Report - links.swissvertising-online.ch/dispatcher/service?dh=241016141522401536&l=de&o=0&a=12241016144901514889

Report Overview

Visited public
2024-10-17 10:39:45
Tags
URL
links.swissvertising-online.ch/dispatcher/service?dh=241016141522401536&l=de&o=0&a=12241016144901514889
Finishing URL
about:privatebrowsing
IP / ASN
195.190.140.148
#39392 SH.cz s.r.o.
Title
about:privatebrowsing

Detections

urlquery

0

Network Intrusion Detection

2

Threat Detection Systems

0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mailer-service.de	592721	unknown	2017-01-30	2024-10-16	503 B	0 B	0.0.0.0
links.swissvertising-online.ch	unknown	unknown	2024-10-17	2024-10-17	1.9 kB	6.6 kB	195.190.140.148

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-10-17 10:39:20	low	195.190.140.148	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate
2024-10-17 10:39:23	low	195.190.140.148	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (6)

	URL	IP	Response	Size
	links.swissvertising-online.ch/dispatcher/service?dh=241016141522401536&l=de&o=0&a=12241016144901514889	195.190.140.148	302	0 B
URL User Request GET links.swissvertising-online.ch/dispatcher/service?dh=241016141522401536&l=de&o=0&a=12241016144901514889 IP 195.190.140.148:0 ASN #39392 SH.cz s.r.o. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /dispatcher/service?dh=241016141522401536&l=de&o=0&a=12241016144901514889 HTTP/1.1 Host: links.swissvertising-online.ch User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 302 Expires: Sat, 6 May 1995 12:00:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Access-Control-Allow-Origin: * Location: https://mailer-service.de/red.php?r=0&lid=3140296&ln=12 Content-Length: 0 Date: Thu, 17 Oct 2024 10:39:19 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload; Set-Cookie: SSLSERVERID=web1; path=/; HttpOnly; Secure`

	links.swissvertising-online.ch/	195.190.140.148	302	0 B
URL links.swissvertising-online.ch/ IP 195.190.140.148:0 ASN #39392 SH.cz s.r.o. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: links.swissvertising-online.ch User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 302 Expires: Sat, 6 May 1995 12:00:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Referrer-Policy: origin Permissions-Policy: Content-Security-Policy: default-src ; script-src https://url.xcpro.ch 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; worker-src blob:; img-src data: blob:; Location: /login/LoginPage.jsf Content-Type: text/html;charset=UTF-8 Content-Length: 0 Date: Thu, 17 Oct 2024 10:39:22 GMT Set-Cookie: JSESSIONID=B0F6074D78E7FD9E8F37923DBA653C61; Path=/; HttpOnly SERVERID=web2; path=/; HttpOnly

	links.swissvertising-online.ch/login/LoginPage.jsf	195.190.140.148	302	0 B
URL links.swissvertising-online.ch/login/LoginPage.jsf IP 195.190.140.148:0 ASN #39392 SH.cz s.r.o. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /login/LoginPage.jsf HTTP/1.1 Host: links.swissvertising-online.ch User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Location: https://links.swissvertising-online.ch/login/LoginPage.jsf Content-Length: 0 Date: Thu, 17 Oct 2024 10:39:23 GMT Set-Cookie: SERVERID=web1; path=/; HttpOnly`

	links.swissvertising-online.ch/login/LoginPage.jsf	195.190.140.148	302	0 B
URL links.swissvertising-online.ch/login/LoginPage.jsf IP 195.190.140.148:0 ASN #39392 SH.cz s.r.o. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /login/LoginPage.jsf HTTP/1.1 Host: links.swissvertising-online.ch User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 302 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Referrer-Policy: origin Permissions-Policy: Content-Security-Policy: default-src 'self'; script-src https://url.xcpro.ch 'self' https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src * data: blob:; frame-src https://www.google.com/recaptcha/; Set-Cookie: JSESSIONID=466570EAA9E4288766325C1482007658; Path=/; Secure; HttpOnly dsrwid--778=-778; path=/; maxAge=30; SameSite=Strict SSLSERVERID=web2; path=/; HttpOnly; Secure Location: /login/LoginPage.jsf?jfwid=-778 Content-Length: 0 Date: Thu, 17 Oct 2024 10:39:23 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;

	links.swissvertising-online.ch/login/LoginPage.jsf?jfwid=-778	195.190.140.148	200	3.5 kB
URL links.swissvertising-online.ch/login/LoginPage.jsf?jfwid=-778 IP 195.190.140.148:0 ASN #39392 SH.cz s.r.o. File type XML 1.0 document, Unicode text, UTF-8 text, with very long lines (2328) Size 3.5 kB (3530 bytes) Hash fe5c9ffe1c011edb786f2ad22cd28339 445afe0cd3f5bea47f15d35afc81dc0a9a1e3b19 54cb6f2a2a60c7720f18cdc514b64bad48cbca21231e115c3178e8544e5d7e00 HTTP Headers `GET /login/LoginPage.jsf?jfwid=-778 HTTP/1.1 Host: links.swissvertising-online.ch User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Referrer-Policy: origin Permissions-Policy: Content-Security-Policy: default-src 'self'; script-src https://url.xcpro.ch 'self' https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src * data: blob:; frame-src https://www.google.com/recaptcha/; Set-Cookie: JSESSIONID=C37D46EC18DC66198F4D305A683E81EA; Path=/; Secure; HttpOnly oam.Flash.RENDERMAP.TOKEN=a5t82uhsr; Path=/; Secure; HttpOnly; SameSite=Strict SSLSERVERID=web1; path=/; HttpOnly; Secure vary: accept-encoding Content-Encoding: gzip Content-Type: text/html;charset=UTF-8 Transfer-Encoding: chunked Date: Thu, 17 Oct 2024 10:39:23 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload; Cache-control: private

	mailer-service.de/red.php?r=0&lid=3140296&ln=12	0.0.0.0		0 B
URL User Request GET mailer-service.de/red.php?r=0&lid=3140296&ln=12 IP 0.0.0.0:0 ASN #0 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /red.php?r=0&lid=3140296&ln=12 HTTP/1.1 Host: mailer-service.de User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache`