swiss-passapp.web.app Open in urlscan Pro
2620:0:890::100  Malicious Activity! Public Scan

Submitted URL: https://webmaremma.clickacumba.com/url/ver/647514802/2675395/a6b99ab1e
Effective URL: https://swiss-passapp.web.app/
Submission: On May 13 via manual from RO — Scanned from ES

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 24 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is swiss-passapp.web.app.
TLS certificate: Issued by GTS CA 1D4 on March 21st 2024. Valid for: 3 months.
This is the only time swiss-passapp.web.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Schweizerische Bundesbahnen (Transportation)

Domain & IP information

IP Address AS Autonomous System
2 2 185.2.150.180 29119 (SERVIHOST...)
2 164.68.101.172 51167 (CONTABO)
6 2620:0:890::100 54113 (FASTLY)
1 18.158.93.196 16509 (AMAZON-02)
6 135.181.88.158 24940 (HETZNER-AS)
1 51.77.64.70 16276 (OVH)
6 199.36.158.100 54113 (FASTLY)
2 34.117.33.233 396982 (GOOGLE-CL...)
24 7
Apex Domain
Subdomains
Transfer
12 web.app
swiss-passapp.web.app
326 KB
6 liplosavar.online
liplosavar.online
2 KB
2 replit.app
milenapp.replit.app
129 B
2 bycsac.com
www.bycsac.com
960 B
2 clickacumba.com
webmaremma.clickacumba.com
472 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6182
350 B
1 sbb.ch
cdn.app.sbb.ch — Cisco Umbrella Rank: 408889
14 KB
24 7
Domain Requested by
12 swiss-passapp.web.app swiss-passapp.web.app
6 liplosavar.online swiss-passapp.web.app
2 milenapp.replit.app swiss-passapp.web.app
2 www.bycsac.com
2 webmaremma.clickacumba.com 2 redirects
1 pro.ip-api.com swiss-passapp.web.app
1 cdn.app.sbb.ch swiss-passapp.web.app
24 7

This site contains no links.

Subject Issuer Validity Valid
bycsac.com
cPanel, Inc. Certification Authority
2024-04-19 -
2024-07-18
3 months crt.sh
web.app
GTS CA 1D4
2024-03-21 -
2024-06-19
3 months crt.sh
*.app.sbb.ch
Amazon RSA 2048 M02
2023-08-16 -
2024-09-13
a year crt.sh
liplosavar.online
R3
2024-05-08 -
2024-08-06
3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-21 -
2025-01-20
a year crt.sh
replit.app
GTS CA 1D4
2024-04-18 -
2024-07-17
3 months crt.sh

This page contains 1 frames:

Primary Page: https://swiss-passapp.web.app/
Frame ID: 43E176AB91B51BCA10F6546E5BD6B5B9
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

swisspass

Page URL History Show full URLs

  1. https://webmaremma.clickacumba.com/url/ver/647514802/2675395/a6b99ab1e HTTP 301
    https://webmaremma.clickacumba.com/url/ver/647514802/2675395/a6b99ab1e/ HTTP 301
    https://www.bycsac.com/ch.html?utm_campaign=ea&utm_medium=email&utm_source=acumbamail Page URL
  2. https://swiss-passapp.web.app/ Page URL

Page Statistics

24
Requests

100 %
HTTPS

13 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

344 kB
Transfer

926 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://webmaremma.clickacumba.com/url/ver/647514802/2675395/a6b99ab1e HTTP 301
    https://webmaremma.clickacumba.com/url/ver/647514802/2675395/a6b99ab1e/ HTTP 301
    https://www.bycsac.com/ch.html?utm_campaign=ea&utm_medium=email&utm_source=acumbamail Page URL
  2. https://swiss-passapp.web.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://webmaremma.clickacumba.com/url/ver/647514802/2675395/a6b99ab1e HTTP 301
  • https://webmaremma.clickacumba.com/url/ver/647514802/2675395/a6b99ab1e/ HTTP 301
  • https://www.bycsac.com/ch.html?utm_campaign=ea&utm_medium=email&utm_source=acumbamail

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
ch.html
www.bycsac.com/
Redirect Chain
  • https://webmaremma.clickacumba.com/url/ver/647514802/2675395/a6b99ab1e
  • https://webmaremma.clickacumba.com/url/ver/647514802/2675395/a6b99ab1e/
  • https://www.bycsac.com/ch.html?utm_campaign=ea&utm_medium=email&utm_source=acumbamail
532 B
774 B
Document
General
Full URL
https://www.bycsac.com/ch.html?utm_campaign=ea&utm_medium=email&utm_source=acumbamail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.68.101.172 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-172.club-soluciones.com
Software
Apache /
Resource Hash
a6c075d9a74e1e649b112d4f61d0b367a1be51c278418c8d1d281f8346614dd7

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
532
Content-Type
text/html
Date
Mon, 13 May 2024 14:33:22 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Mon, 13 May 2024 08:18:36 GMT
Server
Apache

Redirect headers

content-language
es
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 13 May 2024 14:33:22 GMT
location
https://www.bycsac.com/ch.html?utm_campaign=ea&utm_medium=email&utm_source=acumbamail
server
nginx
strict-transport-security
max-age=31536000; preload
vary
Accept-Language, Origin, Cookie
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1
favicon.ico
www.bycsac.com/
0
186 B
Other
General
Full URL
https://www.bycsac.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
164.68.101.172 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
ip-172.club-soluciones.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.bycsac.com/ch.html?utm_campaign=ea&utm_medium=email&utm_source=acumbamail
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 13 May 2024 14:33:22 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
0
Content-Type
text/html; charset=UTF-8
Primary Request /
swiss-passapp.web.app/
7 KB
2 KB
Document
General
Full URL
https://swiss-passapp.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ee9991570e490a2cb3242afad278d8b8345e4ca36690e166ab64c7878ad52a2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
es-ES,es;q=0.9;q=0.9
Referer
https://www.bycsac.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
1290
content-type
text/html; charset=utf-8
date
Mon, 13 May 2024 14:33:23 GMT
etag
"15270c7ef9fb34a19a89b1213cad1bab15d41b3f7ded426fb9d2dcbceb76b3db-br"
last-modified
Wed, 01 May 2024 13:44:32 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mad2200130-MAD
x-timer
S1715610803.481182,VS0,VE1
styles.ef46db3751d8e999.css
swiss-passapp.web.app/
0
115 B
Stylesheet
General
Full URL
https://swiss-passapp.web.app/styles.ef46db3751d8e999.css
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://swiss-passapp.web.app/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad2200130-MAD
strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Mon, 13 May 2024 14:33:23 GMT
last-modified
Wed, 01 May 2024 13:44:32 GMT
x-timer
S1715610804.528020,VS0,VE1
etag
"46b50c321b39e89a491b6727a01628c34245605a30beb3e7414c5e01cff90e6e"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
0
x-cache-hits
0
runtime.5fd48c23a7d8a3ed.js
swiss-passapp.web.app/
1 KB
749 B
Script
General
Full URL
https://swiss-passapp.web.app/runtime.5fd48c23a7d8a3ed.js
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dff0bbd685c223a9066dbc6125e4e7d57bf50655d9c0106d0db4884e22d88335
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://swiss-passapp.web.app/
Origin
https://swiss-passapp.web.app
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad2200130-MAD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Mon, 13 May 2024 14:33:23 GMT
last-modified
Wed, 01 May 2024 13:44:32 GMT
x-timer
S1715610804.527957,VS0,VE1
etag
"9ee54c8b04399c89691942ac9aca66082d07c7cc1ac6d2e4abd0e10f494c42f0-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
615
x-cache-hits
0
polyfills.6ce76607880d8275.js
swiss-passapp.web.app/
33 KB
11 KB
Script
General
Full URL
https://swiss-passapp.web.app/polyfills.6ce76607880d8275.js
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30c26a933505f444c641686e747d631f1c2e354ba5affbe9ce38db5f1daf4ccb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://swiss-passapp.web.app/
Origin
https://swiss-passapp.web.app
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad2200130-MAD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Mon, 13 May 2024 14:33:23 GMT
last-modified
Wed, 01 May 2024 13:44:32 GMT
x-timer
S1715610804.528350,VS0,VE1
etag
"69c5de05f7b93e54fb0ffafd5510b984f75bbcb5c201814342684dd83ee011d2-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10874
x-cache-hits
0
main.240722439b46d78a.js
swiss-passapp.web.app/
335 KB
81 KB
Script
General
Full URL
https://swiss-passapp.web.app/main.240722439b46d78a.js
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2895bfc5720af70df5110580fbd7c43d611cc9f77aa5852a1e9eb16b093ee91c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://swiss-passapp.web.app/
Origin
https://swiss-passapp.web.app
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad2200130-MAD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Mon, 13 May 2024 14:33:23 GMT
last-modified
Wed, 01 May 2024 13:44:32 GMT
x-timer
S1715610804.528353,VS0,VE1
etag
"2d73713a4f49f877203940f00d44d82a5c5d5d6524af9aca8bddbc8984ca5e6f-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
83065
x-cache-hits
0
sso.css
swiss-passapp.web.app/assets/
198 KB
20 KB
Stylesheet
General
Full URL
https://swiss-passapp.web.app/assets/sso.css
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
213998ea48d3d9f8bfd089fafaf2ce0bf367a0395a8dfd8c1a3f54e486985106
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://swiss-passapp.web.app/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad2200130-MAD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Mon, 13 May 2024 14:33:23 GMT
last-modified
Wed, 01 May 2024 13:44:32 GMT
x-timer
S1715610804.537724,VS0,VE2
etag
"b9db0f6ce6841d85c13b65ab7c3770371fe7a5ebef49721cfaf3f608e5c9baf1-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
19966
x-cache-hits
0
SBBWeb-Light.woff2
cdn.app.sbb.ch/fonts/v1_6_subset/
14 KB
14 KB
Font
General
Full URL
https://cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Light.woff2
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.93.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-93-196.eu-central-1.compute.amazonaws.com
Software
nginx/1.25.5 /
Resource Hash
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://swiss-passapp.web.app/
Origin
https://swiss-passapp.web.app
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 14:33:23 GMT
content-encoding
br
last-modified
Wed, 31 Jan 2024 10:14:44 GMT
server
nginx/1.25.5
etag
W/"65ba1d94-3784"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000, public, private
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
expires
Tue, 13 May 2025 14:33:23 GMT
/
liplosavar.online/socket.io/
97 B
388 B
XHR
General
Full URL
https://liplosavar.online/socket.io/?EIO=4&transport=polling&t=OzoNrt3
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/polyfills.6ce76607880d8275.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
135.181.88.158 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.88.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c3e4933e8f230f5cccaa0c5456b35294e0caddb99216951cbac27522df0a8d28

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
*/*
Referer
https://swiss-passapp.web.app/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://swiss-passapp.web.app
Date
Mon, 13 May 2024 14:33:23 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
/
pro.ip-api.com/json/
194 B
350 B
XHR
General
Full URL
https://pro.ip-api.com/json/?key=I8h97HB1QkUVKV0&fields=status,message,country,countryCode,timezone,currency,isp,mobile,proxy,hosting,query
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/polyfills.6ce76607880d8275.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
1d26c13986ad8d5cacc1120d597b4fa629a4c60fda91cd14adacbadffa812656

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://swiss-passapp.web.app/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 13 May 2024 14:33:23 GMT
Content-Length
194
Content-Type
application/json; charset=utf-8
logo-20200819.png
swiss-passapp.web.app/assets/
3 KB
2 KB
Image
General
Full URL
https://swiss-passapp.web.app/assets/logo-20200819.png
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3397660196a35ebb826091bedd3ec322aa58c0e9c4e439eb17d0db3f0259cb9c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://swiss-passapp.web.app/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad2200139-MAD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Mon, 13 May 2024 14:33:23 GMT
last-modified
Wed, 01 May 2024 13:44:32 GMT
x-timer
S1715610804.676237,VS0,VE1
etag
"d3788cef68d83b08ab610507af40ed2a1620ce8ed6516bb6769c7944b002bce5-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1953
x-cache-hits
0
favicon.ico
swiss-passapp.web.app/
1 KB
487 B
Other
General
Full URL
https://swiss-passapp.web.app/favicon.ico
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://swiss-passapp.web.app/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad2200139-MAD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Mon, 13 May 2024 14:33:23 GMT
last-modified
Wed, 01 May 2024 13:44:32 GMT
x-timer
S1715610804.842846,VS0,VE1
etag
"a1c4bac984d1742493fe67c55c528bebd5b1db85e4afac0bd7027735bc225bee-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/x-icon
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
154
x-cache-hits
0
/
liplosavar.online/socket.io/
2 B
277 B
XHR
General
Full URL
https://liplosavar.online/socket.io/?EIO=4&transport=polling&t=OzoNryG&sid=OivlZxsL8jSdpUaxACMD
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/polyfills.6ce76607880d8275.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
135.181.88.158 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.88.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
text/plain;charset=UTF-8
Accept
*/*
Referer
https://swiss-passapp.web.app/
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://swiss-passapp.web.app
Date
Mon, 13 May 2024 14:33:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
/
liplosavar.online/socket.io/
32 B
323 B
XHR
General
Full URL
https://liplosavar.online/socket.io/?EIO=4&transport=polling&t=OzoNryG.0&sid=OivlZxsL8jSdpUaxACMD
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/polyfills.6ce76607880d8275.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
135.181.88.158 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.88.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0218bc85713b56f7a20fac7ddfdf10cf0e472e905a7c70ba8f8496e5cfadedd1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
*/*
Referer
https://swiss-passapp.web.app/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://swiss-passapp.web.app
Date
Mon, 13 May 2024 14:33:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
/
liplosavar.online/socket.io/
1 B
291 B
XHR
General
Full URL
https://liplosavar.online/socket.io/?EIO=4&transport=polling&t=OzoNr_R&sid=OivlZxsL8jSdpUaxACMD
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/polyfills.6ce76607880d8275.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
135.181.88.158 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.88.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
*/*
Referer
https://swiss-passapp.web.app/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://swiss-passapp.web.app
Date
Mon, 13 May 2024 14:33:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
/
liplosavar.online/socket.io/
2 B
277 B
XHR
General
Full URL
https://liplosavar.online/socket.io/?EIO=4&transport=polling&t=OzoNr_R.0&sid=OivlZxsL8jSdpUaxACMD
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/polyfills.6ce76607880d8275.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
135.181.88.158 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.88.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
text/plain;charset=UTF-8
Accept
*/*
Referer
https://swiss-passapp.web.app/
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://swiss-passapp.web.app
Date
Mon, 13 May 2024 14:33:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
/
liplosavar.online/socket.io/
1 B
291 B
XHR
General
Full URL
https://liplosavar.online/socket.io/?EIO=4&transport=polling&t=OzoNs0x&sid=OivlZxsL8jSdpUaxACMD
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/polyfills.6ce76607880d8275.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
135.181.88.158 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.158.88.181.135.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
*/*
Referer
https://swiss-passapp.web.app/
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://swiss-passapp.web.app
Date
Mon, 13 May 2024 14:33:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
t1
milenapp.replit.app/
0
0
Preflight
General
Full URL
https://milenapp.replit.app/t1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.233 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
233.33.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authi,content-type,country,ip,p
Access-Control-Request-Method
POST
Origin
https://swiss-passapp.web.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authi, content-type, country, ip, p
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://swiss-passapp.web.app
allow
OPTIONS, POST
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 13 May 2024 14:33:24 GMT
server
Google Frontend
strict-transport-security
max-age=63072000; includeSubDomains
vary
Origin
via
1.1 google
x-cloud-trace-context
cc74c92f43e02e795c226cefd81d2e56;o=1
t1
milenapp.replit.app/
27 B
129 B
XHR
General
Full URL
https://milenapp.replit.app/t1
Requested by
Host: swiss-passapp.web.app
URL: https://swiss-passapp.web.app/polyfills.6ce76607880d8275.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.233 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
233.33.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5f6460deee3577b43cf7564a115c806f05eaf9ddbf8e7c4fc698011f21eb4338
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
*/*
Referer
https://swiss-passapp.web.app/
authi
SA4784
p
4
country
ip
146.70.74.102
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 14:33:25 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
server
Google Frontend
vary
Origin
content-type
application/json
access-control-allow-origin
https://swiss-passapp.web.app
x-cloud-trace-context
43c0ef591429acdbcd6ea43e587d1ac1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27
logo.png
swiss-passapp.web.app/assets/
548 B
863 B
Image
General
Full URL
https://swiss-passapp.web.app/assets/logo.png
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f2f0d94a5141a75ef227f2699b6a43588741ede3edd2fe2d075a65b3d413b2f8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://swiss-passapp.web.app/swiss
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad2200139-MAD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Mon, 13 May 2024 14:33:26 GMT
last-modified
Wed, 01 May 2024 13:44:32 GMT
x-timer
S1715610807.507761,VS0,VE1
etag
"16eb10617b09e173cb4c14c8cbadbbf65010de7bbb272b25b8072e3b057dc0b6-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
541
x-cache-hits
0
logo_text_de-20200819.svg
swiss-passapp.web.app/assets/
137 KB
13 KB
Image
General
Full URL
https://swiss-passapp.web.app/assets/logo_text_de-20200819.svg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://swiss-passapp.web.app/swiss
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad2200139-MAD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Mon, 13 May 2024 14:33:26 GMT
last-modified
Wed, 01 May 2024 13:44:32 GMT
x-timer
S1715610807.507756,VS0,VE1
etag
"4e247643ec4bd34e8164a7591efb38c00d6aab78bb5751c9fa733535007d070f-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12644
x-cache-hits
0
login_bg.jpg
swiss-passapp.web.app/assets/
196 KB
196 KB
Image
General
Full URL
https://swiss-passapp.web.app/assets/login_bg.jpg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58a037c0bde953b48561826f3df16031f7ddfce33c4018619d3f39c6af6eec1b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://swiss-passapp.web.app/swiss
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad2200139-MAD
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
date
Mon, 13 May 2024 14:33:26 GMT
last-modified
Wed, 01 May 2024 13:44:32 GMT
x-timer
S1715610807.507730,VS0,VE1
etag
"a9a5d20ec79d2eaaed380db9faccf22b2abf382dd8ed2c971b4e0b83fb252851"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
200523
x-cache-hits
0
favicon.ico
swiss-passapp.web.app/
1 KB
0
Other
General
Full URL
https://swiss-passapp.web.app/favicon.ico
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://swiss-passapp.web.app/swiss
Accept-Language
es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad2200139-MAD
date
Mon, 13 May 2024 14:33:23 GMT
content-encoding
br
last-modified
Wed, 01 May 2024 13:44:32 GMT
x-timer
S1715610804.842846,VS0,VE1
etag
"a1c4bac984d1742493fe67c55c528bebd5b1db85e4afac0bd7027735bc225bee-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/x-icon
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
154
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Schweizerische Bundesbahnen (Transportation)

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| addSlashes function| formats function| numberValidation object| webpackChunknex_app function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched function| __zone_symbol__queueMicrotask object| __zone_symbol__pagehidefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__offlinefalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

0 Cookies

2 Console Messages

Source Level URL
Text
recommendation warning URL: https://swiss-passapp.web.app/swiss
Message:
[DOM] Found 2 elements with non-unique id #login_button: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://swiss-passapp.web.app/swiss
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.app.sbb.ch
liplosavar.online
milenapp.replit.app
pro.ip-api.com
swiss-passapp.web.app
webmaremma.clickacumba.com
www.bycsac.com
135.181.88.158
164.68.101.172
18.158.93.196
185.2.150.180
199.36.158.100
2620:0:890::100
34.117.33.233
51.77.64.70
0218bc85713b56f7a20fac7ddfdf10cf0e472e905a7c70ba8f8496e5cfadedd1
1d26c13986ad8d5cacc1120d597b4fa629a4c60fda91cd14adacbadffa812656
213998ea48d3d9f8bfd089fafaf2ce0bf367a0395a8dfd8c1a3f54e486985106
2895bfc5720af70df5110580fbd7c43d611cc9f77aa5852a1e9eb16b093ee91c
30c26a933505f444c641686e747d631f1c2e354ba5affbe9ce38db5f1daf4ccb
3397660196a35ebb826091bedd3ec322aa58c0e9c4e439eb17d0db3f0259cb9c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58a037c0bde953b48561826f3df16031f7ddfce33c4018619d3f39c6af6eec1b
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf
5f6460deee3577b43cf7564a115c806f05eaf9ddbf8e7c4fc698011f21eb4338
7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677
9ee9991570e490a2cb3242afad278d8b8345e4ca36690e166ab64c7878ad52a2
a6c075d9a74e1e649b112d4f61d0b367a1be51c278418c8d1d281f8346614dd7
c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07
c3e4933e8f230f5cccaa0c5456b35294e0caddb99216951cbac27522df0a8d28
dff0bbd685c223a9066dbc6125e4e7d57bf50655d9c0106d0db4884e22d88335
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
f2f0d94a5141a75ef227f2699b6a43588741ede3edd2fe2d075a65b3d413b2f8