company.swisscomnet.ch-login-device.ozzyandfriends.info Open in urlscan Pro
66.198.240.33  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response company.swisscomnet.ch-login-device.ozzyandfriends.info/	9 KB 3 KB	329ms 279ms	Document text/html	66.198.240.33 A2HOSTING
General Check archive.org Show headers Download Go to Full URL http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ Protocol HTTP/1.1 Server 66.198.240.33 Ann Arbor, United States, ASN55293 (A2HOSTING, US), Reverse DNS a2ls20.a2hosting.com Software LiteSpeed / PHP/5.6.40 Resource Hash 02a2f9810a3b45c54c5261f5a0b42783bbeedc08a1058cdd9600de3b2ff09871 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Host company.swisscomnet.ch-login-device.ozzyandfriends.info Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Connection Keep-Alive X-Powered-By PHP/5.6.40 Content-Type text/html; charset=UTF-8 Content-Length 2525 Content-Encoding gzip Vary Accept-Encoding Date Thu, 09 Jul 2020 06:10:26 GMT Server LiteSpeed Strict-Transport-Security max-age=63072000; includeSubDomains X-Frame-Options SAMEORIGIN X-Content-Type-Options nosniff
GET H/1.1	200 OK	commons.css service-login.sso.bluewin.ch/	351 KB 351 KB	462ms 171ms	Stylesheet text/css	195.186.196.30 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://service-login.sso.bluewin.ch/commons.css Requested by Host: company.swisscomnet.ch-login-device.ozzyandfriends.info URL: http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.196.30 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash 5ad15e30f915778a7f512d442dd2e6aad992f1e0aa44dbcd3b3a19ba7002f324 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 09 Jul 2020 06:10:26 GMT X-Content-Type-Options nosniff Last-Modified Tue, 30 Jun 2020 20:28:38 GMT X-Frame-Options DENY Content-Type text/css X-Vcap-Request-Id 24881987-ec62-4330-7075-307f3554817e Strict-Transport-Security max-age=15768000; includeSubDomains Accept-Ranges bytes Content-Length 358978 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	username.css service-login.sso.bluewin.ch/	158 B 674 B	412ms 122ms	Stylesheet text/css	195.186.196.30 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://service-login.sso.bluewin.ch/username.css Requested by Host: company.swisscomnet.ch-login-device.ozzyandfriends.info URL: http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.196.30 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash 181efe0cebe2516277ecfbb3b5cea7d52991abe0bfacfce521a9134ed18b2a44 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 09 Jul 2020 06:10:26 GMT X-Content-Type-Options nosniff Last-Modified Tue, 30 Jun 2020 20:28:19 GMT X-Frame-Options DENY Content-Type text/css X-Vcap-Request-Id 168563db-86fb-46bf-6656-9b2df069737c Strict-Transport-Security max-age=15768000; includeSubDomains Accept-Ranges bytes Content-Length 158 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	webmail_logo.png rp-static-content.scl.swisscom.ch/content/	562 B 890 B	483ms 144ms	Image image/png	194.209.222.161 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Show image Full URL https://rp-static-content.scl.swisscom.ch/content/webmail_logo.png Requested by Host: company.swisscomnet.ch-login-device.ozzyandfriends.info URL: http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.209.222.161 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software nginx / Resource Hash f07b8927a11190e0d9988dd003bb5079a5905678ad8951eb424ab7c71dcaba33 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers Referer http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 09 Jul 2020 06:10:27 GMT Last-Modified Tue, 02 Jun 2020 08:31:37 GMT Server nginx Etag "5ed60e69-232" Strict-Transport-Security max-age=15768000; includeSubDomains Content-Type image/png X-Vcap-Request-Id 2a726442-4034-4acc-5e97-c16e72d54707 Accept-Ranges bytes Content-Length 562
GET H/1.1	200 OK	webcomponents.js Show response service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/	2 KB 3 KB	443ms 147ms	Script application/javascript	195.186.196.30 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents.js Requested by Host: company.swisscomnet.ch-login-device.ozzyandfriends.info URL: http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.196.30 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash 3b3d4c57d3694575c88a29fb1c9faad1a6e361778ba705dbe017e699fbe4a79d Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 09 Jul 2020 06:10:26 GMT X-Content-Type-Options nosniff Last-Modified Tue, 30 Jun 2020 20:28:19 GMT X-Frame-Options DENY Content-Type application/javascript X-Vcap-Request-Id f460436e-6913-4d4b-7de8-f0e6c23d0bcd Strict-Transport-Security max-age=15768000; includeSubDomains Accept-Ranges bytes Content-Length 2199 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	commons.bundle.js Show response service-login.sso.bluewin.ch/	383 KB 383 KB	425ms 125ms	Script application/javascript	195.186.196.30 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://service-login.sso.bluewin.ch/commons.bundle.js Requested by Host: company.swisscomnet.ch-login-device.ozzyandfriends.info URL: http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.196.30 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash 5b4599032066e5f511dbeef4f514e5e78dffd88d2fe717724e02d2b52bf91a26 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 09 Jul 2020 06:10:26 GMT X-Content-Type-Options nosniff Last-Modified Tue, 30 Jun 2020 20:28:38 GMT X-Frame-Options DENY Content-Type application/javascript X-Vcap-Request-Id 4921ec6c-d0aa-4b92-41ef-cb37325de2c6 Strict-Transport-Security max-age=15768000; includeSubDomains Accept-Ranges bytes Content-Length 391880 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	login-layout.bundle.js Show response service-login.sso.bluewin.ch/	4 KB 4 KB	472ms 172ms	Script application/javascript	195.186.196.30 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://service-login.sso.bluewin.ch/login-layout.bundle.js Requested by Host: company.swisscomnet.ch-login-device.ozzyandfriends.info URL: http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.196.30 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash 3a7a23a3a6de5c5f32d264ee0f7cc1dd888d01c5038c7ad395b61c42fb68d652 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 09 Jul 2020 06:10:26 GMT X-Content-Type-Options nosniff Last-Modified Tue, 30 Jun 2020 20:28:19 GMT X-Frame-Options DENY Content-Type application/javascript X-Vcap-Request-Id 914c20a2-1d0d-4f42-6089-7712e917f0b3 Strict-Transport-Security max-age=15768000; includeSubDomains Accept-Ranges bytes Content-Length 3648 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	username.bundle.js Show response service-login.sso.bluewin.ch/	2 KB 2 KB	413ms 113ms	Script application/javascript	195.186.196.30 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Full URL https://service-login.sso.bluewin.ch/username.bundle.js Requested by Host: company.swisscomnet.ch-login-device.ozzyandfriends.info URL: http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.196.30 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash 5a8d2486ccf0b60ecebce8c8ca018e38f5550623ddb36478a9a55da710faa61e Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer http://company.swisscomnet.ch-login-device.ozzyandfriends.info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 09 Jul 2020 06:10:26 GMT X-Content-Type-Options nosniff Last-Modified Tue, 30 Jun 2020 20:28:19 GMT X-Frame-Options DENY Content-Type application/javascript X-Vcap-Request-Id 61555dc3-6166-4d6c-6c75-c87136f15663 Strict-Transport-Security max-age=15768000; includeSubDomains Accept-Ranges bytes Content-Length 1841 X-Xss-Protection 1; mode=block
GET		webcomponents.lgd0guuk.js service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/	0 0
GET H/1.1	200 OK	Logo_Lifeform.png service-login.sso.bluewin.ch/	3 KB 4 KB	114ms 114ms	Image image/png	195.186.196.30 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Show image Full URL https://service-login.sso.bluewin.ch/Logo_Lifeform.png Requested by Host: service-login.sso.bluewin.ch URL: https://service-login.sso.bluewin.ch/commons.bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.196.30 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash aea14de2f15479f33a2cdfab1cdf996596cd10de05d4c2f1f5137ad1f16a2d4c Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://service-login.sso.bluewin.ch/commons.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 09 Jul 2020 06:10:26 GMT X-Content-Type-Options nosniff Last-Modified Tue, 30 Jun 2020 20:28:19 GMT X-Frame-Options DENY Content-Type image/png X-Vcap-Request-Id a87055b0-f5ee-481a-72b2-b5c1a79a746b Strict-Transport-Security max-age=15768000; includeSubDomains Accept-Ranges bytes Content-Length 3440 X-Xss-Protection 1; mode=block
GET		TheSansB_400_.woff2 service-login.sso.bluewin.ch/	0 0
GET H/1.1	200 OK	lifeform-spritesheet.png service-login.sso.bluewin.ch/	38 KB 38 KB	205ms 205ms	Image image/png	195.186.196.30 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Show image Full URL https://service-login.sso.bluewin.ch/lifeform-spritesheet.png Requested by Host: service-login.sso.bluewin.ch URL: https://service-login.sso.bluewin.ch/commons.bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.196.30 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash f9adb57dca9cbd2514ed249714b613d65e78a81cadda2882679a9672c812d25e Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://service-login.sso.bluewin.ch/commons.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 09 Jul 2020 06:10:27 GMT X-Content-Type-Options nosniff Last-Modified Tue, 30 Jun 2020 20:28:19 GMT X-Frame-Options DENY Content-Type image/png X-Vcap-Request-Id a11351fc-2b91-4d21-571b-f2d1ea03683f Strict-Transport-Security max-age=15768000; includeSubDomains Accept-Ranges bytes Content-Length 38448 X-Xss-Protection 1; mode=block
GET		TheSansB_300_.woff2 service-login.sso.bluewin.ch/	0 0
GET		sdx-icons.woff2 service-login.sso.bluewin.ch/	0 0
GET		TheSansB_400_.woff service-login.sso.bluewin.ch/	0 0
GET		TheSansB_300_.woff service-login.sso.bluewin.ch/	0 0
GET		sdx-icons.woff service-login.sso.bluewin.ch/	0 0
GET		TheSansB_400_.ttf service-login.sso.bluewin.ch/	0 0
GET		TheSansB_300_.ttf service-login.sso.bluewin.ch/	0 0
GET		sdx-icons.ttf service-login.sso.bluewin.ch/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

service-login.sso.bluewin.ch

URL

https://service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/webcomponents.lgd0guuk.js

Domain

service-login.sso.bluewin.ch

URL

https://service-login.sso.bluewin.ch/TheSansB_400_.woff2

Domain

service-login.sso.bluewin.ch

URL

https://service-login.sso.bluewin.ch/TheSansB_300_.woff2

Domain

service-login.sso.bluewin.ch

URL

https://service-login.sso.bluewin.ch/sdx-icons.woff2

Domain

service-login.sso.bluewin.ch

URL

https://service-login.sso.bluewin.ch/TheSansB_400_.woff

Domain

service-login.sso.bluewin.ch

URL

https://service-login.sso.bluewin.ch/TheSansB_300_.woff

Domain

service-login.sso.bluewin.ch

URL

https://service-login.sso.bluewin.ch/sdx-icons.woff

Domain

service-login.sso.bluewin.ch

URL

https://service-login.sso.bluewin.ch/TheSansB_400_.ttf

Domain

service-login.sso.bluewin.ch

URL

https://service-login.sso.bluewin.ch/TheSansB_300_.ttf

Domain

service-login.sso.bluewin.ch

URL

https://service-login.sso.bluewin.ch/sdx-icons.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swisscom (Telecommunication)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webcomponents object| s-apps object| webpackJsonp object| __core-js_shared__ object| Modernizr function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| flatpickr object| sdx object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

company.swisscomnet.ch-login-device.ozzyandfriends.info
rp-static-content.scl.swisscom.ch
service-login.sso.bluewin.ch
service-login.sso.bluewin.ch
194.209.222.161
195.186.196.30
66.198.240.33
02a2f9810a3b45c54c5261f5a0b42783bbeedc08a1058cdd9600de3b2ff09871
181efe0cebe2516277ecfbb3b5cea7d52991abe0bfacfce521a9134ed18b2a44
3a7a23a3a6de5c5f32d264ee0f7cc1dd888d01c5038c7ad395b61c42fb68d652
3b3d4c57d3694575c88a29fb1c9faad1a6e361778ba705dbe017e699fbe4a79d
5a8d2486ccf0b60ecebce8c8ca018e38f5550623ddb36478a9a55da710faa61e
5ad15e30f915778a7f512d442dd2e6aad992f1e0aa44dbcd3b3a19ba7002f324
5b4599032066e5f511dbeef4f514e5e78dffd88d2fe717724e02d2b52bf91a26
aea14de2f15479f33a2cdfab1cdf996596cd10de05d4c2f1f5137ad1f16a2d4c
f07b8927a11190e0d9988dd003bb5079a5905678ad8951eb424ab7c71dcaba33
f9adb57dca9cbd2514ed249714b613d65e78a81cadda2882679a9672c812d25e