ebanking-ch3-ubs-a3ab0.web.app/index.html?session=2217a9ad-0d4a-4ea1-ba7c-4fb82071f26f
199.36.158.100200 OK 656 B URL User Request GET HTTP/2 ebanking-ch3-ubs-a3ab0.web.app/index.html?session=2217a9ad-0d4a-4ea1-ba7c-4fb82071f26f
IP 199.36.158.100:443
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 8b0c26bbe015773d35609d101094167b
fe232ea2e47c174c905c63ed941fc030bd8f8a8e
20f4e0215945949318eac3514e2f34e16abe6951ede19684b015e544f6a76497
Analyzer Verdict Alert quad9 Sinkholed
GET /index.html?session=2217a9ad-0d4a-4ea1-ba7c-4fb82071f26f HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "d93f2addb7d6f5aeee4cbaf67ab5525ac3c2248baa59b65156d9d33475ca2282-br"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:44 GMT
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686352244.457777,VS0,VE5
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 656
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4int/wrllXI_-LL8
142.250.74.131 472 B URL ocsp.pki.goog/s/gts1d4int/wrllXI_-LL8
IP 142.250.74.131:0
Hash 10cabd1b7be0faadfb6f910fa7a0f02d
2aa78f242ecd07f58ad41a227e763ae0360a06a2
92b18f2cb9856e8a3afd3b6cfa5a21a9e606533490bf4d7f31814e9e3caef15e
POST /s/gts1d4int/wrllXI_-LL8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 23:10:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ebanking-ch3-ubs-a3ab0.web.app/assets/uwr.css
199.36.158.100200 OK 39 kB URL GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/assets/uwr.css
IP 199.36.158.100:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type ASCII text, with very long lines (3703)
Hash 804b4773846b3c72628c10811b773224
1c4df9ceeac0a9755dcf91513ffeb51384b57f25
7dcadd6979668d8e3eadf973bc8d9a8a9dcce4eabf275f6275a7cad54676664c
Analyzer Verdict Alert openphish UBS AG
phishtank Other
quad9 Sinkholed
GET /assets/uwr.css HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/index.html?session=2217a9ad-0d4a-4ea1-ba7c-4fb82071f26f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 38736
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "b64822d69d747e2c2e10acfb657e5b9b9e3a32f2b924237f14fa5d817701215d-br"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:44 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686352245.714463,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ebanking-ch3-ubs-a3ab0.web.app/assets/default.css
199.36.158.100200 OK 9.8 kB URL GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/assets/default.css
IP 199.36.158.100:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type ASCII text, with very long lines (7663)
Hash ddec509cd74a468d424bd132f918cc1f
bfd60133cc148031acaab8cde13c6684be5d9081
3ce9310cee89590685e37248ffb80cbf2737b461dc615585be618f53e1d22802
Analyzer Verdict Alert openphish UBS AG
phishtank Other
quad9 Sinkholed
GET /assets/default.css HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/index.html?session=2217a9ad-0d4a-4ea1-ba7c-4fb82071f26f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 9829
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "29c82a930ae07d7275bceb8f24636e399f6ea4b62d56233c9e8442cbfd26cf4f-br"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:44 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686352245.715588,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
code.jquery.com/jquery-3.6.0.min.js
69.16.175.42200 OK 31 kB URL GET HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.42:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 23:10:44 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1686352244.dop067.sk1.t,1686352244.cds259.sk1.hn,1686352244.cds210.sk1.c
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js
151.101.1.229200 OK 687 B URL GET HTTP/3 cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js
IP 151.101.1.229:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type ASCII text, with very long lines (1366), with no line terminators
Hash 446d2277e6a146a9fbca81cd4ce3f3b8
59d9ff543ea6044e84be895d760541ea0e04cf98
4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc
GET /npm/uuid@latest/dist/umd/uuidv4.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 8.3.2
x-jsd-version-type: version
etag: W/"556-Wdn/VD6mBE6EvolddgVB6g4Ez5g"
content-encoding: br
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:44 GMT
age: 40738
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1636-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 687
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
152.199.19.160 30 kB URL ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 5285680
cache-control: public,max-age=31536000
content-type: application/javascript
date: Fri, 09 Jun 2023 23:10:44 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F6AE)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226 1.5 kB URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 1190690502a616f2f3e7663b98b71ab2
c2d5df64d03d90e97b390ede15ba9dc102f83e78
202771d501170d726be0272c8e0c37119cc22782026a3ae0666492503c2434f0
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 23:10:44 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "B5F44511851DC32BC5223A2B1035089A89340D8D"
Expires: Sat, 10 Jun 2023 10:00:00 GMT
Last-Modified: Fri, 09 Jun 2023 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2944
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d4d0cbaeae61bfe-OSL
ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
199.36.158.100200 OK 4.9 kB URL User Request GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
IP 199.36.158.100:443
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (606)
Hash 3612cfea0584e8d3248b301edbf058a1
a088d19611856f6051dffae3f5d59f140682eb21
63476ebe5384c8dedcbdc39f8bf8929ab6a4e1e8adfbefdf894a1fffee3a25f1
Analyzer Verdict Alert quad9 Sinkholed
GET /login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79 HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/index.html?session=2217a9ad-0d4a-4ea1-ba7c-4fb82071f26f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 4932
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "e8513955d6f202ede0462d2e053be928d81c9699fd562e3d5ca51bfdf9168bd5-br"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:45 GMT
x-served-by: cache-bma1678-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686352245.037649,VS0,VE186
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ebanking-ch3-ubs-a3ab0.web.app/assets/uwr.css
199.36.158.100200 OK 39 kB URL GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/assets/uwr.css
IP 199.36.158.100:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type ASCII text, with very long lines (3703)
Hash 804b4773846b3c72628c10811b773224
1c4df9ceeac0a9755dcf91513ffeb51384b57f25
7dcadd6979668d8e3eadf973bc8d9a8a9dcce4eabf275f6275a7cad54676664c
Analyzer Verdict Alert openphish UBS AG
phishtank Other
quad9 Sinkholed
GET /assets/uwr.css HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 38736
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "b64822d69d747e2c2e10acfb657e5b9b9e3a32f2b924237f14fa5d817701215d-br"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:45 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1686352245.302560,VS0,VE0
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ebanking-ch3-ubs-a3ab0.web.app/assets/default.css
199.36.158.100200 OK 9.8 kB URL GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/assets/default.css
IP 199.36.158.100:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type ASCII text, with very long lines (7663)
Hash ddec509cd74a468d424bd132f918cc1f
bfd60133cc148031acaab8cde13c6684be5d9081
3ce9310cee89590685e37248ffb80cbf2737b461dc615585be618f53e1d22802
Analyzer Verdict Alert openphish UBS AG
phishtank Other
quad9 Sinkholed
GET /assets/default.css HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 9829
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "29c82a930ae07d7275bceb8f24636e399f6ea4b62d56233c9e8442cbfd26cf4f-br"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:45 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1686352245.302551,VS0,VE0
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js
151.101.1.229200 OK 687 B URL GET HTTP/3 cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js
IP 151.101.1.229:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type ASCII text, with very long lines (1366), with no line terminators
Hash 446d2277e6a146a9fbca81cd4ce3f3b8
59d9ff543ea6044e84be895d760541ea0e04cf98
4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc
GET /npm/uuid@latest/dist/umd/uuidv4.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 687
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 8.3.2
x-jsd-version-type: version
etag: W/"556-Wdn/VD6mBE6EvolddgVB6g4Ez5g"
content-encoding: br
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:45 GMT
age: 40739
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
code.jquery.com/jquery-3.6.0.min.js
69.16.175.42200 OK 31 kB URL GET HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.42:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ebanking-ch3-ubs-a3ab0.web.app
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 23:10:45 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1686352245.dop202.sk1.t,1686352245.cds264.sk1.hn,1686352245.cds210.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 23:10:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 23:10:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 23:10:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 23:10:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 23:10:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/5.9.4/firebase.js
142.250.74.35200 OK 215 kB URL GET HTTP/2 www.gstatic.com/firebasejs/5.9.4/firebase.js
IP 142.250.74.35:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size 215 kB (215186 bytes)
Hash 0bf6a1b8844e5369048bad6039aa458e
8ace06447098c89a29f3195dc537840b49232207
43b5a6a45ec4d2a2d88673ec22c45228bb8dd3b5ed0e6fbf426aaafc84b0607d
GET /firebasejs/5.9.4/firebase.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 215186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Jun 2023 02:29:03 GMT
expires: Thu, 06 Jun 2024 02:29:03 GMT
cache-control: public, max-age=31536000
age: 247302
last-modified: Thu, 11 Apr 2019 22:18:35 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/6.1.1/firebase-auth.js
142.250.74.35200 OK 51 kB URL GET HTTP/2 www.gstatic.com/firebasejs/6.1.1/firebase-auth.js
IP 142.250.74.35:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash ec3583f983613b050682579d60145992
1a3b7f9a6c07e9e5cf5dd3d111b80b0d5c50d143
e01650a2a8c967e5457a964aa0b4202ee3b239c3e4239e1bd7fab961b31187db
GET /firebasejs/6.1.1/firebase-auth.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 51196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Jun 2023 20:50:50 GMT
expires: Thu, 06 Jun 2024 20:50:50 GMT
cache-control: public, max-age=31536000
age: 181195
last-modified: Thu, 06 Jun 2019 21:07:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/7.3.0/firebase-app.js
142.250.74.35200 OK 4.1 kB URL GET HTTP/2 www.gstatic.com/firebasejs/7.3.0/firebase-app.js
IP 142.250.74.35:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (12024)
Hash ae6f233549d09ca82802df93e5477e72
3bba8439112b8368f01030ca1612314d849063bc
98df1d69429a11de8ce7d87e8436a04b0dedc3e5ede509664e10734ffc50854e
GET /firebasejs/7.3.0/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 4111
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 16:14:28 GMT
expires: Wed, 05 Jun 2024 16:14:28 GMT
cache-control: public, max-age=31536000
age: 284177
last-modified: Thu, 07 Nov 2019 23:11:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/7.3.0/firebase-analytics.js
142.250.74.35200 OK 7.0 kB URL GET HTTP/2 www.gstatic.com/firebasejs/7.3.0/firebase-analytics.js
IP 142.250.74.35:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (21419)
Hash 75d95ed7c376b1b07d6787ee09958026
d336bb20db9ce683a01fa5ee0d78a0c63b573166
6685cfe54ddef3255c33d0198352369294fb10139e820a3940080d78906bf7ed
GET /firebasejs/7.3.0/firebase-analytics.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 6955
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 09:44:49 GMT
expires: Sun, 02 Jun 2024 09:44:49 GMT
cache-control: public, max-age=31536000
age: 566756
last-modified: Thu, 07 Nov 2019 23:11:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/6.1.1/firebase-database.js
142.250.74.35200 OK 182 kB URL GET HTTP/2 www.gstatic.com/firebasejs/6.1.1/firebase-database.js
IP 142.250.74.35:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 182 kB (181507 bytes)
Hash 73c7155633ce0d4a9e76483b0ac8e092
fc7d4889499e9e747b5f2bd6a7fb18cc307c1988
24b67f290ff38e305234a9aaeb58d23fb6cac856c328519a461822603d2eb545
GET /firebasejs/6.1.1/firebase-database.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 181507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Jun 2023 23:10:45 GMT
expires: Sat, 08 Jun 2024 23:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 06 Jun 2019 21:07:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ebanking-ch3-ubs-a3ab0.web.app/images/input-question.png
199.36.158.100200 OK 1.2 kB URL GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/images/input-question.png
IP 199.36.158.100:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 36 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 229f1819d3ee7eb3f64efab6977ef28b
e83603608c8ef0ba5d4a580dc2b38f07178ff618
991aa4c61dd3b50772784f9ed5303aa905fbf57e3f63b5e40168eb608a56ffa8
Analyzer Verdict Alert openphish UBS AG
phishtank Other
quad9 Sinkholed
GET /images/input-question.png HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/assets/default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1161
cache-control: max-age=3600
content-type: image/png
etag: "4ce7e772f292b3dfd6861f9ec832f1b4cf7fb3633437ff6e7a9b458e893ed92d"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:45 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686352246.585829,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ebanking-ch3-ubs-a3ab0.web.app/images/illustrations-login_keychain.png
199.36.158.100200 OK 20 kB URL GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/images/illustrations-login_keychain.png
IP 199.36.158.100:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 370 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash e80a83fca3f0ceb4ad4e3e83a6e01edd
372bf2745fedb828a3fa823ec17a03ccdd25572a
2192281c5f07f6a11781f3f980f4cc3542ca6cbf29c417c0eb5d1636c84863a4
Analyzer Verdict Alert openphish UBS AG
phishtank Other
quad9 Sinkholed
GET /images/illustrations-login_keychain.png HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/assets/default.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 20048
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "13f2868e1312e740855f511ae2874cd5d1a0cdab13ac84eaf3adf38e710ba946-br"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:45 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686352246.586404,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ebanking-ch3-ubs-a3ab0.web.app/assets/widgets/Common/fonts/ubs-latin-extended/409b4bec-c67e-4764-a141-054db8df81d2.woff
199.36.158.100200 OK 2.1 kB URL GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/assets/widgets/Common/fonts/ubs-latin-extended/409b4bec-c67e-4764-a141-054db8df81d2.woff
IP 199.36.158.100:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 8b0c26bbe015773d35609d101094167b
fe232ea2e47c174c905c63ed941fc030bd8f8a8e
20f4e0215945949318eac3514e2f34e16abe6951ede19684b015e544f6a76497
Analyzer Verdict Alert openphish UBS AG
phishtank Other
quad9 Sinkholed
GET /assets/widgets/Common/fonts/ubs-latin-extended/409b4bec-c67e-4764-a141-054db8df81d2.woff HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/assets/uwr.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 2100
cache-control: max-age=3600
content-type: text/html; charset=utf-8
etag: "d93f2addb7d6f5aeee4cbaf67ab5525ac3c2248baa59b65156d9d33475ca2282"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:45 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686352246.586382,VS0,VE8
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ebanking-ch3-ubs-a3ab0.web.app/assets/widgets/Common/fonts/ubs-latin-extended/59d9a83f-4045-4d43-af46-655f845461ee.woff
199.36.158.100200 OK 2.1 kB URL GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/assets/widgets/Common/fonts/ubs-latin-extended/59d9a83f-4045-4d43-af46-655f845461ee.woff
IP 199.36.158.100:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 8b0c26bbe015773d35609d101094167b
fe232ea2e47c174c905c63ed941fc030bd8f8a8e
20f4e0215945949318eac3514e2f34e16abe6951ede19684b015e544f6a76497
Analyzer Verdict Alert openphish UBS AG
phishtank Other
quad9 Sinkholed
GET /assets/widgets/Common/fonts/ubs-latin-extended/59d9a83f-4045-4d43-af46-655f845461ee.woff HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/assets/uwr.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 2100
cache-control: max-age=3600
content-type: text/html; charset=utf-8
etag: "d93f2addb7d6f5aeee4cbaf67ab5525ac3c2248baa59b65156d9d33475ca2282"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:45 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686352246.589596,VS0,VE5
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 23:10:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ebanking-ch3-ubs-a3ab0.web.app/images/favicon-32.png
199.36.158.100200 OK 803 B URL GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/images/favicon-32.png
IP 199.36.158.100:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced\012- data
Hash 892b85be9320460911776a0fe77c3ac6
3ab31b84b0acead34098457883601ec804a60b21
0c97023979397923b58fb0907f124f1a6f4029faf9c8ca7993b399299b5fcf08
Analyzer Verdict Alert openphish UBS AG
phishtank Other
quad9 Sinkholed
GET /images/favicon-32.png HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 803
cache-control: max-age=3600
content-type: image/png
etag: "52158b8e8d6f6d7d6382245860bd6617342b6827f5ad5c9c589ac99eb30e5a43"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:45 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686352246.720997,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ebanking-ch3-ubs-a3ab0.web.app/assets/widgets/Common/fonts/ubs-latin-extended/f901b503-9104-414a-a856-af9bcc802b5c.ttf
199.36.158.100200 OK 656 B URL GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/assets/widgets/Common/fonts/ubs-latin-extended/f901b503-9104-414a-a856-af9bcc802b5c.ttf
IP 199.36.158.100:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 8b0c26bbe015773d35609d101094167b
fe232ea2e47c174c905c63ed941fc030bd8f8a8e
20f4e0215945949318eac3514e2f34e16abe6951ede19684b015e544f6a76497
Analyzer Verdict Alert openphish UBS AG
phishtank Other
quad9 Sinkholed
GET /assets/widgets/Common/fonts/ubs-latin-extended/f901b503-9104-414a-a856-af9bcc802b5c.ttf HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/assets/uwr.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 656
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "d93f2addb7d6f5aeee4cbaf67ab5525ac3c2248baa59b65156d9d33475ca2282-br"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:45 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686352246.732907,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ebanking-ch3-ubs-a3ab0.web.app/assets/widgets/Common/fonts/ubs-latin-extended/efe9def0-77d1-4c28-8fd2-371236a3c8ed.ttf
199.36.158.100200 OK 656 B URL GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/assets/widgets/Common/fonts/ubs-latin-extended/efe9def0-77d1-4c28-8fd2-371236a3c8ed.ttf
IP 199.36.158.100:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 8b0c26bbe015773d35609d101094167b
fe232ea2e47c174c905c63ed941fc030bd8f8a8e
20f4e0215945949318eac3514e2f34e16abe6951ede19684b015e544f6a76497
Analyzer Verdict Alert openphish UBS AG
phishtank Other
quad9 Sinkholed
GET /assets/widgets/Common/fonts/ubs-latin-extended/efe9def0-77d1-4c28-8fd2-371236a3c8ed.ttf HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/assets/uwr.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 656
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "d93f2addb7d6f5aeee4cbaf67ab5525ac3c2248baa59b65156d9d33475ca2282-br"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:45 GMT
x-served-by: cache-bma1678-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686352246.735580,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash fc8e1ec54c50413f6e09e63a85414e7c
929ef6a2a5150200fe2bacfc03245b53be30e46f
9441071bcc600b4efd8d0e6f03237f7cccb737b30125bd1095051a5acdf23ec6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 23:10:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?l=dataLayer
142.250.74.40200 OK 41 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?l=dataLayer
IP 142.250.74.40:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2271)
Hash 45060e1a4c8182fc3407b4bf496c64a8
a36c84ac2c56c5b34cf5801fb9839b323505e03b
3f5f4ed7f3ad49a8564b83a370b2bc77eb35493fff8afc8b4bf0fdefd86632d1
GET /gtag/js?l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Jun 2023 23:10:45 GMT
expires: Fri, 09 Jun 2023 23:10:45 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Jun 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 1a76ed3f9e8dce63de25d8ca587e2e0b
d6eca26adeed01d3e95c752b62b3884ec3f2511a
18af8bf760a0f7e0d7ebd251b851a86e2c55300aa66e5dafe1be71d8c323a959
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 23:10:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ebanking-ch3-ubs-a3ab0.web.app/images/favicon-512.png
199.36.158.100200 OK 10 kB URL GET HTTP/3 ebanking-ch3-ubs-a3ab0.web.app/images/favicon-512.png
IP 199.36.158.100:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 5e279eb0fc66918dc47e80a42a1c9db3
5abcdb7d7082bf2c1e7b9c732a4d37f21b345ef7
04c9fab63864280c052c48ae415c5286fd83c50bff3ca230bfad817b2013c825
Analyzer Verdict Alert openphish UBS AG
phishtank Other
quad9 Sinkholed
GET /images/favicon-512.png HTTP/1.1
Host: ebanking-ch3-ubs-a3ab0.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 10194
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "41b14d1b3f50f4f0e9873f8dde3540f80300fd7e024b0e1d2acb6c98ea080c51-br"
last-modified: Wed, 31 Aug 2022 11:03:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 09 Jun 2023 23:10:45 GMT
x-served-by: cache-bma1678-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686352246.720306,VS0,VE164
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ocsp.pki.goog/s/gts1d4int/Guohslu5abc
142.250.74.131 472 B URL ocsp.pki.goog/s/gts1d4int/Guohslu5abc
IP 142.250.74.131:0
Hash 0ad5cb47496ebe12c2dd20af762f97a5
d87f8c19dd272a5b8620e95331bd553c59d4bbf2
f5a3a6b7f36156641d616ac46a1f50ed1b1656a77dd133a16a191f235a8e4aa5
POST /s/gts1d4int/Guohslu5abc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 23:10:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pruject-59cab-default-rtdb.firebaseio.com/.ws?v=5
34.120.160.131 0 B URL pruject-59cab-default-rtdb.firebaseio.com/.ws?v=5
IP 34.120.160.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /.ws?v=5 HTTP/1.1
Host: pruject-59cab-default-rtdb.firebaseio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ebanking-ch3-ubs-a3ab0.web.app
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5fmiViFwPQMijJXsccUiuA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Fri, 09 Jun 2023 23:10:46 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KQq6Hz7Gi00CApHy81hMwaY90Ko=
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
unpkg.com/axios/dist/axios.min.js
104.16.126.175302 Found 32 kB URL GET HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.126.175:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 09 Jun 2023 23:10:45 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.4.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H2H6B6TCM4Q1NJN9MHMH5506-fra
cf-cache-status: HIT
age: 498
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4d0cbdcb140b41-OSL
X-Firefox-Spdy: h2
pruject-59cab-default-rtdb.firebaseio.com/.ws?v=5
34.120.160.131101 Switching Protocols 0 B URL GET HTTP/1.1 pruject-59cab-default-rtdb.firebaseio.com/.ws?v=5
IP 34.120.160.131:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerGoogle Trust Services LLC
Subject*.us-central1.firebasedatabase.app
Fingerprint91:14:41:84:C3:F8:48:9D:29:56:8C:D4:35:43:F6:B8:53:F1:FE:FE
ValidityFri, 24 Mar 2023 14:49:18 GMT - Thu, 22 Jun 2023 14:49:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /.ws?v=5 HTTP/1.1
Host: pruject-59cab-default-rtdb.firebaseio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ebanking-ch3-ubs-a3ab0.web.app
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5fmiViFwPQMijJXsccUiuA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Fri, 09 Jun 2023 23:10:46 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KQq6Hz7Gi00CApHy81hMwaY90Ko=
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
ipinfo.io/json?token=3737089960275b
34.117.59.81200 OK 235 B URL GET HTTP/2 ipinfo.io/json?token=3737089960275b
IP 34.117.59.81:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerLet's Encrypt
Subjectipinfo.io
FingerprintD2:82:34:B2:7C:F8:FE:41:A2:CD:69:1B:EF:51:26:96:C8:FA:C0:0D
ValidityThu, 11 May 2023 10:06:55 GMT - Wed, 09 Aug 2023 10:06:54 GMT
File type ASCII text, with no line terminators
Hash fc3217427902c9d7e1607f4eeb591f40
4a32850eb343b1cf131be3e42ab7c34241cb7122
78964a753916108687aded83c84c516a3e5ad0b3078a7780f28175bcd80df92f
GET /json?token=3737089960275b HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
Origin: https://ebanking-ch3-ubs-a3ab0.web.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: application/json; charset=utf-8
date: Fri, 09 Jun 2023 23:10:45 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unpkg.com/axios@1.4.0/dist/axios.min.js
104.16.126.175200 OK 32 kB URL GET HTTP/2 unpkg.com/axios@1.4.0/dist/axios.min.js
IP 104.16.126.175:443
Requested by https://ebanking-ch3-ubs-a3ab0.web.app/login.html?session=QKAN99gXSP5NUsVUrWB8TO0dKV3N4NF97JHUg9zPrhzEh6T5Wf6A4pV4FgWT4c8MdUkIVryAywh28TQbwc4xRq6ovG1FuaGcVe&auth=5a314a02-c5fb-42e9-8214-902aaa7a9b79
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (31803)
Hash 6470a918ba1fd4b8d0882df0269ddb82
97814fdab64aa7d1b30f082f9eb272d4b1ce18a2
fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e
GET /axios@1.4.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ebanking-ch3-ubs-a3ab0.web.app/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 23:10:45 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7c62-l4FP2rZKp9GzDwgvnrJy1LHOGKI"
via: 1.1 fly.io
fly-request-id: 01GZP8TZEXW4PFCT61FHX2WRTS-fra
cf-cache-status: HIT
age: 3051337
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4d0cbe8b6e0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2