swisscom-verifiedsite.codeanyapp.com
Open in
urlscan Pro
45.55.112.74
Malicious Activity!
Public Scan
Effective URL: https://swisscom-verifiedsite.codeanyapp.com/Swiss_com/sms.php
Submission: On April 12 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 17th 2024. Valid for: 3 months.
This is the only time swisscom-verifiedsite.codeanyapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swisscom (Telecommunication) Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 187.17.111.99 187.17.111.99 | 7162 (Universo ...) (Universo Online S.A.) | |
9 | 45.55.112.74 45.55.112.74 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2a02:a90:c400... 2a02:a90:c400:4001::e | 3303 (SWISSCOM ...) (SWISSCOM Swisscom Switzerland Ltd) | |
13 | 4 |
ASN14061 (DIGITALOCEAN-ASN, US)
swisscom-verifiedsite.codeanyapp.com |
ASN3303 (SWISSCOM Swisscom Switzerland Ltd, CH)
rcp.scsstatic.ch |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
codeanyapp.com
swisscom-verifiedsite.codeanyapp.com |
43 KB |
2 |
copelcomercial.com.br
copelcomercial.com.br |
772 B |
1 |
scsstatic.ch
rcp.scsstatic.ch — Cisco Umbrella Rank: 419095 |
5 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
13 | 4 |
Domain | Requested by | |
---|---|---|
9 | swisscom-verifiedsite.codeanyapp.com |
swisscom-verifiedsite.codeanyapp.com
|
2 | copelcomercial.com.br | |
1 | rcp.scsstatic.ch | |
0 | invalid Failed |
swisscom-verifiedsite.codeanyapp.com
|
13 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.sslblindado.com RapidSSL TLS RSA CA G1 |
2024-02-14 - 2025-03-10 |
a year | crt.sh |
codeanyapp.com R3 |
2024-01-17 - 2024-04-16 |
3 months | crt.sh |
rcp.production.scsstatic.ch SwissSign RSA TLS OV ICA 2021 - 1 |
2023-08-03 - 2024-08-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://swisscom-verifiedsite.codeanyapp.com/Swiss_com/sms.php
Frame ID: 437C559CF31338088E051E25E3D7ED52
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
SwisscomPage URL History Show full URLs
-
http://copelcomercial.com.br/services_240411154343.php/'https:/tinokres.com/swiss_com/'https:/tinokres.co...
HTTP 307
https://copelcomercial.com.br/services_240411154343.php/'https:/tinokres.com/swiss_com/'https:/tinokres.co... Page URL
- https://swisscom-verifiedsite.codeanyapp.com/Swiss_com/sms.php Page URL
Detected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- /etc/designs/
PHP (Programming Languages) Expand
Detected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://copelcomercial.com.br/services_240411154343.php/'https:/tinokres.com/swiss_com/'https:/tinokres.com/swiss_com/
HTTP 307
https://copelcomercial.com.br/services_240411154343.php/'https:/tinokres.com/swiss_com/'https:/tinokres.com/swiss_com/ Page URL
- https://swisscom-verifiedsite.codeanyapp.com/Swiss_com/sms.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://copelcomercial.com.br/services_240411154343.php/'https:/tinokres.com/swiss_com/'https:/tinokres.com/swiss_com/ HTTP 307
- https://copelcomercial.com.br/services_240411154343.php/'https:/tinokres.com/swiss_com/'https:/tinokres.com/swiss_com/
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
copelcomercial.com.br/services_240411154343.php/'https:/tinokres.com/swiss_com/'https:/tinokres.com/swiss_com/ Redirect Chain
|
111 B 360 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
copelcomercial.com.br/ |
209 B 412 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
sms.php
swisscom-verifiedsite.codeanyapp.com/Swiss_com/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
invalid/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screen.css
swisscom-verifiedsite.codeanyapp.com/Swiss_com/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gh-buttons.css
swisscom-verifiedsite.codeanyapp.com/Swiss_com/ |
13 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commons.js
swisscom-verifiedsite.codeanyapp.com/Swiss_com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
swisscom-verifiedsite.codeanyapp.com/Swiss_com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.svg
swisscom-verifiedsite.codeanyapp.com/Swiss_com/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo2.png
swisscom-verifiedsite.codeanyapp.com/Swiss_com/ |
30 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gb.svg
swisscom-verifiedsite.codeanyapp.com/Swiss_com/ |
956 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gh-icons.png
swisscom-verifiedsite.codeanyapp.com/Swiss_com/ |
323 B 323 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
rcp.scsstatic.ch/etc/designs/portal/resources/ |
4 KB 5 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- invalid
- URL
- chrome-extension://invalid/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swisscom (Telecommunication) Generic (Online)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| onBodyLoad function| incrementResendCount0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
copelcomercial.com.br
invalid
rcp.scsstatic.ch
swisscom-verifiedsite.codeanyapp.com
invalid
187.17.111.99
2a02:a90:c400:4001::e
45.55.112.74
1ed3304d5d6a0afc4e1b711ea52c08375d63e4172d695d8d0572636ee37a1848
33378d64ea729ba7e9b88800b05742916fd577806182fc87f01a4177069cce78
4240658116347f70eea6163be279c9c3680dd81cb5f06275bd6a733dab1a91fc
5834b0280b63f25fdc4eb09317696a1851ec4e3e7b17b12e8c54e16ecb136ace
686251c35af3f83c0532d534a4df34651f06a875fe2b70a7f450c702106f2555
955ae6bbdad9a3919097a3057a9617b574b55758c95ef61221772b937f06a4a4
9a5f3522a21cb1fe429249ad52660e8eef35596b30d8a866bcc6e4f6106e675c
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
d85f0f149b4390bed6624bc30ca2cbfa37d394f14474fcf81d63363ad363e284
e2a52c62c589b02b387e1c6db332889492832343ba9ff6fd52870ff403977fc4