www.humberlooka.website Open in urlscan Pro
198.54.114.208  Malicious Activity! Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Swisscom.php Show response www.humberlooka.website/swiss1/	1 MB 661 KB	361ms 187ms	Document text/html	198.54.114.208 Namecheap
General Check archive.org Show headers Download Go to Full URL http://www.humberlooka.website/swiss1/Swisscom.php Protocol HTTP/1.1 Server 198.54.114.208 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS server205-1.web-hosting.com Software Apache / PHP/7.2.19 Resource Hash 7c47f1b25cde477d2fdd56e85aedc14b79612ef83e8e8239ed1a69e70326a94c Request headers Host www.humberlooka.website Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 09 Jul 2019 20:03:09 GMT Server Apache X-Powered-By PHP/7.2.19 Vary Accept-Encoding Content-Encoding gzip Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated /	55 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a6bab48f290efd74478d95eab8bc0610cc32ffa78dc5adbb8fbc34f30ce8d930 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Origin http://www.humberlooka.website Response headers Content-Type text/plain
GET DATA	200 OK	truncated /	94 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8875748ee0e73c777072738772ac439e29eece7248c16e09c3e3065f52073aa0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Origin http://www.humberlooka.website Response headers Content-Type text/plain
GET DATA	200 OK	truncated /	50 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f0cc4ee9dc83925f474ab0b5ed3a5395038c979e157d4bae8e67225f1b0922d8 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Origin http://www.humberlooka.website Response headers Content-Type text/plain
GET DATA	200 OK	truncated /	85 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 25936dd747c2cad3744aad6f31a6825cf2fa20e0c6db4a02f190d9e3e99c6b10 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Origin http://www.humberlooka.website Response headers Content-Type text/plain
GET DATA	200 OK	truncated /	54 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5e39a8bb7dc50616b9f41997f90bbb8330be6eb35bb973995618c38a0e3c21f4 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Origin http://www.humberlooka.website Response headers Content-Type text/plain
GET DATA	200 OK	truncated /	92 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 193c495a4e993ab48893a5e4595486efb7b925357e96e0733615f7525e78eac6 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Origin http://www.humberlooka.website Response headers Content-Type text/plain
GET DATA	200 OK	truncated /	24 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 06f449cdf9a25d9d55a22e797374da2fa5313c892e523e5aeb601db6e92fc53d Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Origin http://www.humberlooka.website Response headers Content-Type text/plain
GET DATA	200 OK	truncated /	29 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04e6b82fc06cd19523edf3d271bef05cb53b577aeb6a97e43214bab0d4751a3d Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Origin http://www.humberlooka.website Response headers Content-Type text/plain
GET H/1.1	200 OK	login login.sso.bluewin.ch/	0 0	10568ms 107ms	Image text/html	195.186.145.195 SWISSCOM Swisscom...
General Check archive.org Show headers Download Go to Show image Full URL https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v01.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dde%26m%3Dfalse&L=de Requested by Host: www.humberlooka.website URL: http://www.humberlooka.website/swiss1/Swisscom.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.186.145.195 , Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://login.sso.bluewin.ch/login?SNA=webmail&RURL=https%3A%2F%2Frich-v01.bluewin.ch%2Fcp%2Fapplink%2Fsso%2FServiceEntryHandler%3Fd%3Dbluewin.ch%26l%3Dde%26m%3Dfalse&L=de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET DATA	200 OK	truncated /	38 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f9adb57dca9cbd2514ed249714b613d65e78a81cadda2882679a9672c812d25e Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	8c659412-f666-4e0f-b2d4-c5b4bcf61f25 http://www.humberlooka.website/	562 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://www.humberlooka.website/8c659412-f666-4e0f-b2d4-c5b4bcf61f25 Requested by Host: www.humberlooka.website URL: http://www.humberlooka.website/swiss1/Swisscom.php Protocol BLOB Security , , Server -, , ASN (), Reverse DNS Software / Resource Hash f07b8927a11190e0d9988dd003bb5079a5905678ad8951eb424ab7c71dcaba33 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 562 Content-Type image/png

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swisscom (Telecommunication)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| savepage_ContentLoaders

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.sso.bluewin.ch
www.humberlooka.website
195.186.145.195
198.54.114.208
04e6b82fc06cd19523edf3d271bef05cb53b577aeb6a97e43214bab0d4751a3d
06f449cdf9a25d9d55a22e797374da2fa5313c892e523e5aeb601db6e92fc53d
193c495a4e993ab48893a5e4595486efb7b925357e96e0733615f7525e78eac6
25936dd747c2cad3744aad6f31a6825cf2fa20e0c6db4a02f190d9e3e99c6b10
5e39a8bb7dc50616b9f41997f90bbb8330be6eb35bb973995618c38a0e3c21f4
7c47f1b25cde477d2fdd56e85aedc14b79612ef83e8e8239ed1a69e70326a94c
8875748ee0e73c777072738772ac439e29eece7248c16e09c3e3065f52073aa0
a6bab48f290efd74478d95eab8bc0610cc32ffa78dc5adbb8fbc34f30ce8d930
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f07b8927a11190e0d9988dd003bb5079a5905678ad8951eb424ab7c71dcaba33
f0cc4ee9dc83925f474ab0b5ed3a5395038c979e157d4bae8e67225f1b0922d8
f9adb57dca9cbd2514ed249714b613d65e78a81cadda2882679a9672c812d25e