swisspassidsbbcff.sviluppo.host
Open in
urlscan Pro
149.62.187.110
Malicious Activity!
Public Scan
Submission: On May 01 via api from US — Scanned from IT
Summary
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.
This is the only time swisspassidsbbcff.sviluppo.host was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Schweizerische Bundesbahnen (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 149.62.187.110 149.62.187.110 | 47242 (COLTENGIN...) (COLTENGINE COLTENGINE Network) | |
3 | 193.203.121.166 193.203.121.166 | 31004 (SBB-CFF-F...) (SBB-CFF-FFS Telecom SBB) | |
1 | 193.203.121.145 193.203.121.145 | 31004 (SBB-CFF-F...) (SBB-CFF-FFS Telecom SBB) | |
14 | 3 |
ASN47242 (COLTENGINE COLTENGINE Network, IT)
PTR: w3007.shared.host.it
swisspassidsbbcff.sviluppo.host |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
sviluppo.host
swisspassidsbbcff.sviluppo.host |
162 KB |
4 |
swisspass.ch
login.swisspass.ch — Cisco Umbrella Rank: 305281 resources.swisspass.ch |
344 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
10 | swisspassidsbbcff.sviluppo.host |
swisspassidsbbcff.sviluppo.host
|
3 | login.swisspass.ch |
swisspassidsbbcff.sviluppo.host
|
1 | resources.swisspass.ch |
swisspassidsbbcff.sviluppo.host
|
14 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
swisspassidsbbcff.sviluppo.host R3 |
2024-04-19 - 2024-07-18 |
3 months | crt.sh |
swisspass.ch SwissSign RSA TLS DV ICA 2022 - 1 |
2024-03-14 - 2025-03-14 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://swisspassidsbbcff.sviluppo.host/auth/Entry.php
Frame ID: 96A88250C4D87FC2C4DCA617928A6B68
Requests: 13 HTTP requests in this frame
Frame:
https://swisspassidsbbcff.sviluppo.host/auth/userapp_files/saved_resource.html
Frame ID: E5385E9BA79E6A0EEFCC1DA5589572CF
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Entry.php
swisspassidsbbcff.sviluppo.host/auth/ |
131 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
swisspassidsbbcff.sviluppo.host/auth/userapp_files/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.8501c3a64c32c7c4.css
swisspassidsbbcff.sviluppo.host/auth/userapp_files/ |
177 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
swisspassidsbbcff.sviluppo.host/auth/userapp_files/ |
442 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
swisspassidsbbcff.sviluppo.host/auth/userapp_files/ |
548 B 939 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_text_de-20200819.svg
login.swisspass.ch/resources/img/ |
137 KB 138 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-20200819.svg
login.swisspass.ch/resources/img/ |
7 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saved_resource.html
swisspassidsbbcff.sviluppo.host/auth/userapp_files/ Frame E538 |
198 B 533 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneTrust_SwissPass_logo_mobile.png
swisspassidsbbcff.sviluppo.host/auth/userapp_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered_by_logo.svg
swisspassidsbbcff.sviluppo.host/auth/userapp_files/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_bg.jpg
resources.swisspass.ch/content/dam/swisspass/co-branding/swiss_ch/ |
196 KB 197 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
SBBWeb-Light.3f0cdd23274e17f7.woff2
swisspassidsbbcff.sviluppo.host/auth/userapp_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json
swisspassidsbbcff.sviluppo.host/auth/userapp_files/otSDKStub.js/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
login.swisspass.ch/v3/oevlogin/ui/assets/custom/img/ |
1 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Schweizerische Bundesbahnen (Transportation)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| OneTrustStub1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.swisspass.ch/ | Name: AL_SESS-S Value: AUJbnJpCsJw3aMGQ_D__wTwOjM!phzYwmO6!5Rr8aa!51OOgOUhmZOx29TIzfTtoUOFf |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.swisspass.ch
resources.swisspass.ch
swisspassidsbbcff.sviluppo.host
149.62.187.110
193.203.121.145
193.203.121.166
15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
58a037c0bde953b48561826f3df16031f7ddfce33c4018619d3f39c6af6eec1b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
729063f305e6efcd4a5eac69b799c96da4403fc5f082219d68f824b66213402d
7a036d721a3bbb21568fa68822dfb58ab04cc78a274c6608590440becb307ec9
7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677
8e12bf257a56e15f5cb4fcc36e706ae4615dc43b497e24933a52886fc15587a1
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909
e42fe383c86ab1185425bf334a44f9a311dd06d8ccf9e409d05b45dbe0bc48c6
f2f0d94a5141a75ef227f2699b6a43588741ede3edd2fe2d075a65b3d413b2f8