nl.aio-comm.ch
Open in
urlscan Pro
46.137.113.58
Malicious Activity!
Public Scan
Submission Tags: 7213866
Submission: On July 05 via api from NL
Summary
TLS certificate: Issued by R3 on May 11th 2021. Valid for: 3 months.
This is the only time nl.aio-comm.ch was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Viseca (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 46.137.113.58 46.137.113.58 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 217.111.139.8 217.111.139.8 | 208305 (VISECA-AS) (VISECA-AS) | |
19 | 3 |
ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-113-58.eu-west-1.compute.amazonaws.com
nl.aio-comm.ch |
ASN208305 (VISECA-AS, CH)
PTR: one-digitalservice.ch
one-digitalservice.ch |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
one-digitalservice.ch
one-digitalservice.ch |
684 KB |
2 |
aio-comm.ch
nl.aio-comm.ch |
4 KB |
19 | 2 |
Domain | Requested by | |
---|---|---|
11 | one-digitalservice.ch |
nl.aio-comm.ch
one-digitalservice.ch |
2 | nl.aio-comm.ch | |
19 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.viseca.ch |
itunes.apple.com |
play.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
nl.you-are-special.ch R3 |
2021-05-11 - 2021-08-09 |
3 months | crt.sh |
one-digitalservice.ch QuoVadis Global SSL ICA G3 |
2021-05-18 - 2022-05-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://nl.aio-comm.ch//wrapper/vise/viseca/
Frame ID: B90303152D2D94E3B5D64C377BB4D40B
Requests: 19 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://nl.aio-comm.ch//wrapper/vise/viseca/ Page URL
- https://nl.aio-comm.ch//wrapper/vise/viseca/ Page URL
Detected technologies
Ubuntu (Operating Systems) ExpandDetected patterns
- headers server /Ubuntu/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Instructions for activating cookies
Search URL Search Domain Scan URL
Title: App Store (iOS)
Search URL Search Domain Scan URL
Title: Play Store (Android)
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://nl.aio-comm.ch//wrapper/vise/viseca/ Page URL
- https://nl.aio-comm.ch//wrapper/vise/viseca/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
/
nl.aio-comm.ch//wrapper/vise/viseca/ |
1 B 462 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
nl.aio-comm.ch//wrapper/vise/viseca/ |
16 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
one-digitalservice.ch/login/css/ |
55 KB 55 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ispin.css
one-digitalservice.ch/login/css/ |
470 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
one.svg
one-digitalservice.ch/login/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
one-small.svg
one-digitalservice.ch/login/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr-custom.js
one-digitalservice.ch/login/js/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.2.min.js
one-digitalservice.ch/login/js/ |
94 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
one-digitalservice.ch/login/js/ |
36 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
content.js
one-digitalservice.ch/login/js/ |
201 B 815 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.main.js
one-digitalservice.ch/login/js/ |
435 KB 436 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ispin.js
one-digitalservice.ch/login/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fpdata.js
one-digitalservice.ch/login/js/ |
51 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTStd-Roman.woff
one-digitalservice.ch/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTStd-Bold.woff
one-digitalservice.ch/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTStd-Light.woff
one-digitalservice.ch/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTStd-Bold.ttf
one-digitalservice.ch/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTStd-Light.ttf
one-digitalservice.ch/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTStd-Roman.ttf
one-digitalservice.ch/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- one-digitalservice.ch
- URL
- https://one-digitalservice.ch/login/fonts/FrutigerLTStd-Roman.woff
- Domain
- one-digitalservice.ch
- URL
- https://one-digitalservice.ch/login/fonts/FrutigerLTStd-Bold.woff
- Domain
- one-digitalservice.ch
- URL
- https://one-digitalservice.ch/login/fonts/FrutigerLTStd-Light.woff
- Domain
- one-digitalservice.ch
- URL
- https://one-digitalservice.ch/login/fonts/FrutigerLTStd-Bold.ttf
- Domain
- one-digitalservice.ch
- URL
- https://one-digitalservice.ch/login/fonts/FrutigerLTStd-Light.ttf
- Domain
- one-digitalservice.ch
- URL
- https://one-digitalservice.ch/login/fonts/FrutigerLTStd-Roman.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Viseca (Financial)75 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Modernizr function| $ function| jQuery object| jQuery111209967210826486301 function| initInputValueCheck function| initCheckboxStateCheck function| initTouchNav function| initMultiLevelNav function| initHidePopoverOnClickOutside function| initKartenForm function| initAjaxSelect function| initAjaxCheckboxes function| initDateTextFields function| initBootstrapDatePickerRange function| initCardFieldValidation function| initAjaxTabsTB function| initCarousel function| initAutoShowAlerts function| initAddItems function| initInputMask function| initProgressAnimation function| initDisableScroll function| initCustomTabs function| stopVideosOnModalClose function| initAjaxModal function| initYoutubeOverlay function| playPauseIframeYoutube function| initBootstrapDatePicker function| initNavDrop function| initRegistrationCodeForm function| formSendAjax function| formOnAjaxSuccess function| initSimpleForm function| initSmsForm function| initFormValidation function| initCustomForms function| initTBResizeFix function| initMobileTable function| initFixedTable function| initPopover function| initCloseCollapse function| initRetinaCover function| initSlickCarousel function| initCustomHover function| initOpenClose function| TouchNav object| lib function| MultiLevelNav function| AjaxSelectContent function| AddCloneItem object| CssAnimationHelper object| ResponsiveHelper function| DisablePageScroll function| FixedTable object| jcf object| picturefillCFG function| picturefill function| Inputmask function| Hammer function| closePhishingAlert function| checkPhishingMessageVisibility function| doPost function| Fingerprint2 number| $h2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nl.aio-comm.ch/ | Name: PHPSESSID Value: d1p7uq06ig1f94vop94nrd9ief |
|
nl.aio-comm.ch//wrapper/vise/viseca | Name: visited Value: yes |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
nl.aio-comm.ch
one-digitalservice.ch
one-digitalservice.ch
217.111.139.8
46.137.113.58
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
16bcaff23332afd97f153d54c2669e4b386b799231d67850af7e50352cd1a04e
25f4ac7806b895326e6e2ddaf741f64eeeee2e729237556072ac297745ca15c4
2cbfba442e84de59ee547ea3195984c2e9b15d5974d4b324cc7f592df1fa2fa3
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
86e44759b26c327061c4cccbf43dcd989191c2aa927d9847f9da5cd70f6473c7
8b1ac825153c2c2e7321901e800fdaf9ca16e65aaf28d362698400ac3642b18b
9e5d9608c0a0edfe0e7661a72da49cdf56cb1341eed20b240a1ab1fdb3057026
a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec
af8b48e6c225d2d4acc0a47459f2a0e6c6043dc1403f91bc572fb64557ce92c8
bcb8125e03517caf9d0d1cee183543a72c794b4fca4192d94e7c03dd8013c878
d212be8b148b358486c94de06d52b5509788acc02b2faa3ac40614e94ec011d5