rebirthnolafilm.learningmatters.tv Open in urlscan Pro
209.188.94.160  Malicious Activity! Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response rebirthnolafilm.learningmatters.tv/bluewin.ch/	10 KB 10 KB	616ms 132ms	Document text/html	209.188.94.160 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.188.94.160 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS Software Apache / PHP/5.2.17 Resource Hash d3909dcecd9e7c1f04266c6a7a8eb12b33b7d6b32577a93522238b20dfbf97a7 Request headers Host rebirthnolafilm.learningmatters.tv Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Date Fri, 03 Apr 2020 12:48:53 GMT Server Apache X-Powered-By PHP/5.2.17 Keep-Alive timeout=2, max=500 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	sdx.min.css login.sso.bluewin.ch/resources/sdx/css/	307 KB 39 KB	149ms 44ms	Stylesheet text/css	195.186.145.195 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://login.sso.bluewin.ch/resources/sdx/css/sdx.min.css Requested by Host: rebirthnolafilm.learningmatters.tv URL: https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.145.195 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash e0bc3a627d23f2f2e1467bb520cf1a686a8b0e7ef12589e3e0aede4c350ad67e Security Headers Name Value X-Frame-Options DENY Request headers Referer https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Fri, 03 Apr 2020 12:48:53 GMT Content-Encoding gzip Last-Modified Thu, 06 Feb 2020 21:44:30 GMT X-Frame-Options DENY ETag "0217967edc09636702f6952b67a33fdec" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=10000, must-revalidate Connection close Content-Length 39311 Expires Fri, 03 Apr 2020 15:35:33 GMT
GET H/1.1	200 OK	nwmain.css login.sso.bluewin.ch/resources/styles/	10 KB 3 KB	141ms 35ms	Stylesheet text/css	195.186.145.195 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://login.sso.bluewin.ch/resources/styles/nwmain.css Requested by Host: rebirthnolafilm.learningmatters.tv URL: https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.145.195 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash 8c236766f23c140010dd8da2f231017bdd9d46293b6b75cd10e584638d9a4319 Security Headers Name Value X-Frame-Options DENY Request headers Referer https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Fri, 03 Apr 2020 12:48:53 GMT Content-Encoding gzip Last-Modified Thu, 06 Feb 2020 21:52:08 GMT X-Frame-Options DENY ETag "05d39be5a1d584702c0a01d63bc033a7d" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=10000, must-revalidate Connection close Content-Length 2835 Expires Fri, 03 Apr 2020 15:35:33 GMT
GET H/1.1	200 OK	webmail.png login.sso.bluewin.ch/resources/images/relying-party/	562 B 1 KB	136ms 31ms	Image image/png	195.186.145.195 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Show image Full URL https://login.sso.bluewin.ch/resources/images/relying-party/webmail.png Requested by Host: rebirthnolafilm.learningmatters.tv URL: https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.145.195 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash f07b8927a11190e0d9988dd003bb5079a5905678ad8951eb424ab7c71dcaba33 Security Headers Name Value X-Frame-Options DENY Request headers Referer https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Fri, 03 Apr 2020 12:48:53 GMT Last-Modified Thu, 06 Feb 2020 21:44:29 GMT ETag "02a6185f01f8bdc7147d221fd776e534d" X-Frame-Options DENY Content-Type image/png Cache-Control max-age=10000, must-revalidate Connection close Content-Length 562 Expires Fri, 03 Apr 2020 15:35:33 GMT
GET H/1.1	200 OK	all.js Show response login.sso.bluewin.ch/resources/scripts/	103 KB 35 KB	141ms 36ms	Script text/javascript	195.186.145.195 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://login.sso.bluewin.ch/resources/scripts/all.js Requested by Host: rebirthnolafilm.learningmatters.tv URL: https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.145.195 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash b7312452dac2d97e4e51b8bb0af9f6750b35866186178b7b5ef0975e942068c9 Security Headers Name Value X-Frame-Options DENY Request headers Referer https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Fri, 03 Apr 2020 12:48:53 GMT Content-Encoding gzip Last-Modified Thu, 06 Feb 2020 21:52:08 GMT X-Frame-Options DENY ETag "033d2b6fede1d941831778952b0513d2f" Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=10000, must-revalidate Connection close Content-Length 35322 Expires Fri, 03 Apr 2020 15:35:33 GMT
GET H/1.1	200 OK	critical.js Show response login.sso.bluewin.ch/resources/scripts/	17 KB 7 KB	139ms 34ms	Script text/javascript	195.186.145.195 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://login.sso.bluewin.ch/resources/scripts/critical.js Requested by Host: rebirthnolafilm.learningmatters.tv URL: https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.145.195 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash 8390fbc9533f4baba09fc5d92999ce77139e089c02991fd4e006f8ac19f1b9dc Security Headers Name Value X-Frame-Options DENY Request headers Referer https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Fri, 03 Apr 2020 12:48:53 GMT Content-Encoding gzip Last-Modified Thu, 06 Feb 2020 21:52:08 GMT X-Frame-Options DENY ETag "0255cb71b1abccfa446b1b85c856ca1a6" Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=10000, must-revalidate Connection close Content-Length 6521 Expires Fri, 03 Apr 2020 15:35:33 GMT
GET H/1.1	200 OK	sdx.min.js Show response login.sso.bluewin.ch/resources/sdx/js/	339 KB 92 KB	145ms 40ms	Script text/javascript	195.186.145.195 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://login.sso.bluewin.ch/resources/sdx/js/sdx.min.js Requested by Host: rebirthnolafilm.learningmatters.tv URL: https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.145.195 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash d60a1bb4c61997e05a638eabb41e8356dac43c6c5bd46d07230f3d5b7a828829 Security Headers Name Value X-Frame-Options DENY Request headers Referer https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Fri, 03 Apr 2020 12:48:53 GMT Content-Encoding gzip Last-Modified Thu, 06 Feb 2020 21:44:29 GMT X-Frame-Options DENY ETag "04dd6cf73a7d00775056fafd6810fb4b2" Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=10000, must-revalidate Transfer-Encoding chunked Connection close Expires Fri, 03 Apr 2020 15:35:33 GMT
GET H/1.1	200 OK	Logo_Lifeform.png login.sso.bluewin.ch/resources/images/	3 KB 4 KB	82ms 34ms	Image image/png	195.186.145.195 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Show image Full URL https://login.sso.bluewin.ch/resources/images/Logo_Lifeform.png Requested by Host: rebirthnolafilm.learningmatters.tv URL: https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.145.195 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash aea14de2f15479f33a2cdfab1cdf996596cd10de05d4c2f1f5137ad1f16a2d4c Security Headers Name Value X-Frame-Options DENY Request headers Referer https://login.sso.bluewin.ch/resources/styles/nwmain.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Fri, 03 Apr 2020 12:48:53 GMT Last-Modified Thu, 06 Feb 2020 21:52:08 GMT ETag "0fc6476552b76aa3c16cc1ea908dda205" X-Frame-Options DENY Content-Type image/png Cache-Control max-age=10000, must-revalidate Connection close Content-Length 3440 Expires Fri, 03 Apr 2020 15:35:33 GMT
GET		TheSansB_400_.woff2 login.sso.bluewin.ch/resources/sdx/fonts/TheSans/	0 0
GET H/1.1	200 OK	lifeform-spritesheet.png login.sso.bluewin.ch/resources/sdx/images/	38 KB 38 KB	80ms 31ms	Image image/png	195.186.145.195 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Show image Full URL https://login.sso.bluewin.ch/resources/sdx/images/lifeform-spritesheet.png Requested by Host: rebirthnolafilm.learningmatters.tv URL: https://rebirthnolafilm.learningmatters.tv/bluewin.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.145.195 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash f9adb57dca9cbd2514ed249714b613d65e78a81cadda2882679a9672c812d25e Security Headers Name Value X-Frame-Options DENY Request headers Referer https://login.sso.bluewin.ch/resources/sdx/css/sdx.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Fri, 03 Apr 2020 12:48:53 GMT Last-Modified Thu, 06 Feb 2020 21:52:08 GMT ETag "0db5b9234be03de8612bb31c38e09fcf7" X-Frame-Options DENY Content-Type image/png Cache-Control max-age=10000, must-revalidate Connection close Content-Length 38448 Expires Fri, 03 Apr 2020 15:35:33 GMT
GET		TheSansB_600_.woff2 login.sso.bluewin.ch/resources/sdx/fonts/TheSans/	0 0
GET		TheSansB_300_.woff2 login.sso.bluewin.ch/resources/sdx/fonts/TheSans/	0 0
GET		sdx-icons.woff2 login.sso.bluewin.ch/resources/sdx/fonts/sdx-icons/	0 0
GET		TheSansB_400_.woff login.sso.bluewin.ch/resources/sdx/fonts/TheSans/	0 0
GET		TheSansB_600_.woff login.sso.bluewin.ch/resources/sdx/fonts/TheSans/	0 0
GET		sdx-icons.woff login.sso.bluewin.ch/resources/sdx/fonts/sdx-icons/	0 0
GET		TheSansB_300_.woff login.sso.bluewin.ch/resources/sdx/fonts/TheSans/	0 0
GET		TheSansB_400_.ttf login.sso.bluewin.ch/resources/sdx/fonts/TheSans/	0 0
GET		TheSansB_600_.ttf login.sso.bluewin.ch/resources/sdx/fonts/TheSans/	0 0
GET		sdx-icons.ttf login.sso.bluewin.ch/resources/sdx/fonts/sdx-icons/	0 0
GET		TheSansB_300_.ttf login.sso.bluewin.ch/resources/sdx/fonts/TheSans/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

login.sso.bluewin.ch

URL

https://login.sso.bluewin.ch/resources/sdx/fonts/TheSans/TheSansB_400_.woff2

Domain

login.sso.bluewin.ch

URL

https://login.sso.bluewin.ch/resources/sdx/fonts/TheSans/TheSansB_600_.woff2

Domain

login.sso.bluewin.ch

URL

https://login.sso.bluewin.ch/resources/sdx/fonts/TheSans/TheSansB_300_.woff2

Domain

login.sso.bluewin.ch

URL

https://login.sso.bluewin.ch/resources/sdx/fonts/sdx-icons/sdx-icons.woff2

Domain

login.sso.bluewin.ch

URL

https://login.sso.bluewin.ch/resources/sdx/fonts/TheSans/TheSansB_400_.woff

Domain

login.sso.bluewin.ch

URL

https://login.sso.bluewin.ch/resources/sdx/fonts/TheSans/TheSansB_600_.woff

Domain

login.sso.bluewin.ch

URL

https://login.sso.bluewin.ch/resources/sdx/fonts/sdx-icons/sdx-icons.woff

Domain

login.sso.bluewin.ch

URL

https://login.sso.bluewin.ch/resources/sdx/fonts/TheSans/TheSansB_300_.woff

Domain

login.sso.bluewin.ch

URL

https://login.sso.bluewin.ch/resources/sdx/fonts/TheSans/TheSansB_400_.ttf

Domain

login.sso.bluewin.ch

URL

https://login.sso.bluewin.ch/resources/sdx/fonts/TheSans/TheSansB_600_.ttf

Domain

login.sso.bluewin.ch

URL

https://login.sso.bluewin.ch/resources/sdx/fonts/sdx-icons/sdx-icons.ttf

Domain

login.sso.bluewin.ch

URL

https://login.sso.bluewin.ch/resources/sdx/fonts/TheSans/TheSansB_300_.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swisscom (Telecommunication)

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| handleSelect boolean| Ba object| webfont object| WebFont object| __core-js_shared__ object| Modernizr function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| flatpickr object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| sdx object| PubSub

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.sso.bluewin.ch
rebirthnolafilm.learningmatters.tv
login.sso.bluewin.ch
195.186.145.195
209.188.94.160
8390fbc9533f4baba09fc5d92999ce77139e089c02991fd4e006f8ac19f1b9dc
8c236766f23c140010dd8da2f231017bdd9d46293b6b75cd10e584638d9a4319
aea14de2f15479f33a2cdfab1cdf996596cd10de05d4c2f1f5137ad1f16a2d4c
b7312452dac2d97e4e51b8bb0af9f6750b35866186178b7b5ef0975e942068c9
d3909dcecd9e7c1f04266c6a7a8eb12b33b7d6b32577a93522238b20dfbf97a7
d60a1bb4c61997e05a638eabb41e8356dac43c6c5bd46d07230f3d5b7a828829
e0bc3a627d23f2f2e1467bb520cf1a686a8b0e7ef12589e3e0aede4c350ad67e
f07b8927a11190e0d9988dd003bb5079a5905678ad8951eb424ab7c71dcaba33
f9adb57dca9cbd2514ed249714b613d65e78a81cadda2882679a9672c812d25e