Report - fiveyearswiisonline90.web.app/

Report Overview

Submitted URL
fiveyearswiisonline90.web.app/
IP
199.36.158.100
ASN
#54113 FASTLY
Submitted
2024-05-10 14:46:21
Access
public
Website Title
Swisspass.ch | Login
Final URL
fiveyearswiisonline90.web.app/#/v3/oevlogin/login
Tags
swosspass phishing transport suspicious
urlquery detections
Phishing - SwissPass
Suspicious - Suspicious Javascript code

Detections

urlquery
36
Network Intrusion Detection
4
Threat Detection Systems
66

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	2.5 kB	58 kB	142.250.74.132
api.ipapi.com	103949	1999-05-12	2018-10-08	2024-03-22	535 B	7.7 kB	104.21.78.217
fiveyearswiisonline90.web.app	unknown	unknown	No data	No data	5.3 kB	1.5 MB	199.36.158.100
unpkg.com	11693	2016-01-06	2016-01-08	2024-05-09	1.2 kB	355 kB	104.17.249.203
api.ipify.org	3267	2014-01-05	2014-10-06	2024-05-09	487 B	267 B	172.67.74.152
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-10	2.4 kB	676 kB	142.250.74.35
d27la2n6wh4qws.cloudfront.net	unknown	2008-04-25	2022-07-10	2024-04-16	477 B	28 kB	54.230.241.88
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	1.0 kB	33 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 14:45:53	low	Client IP	172.67.74.152	ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI
2024-05-10 14:45:53	low	Client IP	172.67.74.152	ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI
2024-05-10 14:45:53	medium	Client IP	104.21.78.217	ET INFO Observed External IP Check Domain (api .ipapi .com in TLS SNI)
2024-05-10 14:45:53	medium	Client IP	104.21.78.217	ET INFO Observed External IP Check Domain (api .ipapi .com in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	fiveyearswiisonline90.web.app/	SBB
2024-05-10	medium	fiveyearswiisonline90.web.app/	SBB
2024-05-10	medium	fiveyearswiisonline90.web.app/	SBB
2024-05-10	medium	fiveyearswiisonline90.web.app/	SBB
2024-05-10	medium	fiveyearswiisonline90.web.app/	SBB
2024-05-10	medium	fiveyearswiisonline90.web.app/	SBB
2024-05-10	medium	fiveyearswiisonline90.web.app/	SBB
2024-05-10	medium	fiveyearswiisonline90.web.app/	SBB
2024-05-10	medium	fiveyearswiisonline90.web.app/	SBB
2024-05-10	medium	fiveyearswiisonline90.web.app/	SBB
2024-05-10	medium	fiveyearswiisonline90.web.app/	SBB

PhishTank

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	fiveyearswiisonline90.web.app/	Other
2024-05-10	medium	fiveyearswiisonline90.web.app/runtime.25fece6c662f3a67.js	Other
2024-05-10	medium	fiveyearswiisonline90.web.app/polyfills.9b1bde72d62e466c.js	Other
2024-05-10	medium	fiveyearswiisonline90.web.app/scripts.8cd2639e1c2a96e7.js	Other
2024-05-10	medium	fiveyearswiisonline90.web.app/main.b44457161a67877b.js	Other
2024-05-10	medium	fiveyearswiisonline90.web.app/SBBWeb-Light.a02ca059167840a5.woff2	Other
2024-05-10	medium	fiveyearswiisonline90.web.app/assets/images/logo_text_de-20200819.svg	Other
2024-05-10	medium	fiveyearswiisonline90.web.app/assets/images/logo-20200819.svg	Other
2024-05-10	medium	fiveyearswiisonline90.web.app/SBBWeb-Light.a02ca059167840a5.woff2	Other
2024-05-10	medium	fiveyearswiisonline90.web.app/favicon.ico	Other
2024-05-10	medium	fiveyearswiisonline90.web.app/styles.707209df0cc43c2f.css	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	fiveyearswiisonline90.web.app	Sinkholed
2024-05-10	medium	fiveyearswiisonline90.web.app	Sinkholed
2024-05-10	medium	fiveyearswiisonline90.web.app	Sinkholed
2024-05-10	medium	fiveyearswiisonline90.web.app	Sinkholed
2024-05-10	medium	fiveyearswiisonline90.web.app	Sinkholed
2024-05-10	medium	fiveyearswiisonline90.web.app	Sinkholed
2024-05-10	medium	fiveyearswiisonline90.web.app	Sinkholed
2024-05-10	medium	fiveyearswiisonline90.web.app	Sinkholed
2024-05-10	medium	fiveyearswiisonline90.web.app	Sinkholed
2024-05-10	medium	fiveyearswiisonline90.web.app	Sinkholed
2024-05-10	medium	fiveyearswiisonline90.web.app	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	unpkg.com/imask	124 kB	2024-04-16	2024-05-19
Pretty URL unpkg.com/imask IP 104.17.249.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:06:14 Last Seen2024-05-19 07:46:50 Times Seen26 Hash 90d24b2904648cb5e6c69aa928670cac b0da429920df35767bacdcb28ebf3c970843d262 34ca2ea74c4825f807032b6b4c296fe9cd5bf5ce1c7fc336e09c0309a360ade0 Loading...

	fiveyearswiisonline90.web.app/runtime.25fece6c662f3a67.js	1.1 kB	2023-04-18	2024-05-19
Pretty URL fiveyearswiisonline90.web.app/runtime.25fece6c662f3a67.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 19:48:09 Last Seen2024-05-19 07:46:49 Times Seen154 Hash 1f76bd4a846c37731350b46cbd98ff3c 211a236490d45fc18dd8721baaad3937ea8cf7ad f90127d2c1d3ead361c0ba8bfff0a44d9ac30a994b6be3e7ea7e9fb1c12921a4 Loading...

	fiveyearswiisonline90.web.app/main.b44457161a67877b.js	4.1 MB	2024-05-10	2024-05-10
Pretty URL fiveyearswiisonline90.web.app/main.b44457161a67877b.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 16:46:29 Last Seen2024-05-10 16:46:30 Times Seen1 Hash d6287371d7e1beca16bfb76c3336685f 552478a236fe60deefa3cad0099c80bf24143470 c94ef41106e10ada092e77eb0d457e448c3ec1c0371471481fe904bd2e26af99 Loading...

	www.google.com/js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js	18 kB	2024-05-03	2024-05-11
Pretty URL www.google.com/js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 12:06:34 Last Seen2024-05-11 10:37:36 Times Seen438 Hash 7c111ad0cbb18935696bc8bb0846ec26 a9c77f0678ff71a4032e787999ada733e7da10cf 120846a7bd9fdcbff2f47564e0d9fc564fc100c581f5f1881333f70f3bd00d6f Loading...

	fiveyearswiisonline90.web.app/polyfills.9b1bde72d62e466c.js	34 kB	2023-05-11	2024-05-19
Pretty URL fiveyearswiisonline90.web.app/polyfills.9b1bde72d62e466c.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 04:38:24 Last Seen2024-05-19 07:46:49 Times Seen146 Hash 57e8b96b26a5360ccbbc482a1dc8558b d715e9414f1d634910e4d53db8f9f1590e0f8596 239682e70ed93aa27c459f14bf3c0379f76c408be542101606262742b6bba638 Loading...

	www.google.com/recaptcha/api.js?render=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&onload=ng2recaptchaloaded	945 B	2024-05-10	2024-05-13
Pretty URL www.google.com/recaptcha/api.js?render=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&onload=ng2recaptchaloaded IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 16:46:30 Last Seen2024-05-13 16:26:13 Times Seen3 Hash 5a9af8feb2eff3f6a0b24e363b4b3f0e d1e5c9b6351f53a9d5d0d01422b2d352c26cf4db ca810d6e4bfce8df857724bcdfa5d5f84e67853a4d7dd9be83ad75bd138dbcc7 Loading...

	www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js	514 kB	2024-05-08	2024-05-20
Pretty URL www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 00:24:03 Last Seen2024-05-20 20:51:07 Times Seen7134 Hash add520996e437bff5d081315da187fbf 2e489fe16f3712bf36df00b03a8a5af8fa8d4b42 922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4 Loading...

	fiveyearswiisonline90.web.app/scripts.8cd2639e1c2a96e7.js	246 kB	2023-05-11	2024-05-19
Pretty URL fiveyearswiisonline90.web.app/scripts.8cd2639e1c2a96e7.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 04:38:24 Last Seen2024-05-19 07:46:49 Times Seen142 Hash bcc65a708b69adf782a6a003d7232c99 df5dcb5fa088465bc91c1a3ba6a827d3be7d4e83 4f4f317bf450d536785fb51f9611544ac8dc0af83d7a216784a6434e5e9470e8 Loading...

	unknown	16 B	2023-04-10	2024-05-20
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57:29 Last Seen2024-05-20 23:47:38 Times Seen35808 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv	69 B	2023-03-07	2024-05-20
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-20 22:50:52 Times Seen102693 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv	38 kB	2024-05-10	2024-05-10
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 16:46:30 Last Seen2024-05-10 16:46:30 Times Seen1 Hash e8a0c66f5cdd04ed2265c193321766aa f98cde79cf01f194e002bdbad4f50c600b600a16 6799a92a0e7c071c41e3a9a740f28d56b59ec37f1d82f41158bacfa8c6f77574 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4531492ea7eb4c9d42b96b97c8074784	19 kB	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 16:46:30 Last Seen2024-05-10 16:46:30 Times Seen1 Hash 4531492ea7eb4c9d42b96b97c8074784 87381d8f7b2f1a3c3a3ea4584240529f9fccda5d 6254ee6249217ad8403bc0095064a722c349bc172634f8de4d4978c6be34cc85 Loading...

	#2 Eval - 4e9af40e2f8df8d4d4828c599caa9c96	62 B	2024-05-03	2024-05-11
Pretty Observations First Seen2024-05-03 12:06:35 Last Seen2024-05-11 10:37:35 Times Seen205 Hash 4e9af40e2f8df8d4d4828c599caa9c96 f69ebc87b40abe1534def20d722200e6d99ed2a1 9f5c1cd413be6958f9b36a82b2e4305ac91e9e980204238a75a9b913a4b61ab9 Loading...

	#3 Eval - c3b5e0896dca752360bb6b0f2559d581	22 B	2024-05-03	2024-05-11
Pretty Observations First Seen2024-05-03 12:06:35 Last Seen2024-05-11 10:37:35 Times Seen207 Hash c3b5e0896dca752360bb6b0f2559d581 851b13b8ed491f87e4b571cac88d53b28a868c31 12ca563dc417d554ed3c5b26e4409d5fb22e88a47fb6fa041e60e3746e3e1a20 Loading...

	#4 Eval - 6f63119d268511a556618263c2c35373	22 B	2024-05-03	2024-05-11
Pretty Observations First Seen2024-05-03 12:06:35 Last Seen2024-05-11 10:37:35 Times Seen203 Hash 6f63119d268511a556618263c2c35373 4e94ac8bf69852bfb641a12fb940fc44839f30ae d8054d27815731c90f7ae63757d8aa7e03189d17b96a9fd91c856794e7b91860 Loading...

HTTP Transactions (28)

URL IP Response Size

fiveyearswiisonline90.web.app/

199.36.158.100

200 OK

2.5 kB

URL User Request GET HTTP/2
fiveyearswiisonline90.web.app/
IP
199.36.158.100:443
ASN
#54113 FASTLY

Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint6C:B8:FC:5E:5B:DF:AB:31:E6:02:C5:A6:D8:E2:D0:77:BB:5D:BC:7B
ValidityThu, 21 Mar 2024 15:14:42 GMT - Wed, 19 Jun 2024 15:14:41 GMT

File type
HTML document, ASCII text, with very long lines (12164)
Size
2.5 kB (2466 bytes)
Hash
9b42e8678ec05b13ab925d4f2b5a2c3c
f80a6b9c1b4b69c48922e764212793fc81e69fc9
0b8535c4d5fe73b624d0e7d4822c9162635fac2d11ef1bf08bc1462cd8e6ea4d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: fiveyearswiisonline90.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "d9bddd39d7d45966cf0c484cde1a974236ab14070ee4680ced4bdaed40feed2d-br"
last-modified: Thu, 09 May 2024 20:56:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 10 May 2024 14:45:52 GMT
x-served-by: cache-hel1410031-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715352352.228440,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2466
X-Firefox-Spdy: h2

fiveyearswiisonline90.web.app/runtime.25fece6c662f3a67.js

199.36.158.100

200 OK

602 B

URL GET HTTP/3
fiveyearswiisonline90.web.app/runtime.25fece6c662f3a67.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint6C:B8:FC:5E:5B:DF:AB:31:E6:02:C5:A6:D8:E2:D0:77:BB:5D:BC:7B
ValidityThu, 21 Mar 2024 15:14:42 GMT - Wed, 19 Jun 2024 15:14:41 GMT

File type
JavaScript source, ASCII text, with very long lines (1079), with no line terminators
Size
602 B (602 bytes)
Hash
1f76bd4a846c37731350b46cbd98ff3c
211a236490d45fc18dd8721baaad3937ea8cf7ad
f90127d2c1d3ead361c0ba8bfff0a44d9ac30a994b6be3e7ea7e9fb1c12921a4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /runtime.25fece6c662f3a67.js HTTP/1.1
Host: fiveyearswiisonline90.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 602
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "b599b01aab37eca26300d08e9576fbdc7243bd9acc3c96177956e62caa8cadbc-br"
last-modified: Thu, 09 May 2024 20:56:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 10 May 2024 14:45:52 GMT
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715352352.464127,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fiveyearswiisonline90.web.app/polyfills.9b1bde72d62e466c.js

199.36.158.100

200 OK

11 kB

URL GET HTTP/3
fiveyearswiisonline90.web.app/polyfills.9b1bde72d62e466c.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint6C:B8:FC:5E:5B:DF:AB:31:E6:02:C5:A6:D8:E2:D0:77:BB:5D:BC:7B
ValidityThu, 21 Mar 2024 15:14:42 GMT - Wed, 19 Jun 2024 15:14:41 GMT

File type
JavaScript source, ASCII text, with very long lines (33851), with no line terminators
Size
11 kB (10913 bytes)
Hash
57e8b96b26a5360ccbbc482a1dc8558b
d715e9414f1d634910e4d53db8f9f1590e0f8596
239682e70ed93aa27c459f14bf3c0379f76c408be542101606262742b6bba638

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /polyfills.9b1bde72d62e466c.js HTTP/1.1
Host: fiveyearswiisonline90.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 10913
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "af2d1baa9193d644d9c24b5679eba0a82a9c17f8882a7459997852d3715d6ef6-br"
last-modified: Thu, 09 May 2024 20:56:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 10 May 2024 14:45:52 GMT
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715352352.464764,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fiveyearswiisonline90.web.app/scripts.8cd2639e1c2a96e7.js

199.36.158.100

200 OK

69 kB

URL GET HTTP/3
fiveyearswiisonline90.web.app/scripts.8cd2639e1c2a96e7.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint6C:B8:FC:5E:5B:DF:AB:31:E6:02:C5:A6:D8:E2:D0:77:BB:5D:BC:7B
ValidityThu, 21 Mar 2024 15:14:42 GMT - Wed, 19 Jun 2024 15:14:41 GMT

File type
JavaScript source, ASCII text, with very long lines (61405)
Size
69 kB (68740 bytes)
Hash
bcc65a708b69adf782a6a003d7232c99
df5dcb5fa088465bc91c1a3ba6a827d3be7d4e83
4f4f317bf450d536785fb51f9611544ac8dc0af83d7a216784a6434e5e9470e8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /scripts.8cd2639e1c2a96e7.js HTTP/1.1
Host: fiveyearswiisonline90.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 68740
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "f6f25d9f7335483a96a6c841dac631b7d85de4984be4e03692f0829428c052af-br"
last-modified: Thu, 09 May 2024 20:56:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 10 May 2024 14:45:52 GMT
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715352352.464801,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fiveyearswiisonline90.web.app/main.b44457161a67877b.js

199.36.158.100

200 OK

716 kB

URL GET HTTP/3
fiveyearswiisonline90.web.app/main.b44457161a67877b.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint6C:B8:FC:5E:5B:DF:AB:31:E6:02:C5:A6:D8:E2:D0:77:BB:5D:BC:7B
ValidityThu, 21 Mar 2024 15:14:42 GMT - Wed, 19 Jun 2024 15:14:41 GMT

File type
Unicode text, UTF-8 text, with very long lines (65510), with no line terminators
Size
716 kB (715976 bytes)
Hash
a80e41a3deabec78a6824108c0452c2b
b3f85f73a43a0941fbf728a821b0db71c59e6da7
0f3aafd61956f592b3be3f98d0eebe249582e74228aafa495e84212317b63ae9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main.b44457161a67877b.js HTTP/1.1
Host: fiveyearswiisonline90.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 715976
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "e4e08204bf131aeec9715738b195935318c589053ca8deebf0d6cc49d23e0522-br"
last-modified: Thu, 09 May 2024 20:56:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 10 May 2024 14:45:52 GMT
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715352352.465224,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

unpkg.com/imask

104.17.249.203

302 Found

105 kB

URL GET HTTP/2
unpkg.com/imask
IP
104.17.249.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type
ASCII text, with no line terminators
Size
105 kB (105018 bytes)
Hash
ee87f95c56449d371a560dd8211e4639
35cc8fc53b2c0abf0687ca981e15d4382c937399
0ff3cd58d562bd6db5c7d3f7e1e83b5777297a81e97ba57889291a1964b1d310

HTTP Headers

GET /imask HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 14:45:52 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /imask@7.6.0
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HXHFBP41EMC82YWP7SPZ5582-arn
cf-cache-status: HIT
age: 122
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881ab72ada66b517-OSL
X-Firefox-Spdy: h2

fiveyearswiisonline90.web.app/SBBWeb-Light.a02ca059167840a5.woff2

199.36.158.100

200 OK

14 kB

URL GET HTTP/3
fiveyearswiisonline90.web.app/SBBWeb-Light.a02ca059167840a5.woff2
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint6C:B8:FC:5E:5B:DF:AB:31:E6:02:C5:A6:D8:E2:D0:77:BB:5D:BC:7B
ValidityThu, 21 Mar 2024 15:14:42 GMT - Wed, 19 Jun 2024 15:14:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14212, version 1.0
Size
14 kB (14212 bytes)
Hash
8b70a44a98a0ac5d721df7d8f5136f7b
10e10c01e732f3d35a78e1051bfcc9fe2589ddda
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /SBBWeb-Light.a02ca059167840a5.woff2 HTTP/1.1
Host: fiveyearswiisonline90.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 14212
cache-control: max-age=3600
content-type: font/woff2
etag: "a66d58ae578826b2deea7f77bd7754ade37ba14bf45645b05d35a9317bceb035"
last-modified: Thu, 09 May 2024 20:56:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 10 May 2024 14:45:52 GMT
x-served-by: cache-hel1410026-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1715352353.734345,VS0,VE86
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fiveyearswiisonline90.web.app/assets/images/logo_text_de-20200819.svg

199.36.158.100

200 OK

13 kB

URL GET HTTP/3
fiveyearswiisonline90.web.app/assets/images/logo_text_de-20200819.svg
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint6C:B8:FC:5E:5B:DF:AB:31:E6:02:C5:A6:D8:E2:D0:77:BB:5D:BC:7B
ValidityThu, 21 Mar 2024 15:14:42 GMT - Wed, 19 Jun 2024 15:14:41 GMT

File type
SVG Scalable Vector Graphics image
Size
13 kB (12644 bytes)
Hash
512410d9227bb0c2481e175dce0eda72
1deb5d9f09592101e632a8351865d54b1d6a27f7
c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/logo_text_de-20200819.svg HTTP/1.1
Host: fiveyearswiisonline90.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 12644
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "1a3ba7a6c52020d49435de1bdb9e0162c1fad8c14bdb0b1ddbe69395c0299c60-br"
last-modified: Thu, 09 May 2024 20:56:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 10 May 2024 14:45:53 GMT
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1715352354.604084,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fiveyearswiisonline90.web.app/assets/images/logo-20200819.svg

199.36.158.100

200 OK

2.2 kB

URL GET HTTP/3
fiveyearswiisonline90.web.app/assets/images/logo-20200819.svg
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint6C:B8:FC:5E:5B:DF:AB:31:E6:02:C5:A6:D8:E2:D0:77:BB:5D:BC:7B
ValidityThu, 21 Mar 2024 15:14:42 GMT - Wed, 19 Jun 2024 15:14:41 GMT

File type
SVG Scalable Vector Graphics image
Size
2.2 kB (2212 bytes)
Hash
795242580bfa3135028bd0750fdc1654
2c344b6662e62ddbdba49f635e1c33a827fe75d4
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/logo-20200819.svg HTTP/1.1
Host: fiveyearswiisonline90.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2212
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "3b7d42f1295af01a2477f3010c163bf456176c4f5bc6bb4233fc5bd0089a2a00-br"
last-modified: Thu, 09 May 2024 20:56:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 10 May 2024 14:45:53 GMT
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715352354.605844,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fiveyearswiisonline90.web.app/SBBWeb-Light.a02ca059167840a5.woff2

199.36.158.100

200 OK

14 kB

URL GET HTTP/3
fiveyearswiisonline90.web.app/SBBWeb-Light.a02ca059167840a5.woff2
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint6C:B8:FC:5E:5B:DF:AB:31:E6:02:C5:A6:D8:E2:D0:77:BB:5D:BC:7B
ValidityThu, 21 Mar 2024 15:14:42 GMT - Wed, 19 Jun 2024 15:14:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14212, version 1.0
Size
14 kB (14212 bytes)
Hash
8b70a44a98a0ac5d721df7d8f5136f7b
10e10c01e732f3d35a78e1051bfcc9fe2589ddda
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /SBBWeb-Light.a02ca059167840a5.woff2 HTTP/1.1
Host: fiveyearswiisonline90.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/styles.707209df0cc43c2f.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 14212
cache-control: max-age=3600
content-type: font/woff2
etag: "a66d58ae578826b2deea7f77bd7754ade37ba14bf45645b05d35a9317bceb035"
last-modified: Thu, 09 May 2024 20:56:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 10 May 2024 14:45:53 GMT
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1715352354.751371,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

api.ipify.org/?format=json

172.67.74.152

200 OK

21 B

URL GET HTTP/2
api.ipify.org/?format=json
IP
172.67.74.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectipify.org
FingerprintC8:1A:05:47:C5:73:C6:CE:DF:1D:A6:DE:00:11:A9:9A:8C:DB:EF:A7
ValidityThu, 21 Mar 2024 19:56:02 GMT - Wed, 19 Jun 2024 19:56:01 GMT

File type
JSON text data
Size
21 B (21 bytes)
Hash
7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65

HTTP Headers

GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fiveyearswiisonline90.web.app
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 14:45:53 GMT
content-type: application/json
content-length: 21
access-control-allow-origin: *
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 881ab731f897b515-OSL
X-Firefox-Spdy: h2

fiveyearswiisonline90.web.app/favicon.ico

199.36.158.100

200 OK

154 B

URL GET HTTP/3
fiveyearswiisonline90.web.app/favicon.ico
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint6C:B8:FC:5E:5B:DF:AB:31:E6:02:C5:A6:D8:E2:D0:77:BB:5D:BC:7B
ValidityThu, 21 Mar 2024 15:14:42 GMT - Wed, 19 Jun 2024 15:14:41 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
154 B (154 bytes)
Hash
6d866d9c4568bf7fc03e597e74ce7e28
e1b3d9f0e9cdcb785a94b6c1e1fe651a4ff98dcb
7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: fiveyearswiisonline90.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 154
cache-control: max-age=3600
content-encoding: br
content-type: image/x-icon
etag: "2aace58044b3dd8d5f3c79089665e969212fc627b6447350292ea4268b3a2c59-br"
last-modified: Thu, 09 May 2024 20:56:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 10 May 2024 14:45:53 GMT
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1715352354.859940,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.35

200 OK

204 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fiveyearswiisonline90.web.app
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 340399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d27la2n6wh4qws.cloudfront.net/1.11.157/assets/resources/img/logo.svg

54.230.241.88

200 OK

27 kB

URL GET HTTP/2
d27la2n6wh4qws.cloudfront.net/1.11.157/assets/resources/img/logo.svg
IP
54.230.241.88:443
ASN
#16509 AMAZON-02

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
27 kB (27162 bytes)
Hash
795242580bfa3135028bd0750fdc1654
2c344b6662e62ddbdba49f635e1c33a827fe75d4
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass

HTTP Headers

GET /1.11.157/assets/resources/img/logo.svg HTTP/1.1
Host: d27la2n6wh4qws.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 10 May 2024 14:45:54 GMT
last-modified: Tue, 16 May 2023 11:19:24 GMT
etag: W/"795242580bfa3135028bd0750fdc1654"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
server: AmazonS3
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KuY6B5Dmv6xfrktyrV-XovYuGQX-whpcG9D1qfTHP5tRUe-8_aQx4g==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.35

200 OK

204 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 340400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.35

200 OK

204 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:12:34 GMT
expires: Tue, 06 May 2025 16:12:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 340400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 598490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:50:52 GMT
expires: Fri, 09 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
age: 132902
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js

142.250.74.132

200 OK

7.4 kB

URL GET HTTP/3
www.google.com/js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (17542)
Size
7.4 kB (7438 bytes)
Hash
7c111ad0cbb18935696bc8bb0846ec26
a9c77f0678ff71a4032e787999ada733e7da10cf
120846a7bd9fdcbff2f47564e0d9fc564fc100c581f5f1881333f70f3bd00d6f

HTTP Headers

GET /js/bg/EghGp72f3L_y9HVk4Nn8Vk_BAMWB9fGIEzP3DzvQDW8.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7438
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 01:06:37 GMT
expires: Sat, 10 May 2025 01:06:37 GMT
cache-control: public, max-age=31536000
age: 49157
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:54:07 GMT
expires: Thu, 16 May 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 129107
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.ipapi.com/api/91.90.42.154?access_key=722c3aeddcac7361ed0ebde3f3273cba

104.21.78.217

200 OK

6.9 kB

URL GET HTTP/2
api.ipapi.com/api/91.90.42.154?access_key=722c3aeddcac7361ed0ebde3f3273cba
IP
104.21.78.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerLet's Encrypt
Subjectipapi.com
Fingerprint5B:D5:A6:1F:4A:FC:65:5B:73:15:76:04:06:70:38:13:BF:F9:10:93
ValidityWed, 01 May 2024 01:59:02 GMT - Tue, 30 Jul 2024 01:59:01 GMT

File type
JSON text data
Size
6.9 kB (6924 bytes)
Hash
21853941d5e1c361c573b16a635a470b
59bea4c157596a0c4d3c973a8775836fc29b5d83
c1d1fd1e414402829a02dfb6242e80a06e2d1571b100c5cf0a732ca1d74e5326

HTTP Headers

GET /api/91.90.42.154?access_key=722c3aeddcac7361ed0ebde3f3273cba HTTP/1.1
Host: api.ipapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fiveyearswiisonline90.web.app
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 14:45:54 GMT
content-type: application/json; Charset=UTF-8
x-apilayer-transaction-id: 30ba0b0f-e984-45bb-ac69-b951becbfe7d
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
x-request-time: 0.005
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bVQKE8FdbH%2B7QYMfaQ9M9SQzszaoFl51LuDIQwJU7%2BqBAVKBmyzl%2BABkjX78SjgsPjTCDPLvNmwf3AKfhvWTpOdSJjaPxxi79H%2FjyDgbs6IdRfu%2FZWTvSI0C0wfNFLH4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 881ab733ea5356a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q

142.250.74.132

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
88f0c38a7e2040f9de4edcadf67abd93
0fac6e63c661377c3a229dc53dadb04d96f1140a
732c8f6da5ca71626a4d4e2d7cd0ebe8e6b4453e70208fb1fef7ec2dd8fa84a6

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 10 May 2024 14:45:54 GMT
date: Fri, 10 May 2024 14:45:54 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

unpkg.com/imask@7.6.0

104.17.249.203

302 Found

124 kB

URL GET HTTP/2
unpkg.com/imask@7.6.0
IP
104.17.249.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type

Size
124 kB (124056 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /imask@7.6.0 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiveyearswiisonline90.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 14:45:52 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
location: /imask@7.6.0/dist/imask.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01HWRA8CB4PE2G0BXGRFGHNC6Z-arn
cf-cache-status: HIT
age: 844334
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881ab72b0aa0b517-OSL
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv

142.250.74.132

200 OK

46 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
HTML document, ASCII text, with very long lines (37650)
Size
46 kB (46376 bytes)
Hash
66fb38fbda7b4897e04c07a050768a34
eb750550b8825691f1b4c6d1f9d390733d70f085
734e14446f06dae5375205e443dbd0f39bb81b20bd041546f25f73b0096c6ca6

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 14:45:54 GMT
content-security-policy: script-src 'nonce-OYMfbvYfgWDuEKyK-PZFSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

unpkg.com/imask@7.6.0/dist/imask.js

104.17.249.203

200 OK

124 kB

URL GET HTTP/2
unpkg.com/imask@7.6.0/dist/imask.js
IP
104.17.249.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type
JavaScript source, ASCII text, with very long lines (2180)
Size
124 kB (124056 bytes)
Hash
90d24b2904648cb5e6c69aa928670cac
b0da429920df35767bacdcb28ebf3c970843d262
34ca2ea74c4825f807032b6b4c296fe9cd5bf5ce1c7fc336e09c0309a360ade0

HTTP Headers

GET /imask@7.6.0/dist/imask.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fiveyearswiisonline90.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 14:45:52 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1e498-sNpCmSDfNXZ7rNyyjr88lwhD0mI"
via: 1.1 fly.io
fly-request-id: 01HWR0Q9VSRCQFPH7BDDF6N33C-arn
cf-cache-status: HIT
age: 854331
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 881ab72b4b0ab517-OSL
X-Firefox-Spdy: h2

fiveyearswiisonline90.web.app/styles.707209df0cc43c2f.css

199.36.158.100

200 OK

701 kB

URL GET HTTP/3
fiveyearswiisonline90.web.app/styles.707209df0cc43c2f.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint6C:B8:FC:5E:5B:DF:AB:31:E6:02:C5:A6:D8:E2:D0:77:BB:5D:BC:7B
ValidityThu, 21 Mar 2024 15:14:42 GMT - Wed, 19 Jun 2024 15:14:41 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
701 kB (701142 bytes)
Hash
d4ca8784078a7adfeaf201d9859340b4
5b24b871dc03cf70ae10799bc17da8b99a124b8d
ea35e9657329683d4c75301b8850fde380505b13a50afcf421cce78b8940c3f6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - SwissPass
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /styles.707209df0cc43c2f.css HTTP/1.1
Host: fiveyearswiisonline90.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 68491
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "7f26ac132eaa001308efd034ab5bfb8b4ccd3ae2d4b7156bb5f95914b57d8b5d-br"
last-modified: Thu, 09 May 2024 20:56:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 10 May 2024 14:45:52 GMT
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715352353.734081,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

www.google.com/recaptcha/api.js?render=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&onload=ng2recaptchaloaded

142.250.74.132

200 OK

945 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&onload=ng2recaptchaloaded
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://fiveyearswiisonline90.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
JavaScript source, ASCII text, with very long lines (945), with no line terminators
Size
945 B (945 bytes)
Hash
5a9af8feb2eff3f6a0b24e363b4b3f0e
d1e5c9b6351f53a9d5d0d01422b2d352c26cf4db
ca810d6e4bfce8df857724bcdfa5d5f84e67853a4d7dd9be83ad75bd138dbcc7

HTTP Headers

GET /recaptcha/api.js?render=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&onload=ng2recaptchaloaded HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://fiveyearswiisonline90.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 10 May 2024 14:45:53 GMT
date: Fri, 10 May 2024 14:45:53 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css

142.250.74.35

200 OK

56 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly9maXZleWVhcnN3aWlzb25saW5lOTAud2ViLmFwcDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=fe0l6i6cu9xv
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
56 kB (56412 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 19:34:32 GMT
expires: Tue, 06 May 2025 19:34:32 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/css
vary: Accept-Encoding
age: 328282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML