTP/2
assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/launch-6cc731e967aa.min.js
IP
2.18.172.233:443
ASN
#16625 AKAMAI-AS

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32737)
Size
39 kB (38937 bytes)
Hash
28e36b0d3edc795d06855558a03a9fc0
eae55a11c7fafe59bbeea51a94835396f6706f55
9390159ff2fca536463924af0de7c09313ecfd8e4ad614f1a5c7f4fd49b15d3d

HTTP Headers

GET /15ff638fdec4/7a0c4d63ddff/launch-6cc731e967aa.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "28e36b0d3edc795d06855558a03a9fc0:1714998710.272773"
last-modified: Mon, 06 May 2024 12:31:50 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 07 May 2024 17:06:10 GMT
date: Tue, 07 May 2024 16:06:10 GMT
content-length: 38937
access-control-allow-origin: https://app.snipercrm.io
timing-allow-origin: *
X-Firefox-Spdy: h2

app.snipercrm.io/assets/js/ch20230/resources/css/normal/app/sso.min-20200819.css

162.250.120.10

200 OK

22 kB

URL GET HTTP/3
app.snipercrm.io/assets/js/ch20230/resources/css/normal/app/sso.min-20200819.css
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (21603 bytes)
Hash
d842e9d9dcb61c04b743e144d73184f3
6e48afc9ec0812c5e1a68bd2cc61cc862816354a
c350b4b555a2d3118e64d364024b724f38bb595d56366f2d7cfe9b0dd4c77843

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/resources/css/normal/app/sso.min-20200819.css HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 16:06:10 GMT
etag: "2cee0-662d2b0c-905481;br"
last-modified: Sat, 27 Apr 2024 16:42:52 GMT
content-type: text/css
content-length: 21603
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 16:06:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

app.snipercrm.io/assets/js/ch20230/resources/js/vendor/head/modernizr/modernizr-20200819.js

162.250.120.10

200 OK

3.2 kB

URL GET HTTP/3
app.snipercrm.io/assets/js/ch20230/resources/js/vendor/head/modernizr/modernizr-20200819.js
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (7466)
Size
3.2 kB (3220 bytes)
Hash
4d11af9e90e621d0f067d464959ebd7b
e256d0de8ac8b68019ee29d65894cbe58f513a52
4a3d4cf982535aaf485c6e3af9ad1498df5c065adf94eed056f0aa13c31e92ed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/resources/js/vendor/head/modernizr/modernizr-20200819.js HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
etag: "1e59-662d2b0c-905491;br"
last-modified: Sat, 27 Apr 2024 16:42:52 GMT
content-type: text/javascript
content-length: 3220
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 16:06:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

app.snipercrm.io/assets/js/ch20230/resources/img/logo_text_de-20200819.svg

162.250.120.10

200 OK

15 kB

URL GET HTTP/3
app.snipercrm.io/assets/js/ch20230/resources/img/logo_text_de-20200819.svg
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
SVG Scalable Vector Graphics image
Size
15 kB (14718 bytes)
Hash
512410d9227bb0c2481e175dce0eda72
1deb5d9f09592101e632a8351865d54b1d6a27f7
c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/resources/img/logo_text_de-20200819.svg HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 16:06:10 GMT
etag: "222c3-662d2b0c-90548a;br"
last-modified: Sat, 27 Apr 2024 16:42:52 GMT
content-type: image/svg+xml
content-length: 14718
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 16:06:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

app.snipercrm.io/assets/js/ch20230/resources/img/logo-20200819.svg

162.250.120.10

200 OK

2.5 kB

URL GET HTTP/3
app.snipercrm.io/assets/js/ch20230/resources/img/logo-20200819.svg
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
SVG Scalable Vector Graphics image
Size
2.5 kB (2546 bytes)
Hash
795242580bfa3135028bd0750fdc1654
2c344b6662e62ddbdba49f635e1c33a827fe75d4
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/resources/img/logo-20200819.svg HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 16:06:10 GMT
etag: "1cce-662d2b0c-905489;br"
last-modified: Sat, 27 Apr 2024 16:42:52 GMT
content-type: image/svg+xml
content-length: 2546
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 16:06:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

app.snipercrm.io/assets/js/ch20230/resources/primefaces/jquery/jquery-20200819.js

162.250.120.10

200 OK

33 kB

URL GET HTTP/3
app.snipercrm.io/assets/js/ch20230/resources/primefaces/jquery/jquery-20200819.js
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (32060)
Size
33 kB (32747 bytes)
Hash
43327285f22db304e1bc08eae9c9522e
aff0883be1487a752a7431783bf2e5eb2c39353f
24f31a4afb4d98c85b6cff4c9a953654a77986d6c4c9e9cae52cf57e59095e01

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/resources/primefaces/jquery/jquery-20200819.js HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
etag: "17c54-662d2b0c-905496;br"
last-modified: Sat, 27 Apr 2024 16:42:52 GMT
content-type: text/javascript
content-length: 32747
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 16:06:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

app.snipercrm.io/assets/js/ch20230/resources/js/vendor/vendor.min-20200819.js

162.250.120.10

200 OK

51 kB

URL GET HTTP/3
app.snipercrm.io/assets/js/ch20230/resources/js/vendor/vendor.min-20200819.js
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (663)
Size
51 kB (50903 bytes)
Hash
ccfc9b3b004cfb4f51ae7853af5f78d9
2c52cec1f06c406c4d5d2cf34e870ef15a85dad7
be0223ae72bc8c610c7a5453d349964cbe78ff8646695a58bc13a4cf0a8d81d6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/resources/js/vendor/vendor.min-20200819.js HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
etag: "2bc0a-662d2b0c-905493;br"
last-modified: Sat, 27 Apr 2024 16:42:52 GMT
content-type: text/javascript
content-length: 50903
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 16:06:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

app.snipercrm.io/assets/js/ch20230/resources/js/swisspass.min-20200819.js

162.250.120.10

200 OK

24 kB

URL GET HTTP/3
app.snipercrm.io/assets/js/ch20230/resources/js/swisspass.min-20200819.js
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
24 kB (23980 bytes)
Hash
e37fe394cc3945b173b27bcd3b2b9779
1e2fd6607c9dfe3a1c5beebbe89dd1d7e8b657ce
225e078f0432e7459d74e8d9245f1982570a3897d664ca2d219ccd09b244ab95

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/resources/js/swisspass.min-20200819.js HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
etag: "183fc-662d2b0c-90548d;br"
last-modified: Sat, 27 Apr 2024 16:42:52 GMT
content-type: text/javascript
content-length: 23980
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 16:06:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

app.snipercrm.io/assets/js/ch20230/resources/img/loader-20200819.png

162.250.120.10

200 OK

272 B

URL GET HTTP/3
app.snipercrm.io/assets/js/ch20230/resources/img/loader-20200819.png
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
PNG image data, 24 x 24, 4-bit colormap, non-interlaced
Size
272 B (272 bytes)
Hash
1a7ca896940219da5393e26600e0ee7b
558e1d3bad16b2faa7527f1f3133e21bf89cd507
f766c7457c6ec463eaa85778aa47261344f1772e0b7cf1987ad212f889f472f5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/resources/img/loader-20200819.png HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 16:06:10 GMT
etag: "110-662d2b0c-905487;;;"
last-modified: Sat, 27 Apr 2024 16:42:52 GMT
content-type: image/png
content-length: 272
accept-ranges: bytes
date: Tue, 07 May 2024 16:06:10 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json

104.19.177.52

200 OK

1.6 kB

URL GET HTTP/2
cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
1.6 kB (1593 bytes)
Hash
ceb89a4bb6d2556104d5390d9c40c4e8
ed82c2c6d5927f4d16b1c2ed579b235116c2cffb
4edef10152ecacb7f62929c0496ed48941bfe8bea02e6449cf720ff030addfc2

HTTP Headers

GET /consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.snipercrm.io
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:11 GMT
content-type: application/x-javascript
content-length: 1593
cf-ray: 880274aeec820b51-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC4F059623FCE9
last-modified: Thu, 28 Mar 2024 09:00:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: iwIpyq7vAuKwpHzHQHFt4g==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 0c7dc457-401e-00ad-2298-a06103000000
x-ms-version: 2009-09-19
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Light.woff2

18.185.175.16

200 OK

14 kB

URL GET HTTP/2
cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Light.woff2
IP
18.185.175.16:443
ASN
#16509 AMAZON-02

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerAmazon
Subject*.app.sbb.ch
Fingerprint91:97:68:15:9B:1D:9F:0F:5B:C1:DB:F4:EE:DC:A6:EC:4A:2A:09:71
ValidityWed, 16 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14212, version 1.0
Size
14 kB (14212 bytes)
Hash
8b70a44a98a0ac5d721df7d8f5136f7b
10e10c01e732f3d35a78e1051bfcc9fe2589ddda
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /fonts/v1_6_subset/SBBWeb-Light.woff2 HTTP/1.1
Host: cdn.app.sbb.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app.snipercrm.io
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:11 GMT
content-type: application/font-woff2
content-length: 14212
server: nginx/1.25.5
last-modified: Wed, 31 Jan 2024 10:14:44 GMT
vary: Accept-Encoding
etag: "65ba1d94-3784"
expires: Wed, 07 May 2025 16:06:11 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-control: max-age=31536000, public, private
accept-ranges: bytes
set-cookie: 9527f1a32486d650b0687919ffd41c2b=14ba294d363bbe4673f9250350b99672; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

app.snipercrm.io/assets/js/ch20230/resources/img/login_bg.jpg

162.250.120.10

200 OK

201 kB

URL GET HTTP/3
app.snipercrm.io/assets/js/ch20230/resources/img/login_bg.jpg
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1563x1198, components 3
Size
201 kB (200933 bytes)
Hash
0f80ca4a78ce3af79ad01923484e0a5b
fac97c21d7965e9ac6950844123fd5f65b8f0a77
58a037c0bde953b48561826f3df16031f7ddfce33c4018619d3f39c6af6eec1b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/resources/img/login_bg.jpg HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 16:06:11 GMT
etag: "310e5-662d2b0c-905488;;;"
last-modified: Sat, 27 Apr 2024 16:42:52 GMT
content-type: image/jpeg
content-length: 200933
accept-ranges: bytes
date: Tue, 07 May 2024 16:06:11 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

app.snipercrm.io/assets/js/ch20230/resources/fonts/icomoon/icomoon.woff2?7m5yri

162.250.120.10

200 OK

6.9 kB

URL GET HTTP/3
app.snipercrm.io/assets/js/ch20230/resources/fonts/icomoon/icomoon.woff2?7m5yri
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 6944, version 1.0
Size
6.9 kB (6944 bytes)
Hash
175797213b8b8dffcc1bd588a9ecec2f
6214e06b11da9fadc19ed601467ca86617839e7e
45b8f30ef99295a0d738416e4e5af9fa2dd41619499622c2c57416580fc7197b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/resources/fonts/icomoon/icomoon.woff2?7m5yri HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/resources/css/normal/app/sso.min-20200819.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 16:06:11 GMT
etag: "1b20-662d2b0c-905484;;;"
last-modified: Sat, 27 Apr 2024 16:42:52 GMT
content-type: font/woff2
content-length: 6944
accept-ranges: bytes
date: Tue, 07 May 2024 16:06:11 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js

104.19.177.52

200 OK

110 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
110 kB (109676 bytes)
Hash
3ab7906a4d12b7d35c62bac882d39d74
5d034541d6a9a05b0719c3605880fcfc9229e4b4
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971

HTTP Headers

GET /scripttemplates/202403.1.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:11 GMT
content-type: application/javascript
content-length: 109676
content-encoding: gzip
content-md5: s7qm2vbmUNglr6Jt5k9KHA==
last-modified: Thu, 21 Mar 2024 07:04:35 GMT
etag: 0x8DC49752A75EB01
x-ms-request-id: f463857b-001e-005d-3a08-7c3307000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 77274
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880274b0bece1bfe-OSL
X-Firefox-Spdy: h2

app.snipercrm.io/assets/js/ch20230/resources/img/favicon.ico?v=20140709-1126

162.250.120.10

200 OK

1.2 kB

URL GET HTTP/3
app.snipercrm.io/assets/js/ch20230/resources/img/favicon.ico?v=20140709-1126
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
6d866d9c4568bf7fc03e597e74ce7e28
e1b3d9f0e9cdcb785a94b6c1e1fe651a4ff98dcb
7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/resources/img/favicon.ico?v=20140709-1126 HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 14 May 2024 16:06:11 GMT
etag: "47e-662d2b0c-905486;;;"
last-modified: Sat, 27 Apr 2024 16:42:52 GMT
content-type: image/x-icon
content-length: 1150
accept-ranges: bytes
date: Tue, 07 May 2024 16:06:11 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

app.snipercrm.io/idp/co-branding?resource=co-branding&lang=de&provider=

162.250.120.10

404 Not Found

15 kB

URL GET HTTP/3
app.snipercrm.io/idp/co-branding?resource=co-branding&lang=de&provider=
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (49449), with CRLF, LF line terminators
Size
15 kB (15285 bytes)
Hash
09d3d19fd9850e92a1858c7e389c653e
0c929116c5cd48ea688f290b98472adec8df12f4
ce40796a4c7418b24158718bbeb1bff253fdcc4aa803ed388a74f4c50a4fc78f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /idp/co-branding?resource=co-branding&lang=de&provider= HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/login.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Tue, 07 May 2024 16:06:11 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otFlat.json

104.19.177.52

200 OK

3.0 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otFlat.json
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
3.0 kB (3041 bytes)
Hash
9b1f8ddf85fb0cbfd926faacb1fc0405
ade7f952c70f07fd3497cd3e8656ca1f28c78633
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112

HTTP Headers

GET /scripttemplates/202403.1.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.snipercrm.io/
Origin: https://app.snipercrm.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:11 GMT
content-type: application/json
content-length: 3041
content-encoding: gzip
content-md5: KLWFssuowJEtDumTaVZD/A==
last-modified: Thu, 21 Mar 2024 07:04:28 GMT
etag: 0x8DC497526A04834
x-ms-request-id: 4520eb35-701e-0040-18a8-9f6887000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880274b1e9870b51-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/otPcTab.json

104.19.177.52

200 OK

14 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/otPcTab.json
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
14 kB (13599 bytes)
Hash
67eafe0ca141b9b52080c52d281966c4
93308b43a6234c01123881a7b02e9b014b082294
51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a

HTTP Headers

GET /scripttemplates/202403.1.0/assets/v2/otPcTab.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.snipercrm.io/
Origin: https://app.snipercrm.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:11 GMT
content-type: application/json
content-length: 13599
content-encoding: gzip
content-md5: JqD83lHxEjWNdmDqKd9lzA==
last-modified: Thu, 21 Mar 2024 07:04:31 GMT
etag: 0x8DC4975281E71C8
x-ms-request-id: ca4d0856-d01e-0064-0fa8-9ff1c9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880274b1e98c0b51-OSL
X-Firefox-Spdy: h2

cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Roman.woff2

18.185.175.16

200 OK

14 kB

URL GET HTTP/2
cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Roman.woff2
IP
18.185.175.16:443
ASN
#16509 AMAZON-02

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerAmazon
Subject*.app.sbb.ch
Fingerprint91:97:68:15:9B:1D:9F:0F:5B:C1:DB:F4:EE:DC:A6:EC:4A:2A:09:71
ValidityWed, 16 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14152, version 1.0
Size
14 kB (14152 bytes)
Hash
82e55d1865d40988204fa60522628f4b
e9d74fb23204a62c520d19b8fae3f0193539cdfb
966a89b8080879ba41c6b9f15c5efb58182c33a0d2d1e08748beb554b28b4997

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /fonts/v1_6_subset/SBBWeb-Roman.woff2 HTTP/1.1
Host: cdn.app.sbb.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app.snipercrm.io
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:11 GMT
content-type: application/font-woff2
content-length: 14152
server: nginx/1.25.5
last-modified: Wed, 31 Jan 2024 10:14:44 GMT
vary: Accept-Encoding
etag: "65ba1d94-3748"
expires: Wed, 07 May 2025 16:06:11 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-control: max-age=31536000, public, private
accept-ranges: bytes
set-cookie: 9527f1a32486d650b0687919ffd41c2b=bac7d0ef99e4c5032b61465c00a5c9f0; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

cdn.cookielaw.org/logos/d8f340ef-178f-4257-9ea8-01744cfc5459/182f96bb-6fd6-41f6-bfd2-2807f1757dae/039a2007-c2e0-4340-8d2c-4e6f23342858/OneTrust_SwissPass_logo_mobile.png

104.19.177.52

200 OK

2.0 kB

URL GET HTTP/2
cdn.cookielaw.org/logos/d8f340ef-178f-4257-9ea8-01744cfc5459/182f96bb-6fd6-41f6-bfd2-2807f1757dae/039a2007-c2e0-4340-8d2c-4e6f23342858/OneTrust_SwissPass_logo_mobile.png
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 100 x 50, 8-bit colormap, non-interlaced
Size
2.0 kB (1962 bytes)
Hash
cd5e1b7e01b85b2716c593d706f3e6f2
d9e647da2b1c1f440f2513fd699159f74b5bf6d5
e42fe383c86ab1185425bf334a44f9a311dd06d8ccf9e409d05b45dbe0bc48c6

HTTP Headers

GET /logos/d8f340ef-178f-4257-9ea8-01744cfc5459/182f96bb-6fd6-41f6-bfd2-2807f1757dae/039a2007-c2e0-4340-8d2c-4e6f23342858/OneTrust_SwissPass_logo_mobile.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:11 GMT
content-type: image/png
content-length: 1962
content-md5: zV4bfgG4WycWxZPXBvPm8g==
last-modified: Wed, 03 Mar 2021 11:26:34 GMT
etag: 0x8D8DE3733F257B1
x-ms-request-id: 9ef6e1b1-401e-0011-5c2d-7fa337000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 39873
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880274b2c9591bfe-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/logos/static/powered_by_logo.svg

104.19.177.52

200 OK

2.5 kB

URL GET HTTP/2
cdn.cookielaw.org/logos/static/powered_by_logo.svg
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
2.5 kB (2536 bytes)
Hash
6aae628ae26c0335cf223067993bea9e
245eeadec0a38d90c9e18a1e9b334ed34ee42e4b
383bd2ba98d0ed6964aeeb7233350db58a65c58b640a9553e4a20f4d88f69c64

HTTP Headers

GET /logos/static/powered_by_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:11 GMT
content-type: image/svg+xml
content-md5: Y+c301RBZNK39PvKQWrIBw==
last-modified: Thu, 02 May 2024 18:04:43 GMT
x-ms-request-id: e029ff83-401e-0043-13c3-9c6b80000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 77277
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880274b2c95c1bfe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

app.snipercrm.io/assets/js/ch20230/resources/ico/apple-touch-icon-precomposed-20200819.png

162.250.120.10

404 Not Found

4.7 kB

URL GET HTTP/3
app.snipercrm.io/assets/js/ch20230/resources/ico/apple-touch-icon-precomposed-20200819.png
IP
162.250.120.10:443
ASN
#19318 IS-AS-1

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerLet's Encrypt
Subjectapp.snipercrm.io
Fingerprint23:2C:78:22:3D:B1:96:9E:91:39:BB:3C:DE:DD:19:A4:8A:1E:94:93
ValidityMon, 01 Apr 2024 02:22:09 GMT - Sun, 30 Jun 2024 02:22:08 GMT

File type
gzip compressed data, from Unix
Size
4.7 kB (4706 bytes)
Hash
4090d1ce6ae94d05bbdf9c04d182cd7a
b1273c9e2749eb204c57c0c374202e00efb427dc
30269f4aec577b8755c2a1270e45910c266d2f639935924ad69dc08aeb5f4917

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /assets/js/ch20230/resources/ico/apple-touch-icon-precomposed-20200819.png HTTP/1.1
Host: app.snipercrm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/assets/js/ch20230/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Tue, 07 May 2024 16:06:11 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

cdn.cookielaw.org/logos/static/ot_guard_logo.svg

104.19.177.52

200 OK

9.9 kB

URL GET HTTP/2
cdn.cookielaw.org/logos/static/ot_guard_logo.svg
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
9.9 kB (9869 bytes)
Hash
e620913a6e8d4f23dcdb24e162474909
c017fe438f291605867bb77cd369bf8863ba65bf
610f84a837801f4fe604b1d3c23a0a5cca613d7b3e64d4a7811efe6d035beff6

HTTP Headers

GET /logos/static/ot_guard_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.snipercrm.io/
Origin: https://app.snipercrm.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:11 GMT
content-type: image/svg+xml
content-md5: tXyZydHjxQshFMbbBT1/8A==
last-modified: Mon, 06 May 2024 19:45:13 GMT
x-ms-request-id: 9cbcadcd-901e-0068-4f73-a01f38000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880274b2eb1c0b51-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css

104.19.177.52

200 OK

25 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (24823), with no line terminators
Size
25 kB (24823 bytes)
Hash
e04ad89975c535b30bae773d0eb0d3b2
0c72555d0fd844150b6ec407a57da2d29bf380e2
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992

HTTP Headers

GET /scripttemplates/202403.1.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.snipercrm.io/
Origin: https://app.snipercrm.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:11 GMT
content-type: text/css
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
last-modified: Thu, 21 Mar 2024 07:04:40 GMT
x-ms-request-id: 8073417e-701e-002d-09a8-9fc2a9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880274b1f9900b51-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

geolocation.onetrust.com/cookieconsentpub/v1/geo/location

172.64.155.119

200 OK

72 B

URL GET HTTP/2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP
172.64.155.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerCloudflare, Inc.
Subjectonetrust.com
Fingerprint9B:BC:B4:A8:C7:6C:6C:02:0F:FD:9F:06:F2:67:FB:DD:A1:E0:3F:47
ValidityMon, 13 Nov 2023 00:00:00 GMT - Tue, 12 Nov 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
72 B (72 bytes)
Hash
adf75b99dbbf416c627dfc5de30f9ad1
699f3845f7dfb3fa9968c2117b44c3f3eb728fff
a0e4a8f457272bd17d07ae2e1e09731df6cc6fdc3ea9e32e713ef4a8a012fc27

HTTP Headers

GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.snipercrm.io
DNT: 1
Connection: keep-alive
Referer: https://app.snipercrm.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:11 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880274b05d5cb50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ba92dbb5-02d7-443f-8481-b67e4427328b/de-ch.json

104.19.177.52

200 OK

50 kB

URL GET HTTP/2
cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ba92dbb5-02d7-443f-8481-b67e4427328b/de-ch.json
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://app.snipercrm.io/assets/js/ch20230/login.php
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
50 kB (49624 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ba92dbb5-02d7-443f-8481-b67e4427328b/de-ch.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.snipercrm.io/
Origin: https://app.snipercrm.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 16:06:11 GMT
content-type: application/x-javascript
content-length: 14574
cf-ray: 880274b168c50b51-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC4F0599778E17
last-modified: Thu, 28 Mar 2024 09:01:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: 9een+dQKiHe9pgo7gEa5EQ==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: eaa15bb3-001e-00a1-5198-a08ff2000000
x-ms-version: 2009-09-19
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML