spcweb.ch
Open in
urlscan Pro
193.246.45.219
Malicious Activity!
Public Scan
Effective URL: https://spcweb.ch/Authentication/Login
Submission: On October 08 via manual from US
Summary
TLS certificate: Issued by SwissSign Server Gold CA 2014 - G22 on April 5th 2017. Valid for: 3 years.
This is the only time spcweb.ch was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swiss Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 28 | 193.246.45.219 193.246.45.219 | 12429 (CYBERNET-) (CYBERNET-) | |
26 | 1 |
Domain | Requested by | |
---|---|---|
28 | spcweb.ch |
2 redirects
spcweb.ch
|
26 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
identity.spcweb.ch |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.spcweb.ch SwissSign Server Gold CA 2014 - G22 |
2017-04-05 - 2020-04-05 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://spcweb.ch/Authentication/Login
Frame ID: 4766F9316B192622B2ECC85AFC727E1E
Requests: 26 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://spcweb.ch/
HTTP 302
https://spcweb.ch/ HTTP 302
https://spcweb.ch/Authentication/Login Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /IIS(?:\/([\d.]+))?/i
- html /<input[^>]+name="__VIEWSTATE/i
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
IIS (Web Servers) Expand
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
- html /<input[^>]+name="__VIEWSTATE/i
Moment.js (JavaScript Libraries) Expand
Detected patterns
- env /^moment$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Passwort vergessen?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://spcweb.ch/
HTTP 302
https://spcweb.ch/ HTTP 302
https://spcweb.ch/Authentication/Login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Login
spcweb.ch/Authentication/ Redirect Chain
|
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
28 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
69 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
106 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
19 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
34 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eos.min.css
spcweb.ch/Content/ |
235 KB 60 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
public-access.min.css
spcweb.ch/Content/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MsAjaxJs
spcweb.ch/bundles/ |
142 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebFormsJs
spcweb.ch/bundles/ |
60 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eos.min.js
spcweb.ch/Scripts/ |
672 KB 252 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login.min.js
spcweb.ch/users/authentication/ |
547 B 847 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
179 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
137 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
37 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
1 KB 784 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
4 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
80 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
27 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
21 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DXR.axd
spcweb.ch/ |
43 B 367 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
post-de.svg
spcweb.ch/Content/img/logos/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
spcweb.ch/fonts/ |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swiss Post (Transportation)220 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| theForm function| __doPostBack function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $removeHandler function| $get function| $find function| $addHandler function| $addHandlers function| $clearHandlers function| Type object| Sys object| _events function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| GridView function| GridView_createPropertyString function| GridView_setStateValue function| GridView_OnCallback function| GridView_getHiddenFieldContents function| createPropertyStringFromValues_GridView function| DetailsView function| DetailsView_createPropertyString function| DetailsView_setStateValue function| DetailsView_OnCallback function| DetailsView_getHiddenFieldContents function| createPropertyStringFromValues_DetailsView function| TreeView_HoverNode function| TreeView_GetNodeText function| TreeView_PopulateNode function| TreeView_ProcessNodeData function| TreeView_SelectNode function| TreeView_ToggleNode function| TreeView_UnhoverNode function| Point function| __wpTranslateOffset function| __wpGetPageEventLocation function| __wpClearSelection function| WebPart function| WebPart_Dispose function| WebPart_OnMouseDown function| WebPart_OnDragStart function| WebPart_OnDrag function| WebPart_OnDragEnd function| WebPart_GetParentWebPartElement function| WebPart_UpdatePosition function| Zone function| Zone_Dispose function| Zone_OnDragEnter function| Zone_OnDragOver function| Zone_OnDrop function| Zone_GetParentZoneElement function| Zone_AddWebPart function| Zone_ToggleDropCues function| Zone_GetWebPartIndex function| Zone_UpdatePosition function| WebPartDragState function| WebPartMenu function| WebPartMenu_Dispose function| WebPartMenu_Show function| WebPartMenu_Hide function| WebPartMenu_Hover function| WebPartMenu_Unhover function| WebPartMenu_OnClick function| WebPartMenu_OnKeyPress function| WebPartMenu_OnMouseEnter function| WebPartMenu_OnMouseLeave function| WebPartManager function| WebPartManager_Dispose function| WebPartManager_AddZone function| WebPartManager_IsDragDropEnabled function| WebPartManager_DragDrop function| WebPartManager_InitiateWebPartDragDrop function| WebPartManager_CompleteWebPartDragDrop function| WebPartManager_ContinueWebPartDragDrop function| WebPartManager_Execute function| WebPartManager_ProcessWebPartDragEnter function| WebPartManager_ProcessWebPartDragOver function| WebPartManager_ProcessWebPartDrop function| WebPartManager_ShowHelp function| WebPartManager_ExportWebPart function| WebPartManager_UpdatePositions function| WebPartManager_SubmitPage object| __pendingCallbacks number| __synchronousCallBackIndex boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes object| __disabledControlArray string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes object| __wpm object| utils object| inputUtils object| ms_logout object| gb_mp_js object| controls_masterpage_menuv2 object| controls_generic_popupYesNo object| noty function| docWriteWrapper function| qzReady function| qzDonePrinting object| print_control function| ES6Promise function| $ function| jQuery function| moment function| Noty object| MsGlobalResources object| Login object| login object| ASPx object| dx object| ASPxClientUtils object| Ident function| AccessKeysHelper function| AccessKey object| CheckBoxCheckState object| CheckBoxInputKey function| ASPxClientEvent function| ASPxClientEventArgs function| ASPxClientCancelEventArgs function| ASPxClientProcessingModeEventArgs function| ASPxClientProcessingModeCancelEventArgs function| ASPxStateItem function| ASPxClientStateEventArgs function| ASPxStateController object| PagerCommands function| ASPxClientBeginCallbackEventArgs function| ASPxClientGlobalBeginCallbackEventArgs function| ASPxClientEndCallbackEventArgs function| ASPxClientGlobalEndCallbackEventArgs function| ASPxClientCallbackErrorEventArgs function| ASPxClientGlobalCallbackErrorEventArgs function| ASPxClientCustomDataCallbackEventArgs function| ASPxClientValidationCompletedEventArgs function| ASPxClientControlsInitializedEventArgs function| ASPxClientControlBeforePronounceEventArgs function| ASPxClientControlUnloadEventArgs function| ASPxClientControlCollection function| ASPxClientControlBase function| ASPxClientControl function| ASPxClientComponent function| ASPxClientLoadingPanel function| ASPxClientButton object| gb_mp_loadingPanel object| dynamicControlSiteMap_ctl00 object| dynamicControlSiteMap_ctl01 object| dynamicControlSiteMap_ctl02 object| dynamicControlSiteMap_ctl034 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
spcweb.ch/ | Name: eos_lang Value: de |
|
spcweb.ch/ | Name: eos_AntiXsrfToken Value: af4bf69affe840b7937de145c2b33110 |
|
spcweb.ch/ | Name: NSC_MCWT_80_IUUQ_QSPE_JJT Value: 5ccba3d85f64d7b87f7efdddaba6530ed98fd389c3e495ab72289fa96c19359991129ae9 |
|
spcweb.ch/ | Name: eos_session Value: lccerrk1xm4meui4ivuil3rd |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
spcweb.ch
193.246.45.219
081ade453ae3efce63b08d69b2ae70d27b3fcc32b479779f077d8c672dc0a66a
1dc915070a94d318e6b72545e6c5fa70a7b1803a52bae83e8888f319c0aec8be
1effd79a8eb03499cfa0da6ce36027be3c61025996bd37482c2bccd955e8ff38
2376b3fb29a48801958fee2786abc075331edfd30b26bed363c735fe9c4639f7
27016e408330c059633d9c72e4fd8f08df663f1f8b5c8f49d27ad01487d4a861
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
32c9a28ac5f00c00572f55bc82d20640b1c6bac4683e4a325b4748d0ee8fca3e
3810463d880b90bf9141b99b590e6ccb0649a0048e7e5916d4da5d1dadb39023
4131c1dcc7acb3e1b36daf153fa3dcbdac2b1c98e99da460822b5aed6a6e2d07
46717ddb131beab8385f44590b719c618e1ff42f9ab47d9de485149b3b96c19f
52fed3ca6ff5308a203b99024c43b4def45501c420e6f0da40ae5e6cb07b5d4d
594e60989897c3fe7e623be3e586d11d1e80d5288270d9604ab2b492d79cbcc9
5c380ee495014679f6ee643378f1c9efedd8d52198f0e84af34faf32d9f90316
5d6d7d3121c7b33b703a9097e2aba366cb895c846ffb4bfdd58f1329f667e26d
60f8a6d7acda84983c96c2d5b13b8aa58b1a8cc799559d4b26219c1146c3267f
676138dd026d3e35d6db9c389404a7283afa58dbae83b6b2e17f1ec7d2978bc5
6d2cc8f8d9aebed1f8c9a9178b1893b0fd6dc4e1de429807be366a8b6f22400d
7932ecd92be0a8928c26016cc6dfd9a5bfe57065b3a65c91475b0814871f4b61
99caecb8475a08fc86c812cf804ddc904f6e6d3fd1591848a09f2413952f2a97
a32f05958f5d29e9992c3240cdc418c2d50fd52ab69a0debbc64fd054d47847a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c33d2eeb46f41ebdccc2b62b178a76466645fc91a640c3e718a9999a6b4b9965
d43fd2b0245d8d0426ea35b6a706f47fb54f37382887a6ad93369ff5a1977d51
d55b0002d1f77312f928514e556c29254fab50bae1a96ac9e36b9c2979814384
f8380d63e195300f45079a8a2e9cbeb002cdb34cbb474db2da30cd10b5f4ff23
f88e204442b663aaaf431af0cabb841548f527e00e9517e0da72a6a26bcacbb5