service-login.sso.bluewin.ch
Open in
urlscan Pro
195.186.145.195
Malicious Activity!
Public Scan
Submission: On August 13 via manual from TW
Summary
TLS certificate: Issued by SwissSign Server Gold CA 2014 - G22 on April 6th 2020. Valid for: 2 years.
This is the only time service-login.sso.bluewin.ch was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swisscom (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 195.186.145.195 195.186.145.195 | 3303 (SWISSCOM ...) (SWISSCOM Swisscom (Switzerland) Ltd) | |
1 | 194.209.222.161 194.209.222.161 | 3303 (SWISSCOM ...) (SWISSCOM Swisscom (Switzerland) Ltd) | |
23 | 2 |
ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH)
service-login.sso.bluewin.ch |
ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH)
rp-static-content.scl.swisscom.ch |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
bluewin.ch
service-login.sso.bluewin.ch |
1 MB |
1 |
swisscom.ch
rp-static-content.scl.swisscom.ch |
2 KB |
23 | 2 |
Domain | Requested by | |
---|---|---|
22 | service-login.sso.bluewin.ch |
service-login.sso.bluewin.ch
|
1 | rp-static-content.scl.swisscom.ch |
service-login.sso.bluewin.ch
|
23 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
registration.scl.swisscom.ch |
www.swisscom.ch |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.sso.bluewin.ch SwissSign Server Gold CA 2014 - G22 |
2020-04-06 - 2022-04-06 |
2 years | crt.sh |
*.scapp.swisscom.com SwissSign Server Gold CA 2014 - G22 |
2019-02-13 - 2021-02-13 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://service-login.sso.bluewin.ch/login?loginRequest=eJxtkN1Kw0AQhd9loblKatpUrYEgES0IQSVp8cL2ItmdpEu3u3F_GkPpu7tJq5UizNWZcz7mzB5hISWwXFPBnwkK0Wg6JnfXk5GHiyDwJn5JvMIH4k2L29IvygJPYYRcZDMt5dVbLnXb57ataqhSWGztVkhaUZ6zFD4NKL2QzDrWWtcqXC6v7BSNUsKrpdhRAnKoMBv-xId4bQ1MWMB99hJHZ7CzAaiTbhFpacBJF2kS9dRBEA_GMztN0_wFWeUc7xzBrAcPxjccdlRpsQGOBVdmC04SAXfqWkUE1EaL2vawB2qBBZu3NdgGD-9Z9tqX72sBibWWtDAaFAo_9ihNExT6LtrlzPQS8tHq4O7RpQz8qP8Wuth39Y6ONP4PuXIRy3ll8urMs1JHOr38dPHj0yxeJHN7s_nSR4lAmRum0eEb_9KsyQ==
Frame ID: ACD63F1F35017200372C06C5BEBB319F
Requests: 23 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title: Register
Search URL Search Domain Scan URL
Title: Using Mobile ID
Search URL Search Domain Scan URL
Title: About Swisscom Login
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
login
service-login.sso.bluewin.ch/ |
8 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
commons.css
service-login.sso.bluewin.ch/ |
351 KB 351 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
username.css
service-login.sso.bluewin.ch/ |
158 B 537 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myswisscom_logo.png
rp-static-content.scl.swisscom.ch/content/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webcomponents.js
service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
commons.bundle.js
service-login.sso.bluewin.ch/ |
383 KB 383 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-layout.bundle.js
service-login.sso.bluewin.ch/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
username.bundle.js
service-login.sso.bluewin.ch/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Logo_Lifeform.png
service-login.sso.bluewin.ch/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TheSansB_400_.woff2
service-login.sso.bluewin.ch/ |
50 KB 50 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lifeform-spritesheet.png
service-login.sso.bluewin.ch/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sdx-icons.woff2
service-login.sso.bluewin.ch/ |
29 KB 29 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TheSansB_300_.woff2
service-login.sso.bluewin.ch/ |
55 KB 55 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webcomponents.lgd0guuk.js
service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ |
23 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ty0ne4z6.entry.js
service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ |
30 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mibbflfq.entry.js
service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chunk-6a8011c5.js
service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chunk-c2033b1f.js
service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chunk-7304fcb5.js
service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chunk-04472a7e.js
service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chunk-d09e8523.js
service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
u7qtnhpp.entry.js
service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gdkxtkba.entry.js
service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ |
740 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swisscom (Telecommunication)33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webcomponents object| s-apps object| webpackJsonp object| __core-js_shared__ object| Modernizr function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| flatpickr object| sdx object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| s-defined3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sso.bluewin.ch/ | Name: SCL-CID Value: bf9ca20c-dc72-4441-bec2-62b1b7829d56 |
|
service-login.sso.bluewin.ch/ | Name: SESSION Value: NzZkMDc3MTEtOWQ3Yi00YzJmLTg4ZTgtNDYwYTgxYjY2Y2Y1 |
|
service-login.sso.bluewin.ch/ | Name: org.springframework.web.servlet.i18n.CookieLocaleResolver.LOCALE Value: en |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15768000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
rp-static-content.scl.swisscom.ch
service-login.sso.bluewin.ch
194.209.222.161
195.186.145.195
1573af38d48a35675d955142f69dcc06c6e5d5b78193f86763d2750f39770d6b
181efe0cebe2516277ecfbb3b5cea7d52991abe0bfacfce521a9134ed18b2a44
2f217650e92e7d2c080c9ff9ef0f80483bfedd0284e07e9f5f242ea411b447c8
32d2af6f841432ccaec59972810a11e96fc54ca15538ed15d05e6efff7493dd3
3a7a23a3a6de5c5f32d264ee0f7cc1dd888d01c5038c7ad395b61c42fb68d652
3b3d4c57d3694575c88a29fb1c9faad1a6e361778ba705dbe017e699fbe4a79d
497df92940a451b4223f2f0651633f082d4daaa04381ebc8477267dcf2fa6451
5a8d2486ccf0b60ecebce8c8ca018e38f5550623ddb36478a9a55da710faa61e
5ad15e30f915778a7f512d442dd2e6aad992f1e0aa44dbcd3b3a19ba7002f324
5b4599032066e5f511dbeef4f514e5e78dffd88d2fe717724e02d2b52bf91a26
6c756b0a60656a987f8aae4b500ab5e7958f9ddf6d31cee4cc543e48f268cc15
7117f40eb45dadf7b7ad903219faea0bf861673a18ed652295a60b2fc1b9579d
986eb782cb1c23166f4cf1e893394f01ed32c5facd90410d27b98c82fa867eb3
a2d412121620524a5a34997c31f2ea9cf9fcb5c4f7b8a4e73afe88e8a4988c1c
a3950bb709cc6749b6bc720fc64b40f583b0c86d28c0b15ed719b15d5685cfeb
a52f7b886650639f9c6143ebb19e312745a8cd9f1dd3a06c382878038bd6d62f
a6bab48f290efd74478d95eab8bc0610cc32ffa78dc5adbb8fbc34f30ce8d930
a8ff2577aaef54f873ee27c6bf4592be5970d95dddb0c2885bcfd2e87969de43
a97ec9dd25302f819ee4b8eb6a3a5121ea879e0a09e73a9e9256fec2dfc8521d
aea14de2f15479f33a2cdfab1cdf996596cd10de05d4c2f1f5137ad1f16a2d4c
d83569ca75ab955c714d08518b68a77966512dadb305b3a61d6ce87e5765a5b8
f0cc4ee9dc83925f474ab0b5ed3a5395038c979e157d4bae8e67225f1b0922d8
f9adb57dca9cbd2514ed249714b613d65e78a81cadda2882679a9672c812d25e