www.humberlooka.website
Open in
urlscan Pro
198.54.114.208
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On July 09 via api from GB
Summary
This is the only time www.humberlooka.website was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swisscom (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 198.54.114.208 198.54.114.208 | 22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap) | |
1 | 195.186.145.195 195.186.145.195 | 3303 (SWISSCOM ...) (SWISSCOM Swisscom (Switzerland) Ltd) | |
3 | 3 |
ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server205-1.web-hosting.com
www.humberlooka.website |
ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH)
login.sso.bluewin.ch |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
bluewin.ch
login.sso.bluewin.ch |
|
1 |
humberlooka.website
www.humberlooka.website |
661 KB |
3 | 2 |
Domain | Requested by | |
---|---|---|
1 | login.sso.bluewin.ch |
www.humberlooka.website
|
1 | www.humberlooka.website | |
3 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
login.sso.bluewin.ch |
www.swisscom.ch |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.sso.bluewin.ch SwissSign EV Gold CA 2014 - G22 |
2018-03-21 - 2020-03-21 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.humberlooka.website/swiss1/Swisscom.php
Frame ID: 42A5D587CDFECEADB537F7B31C82EE10
Requests: 12 HTTP requests in this frame
7 Outgoing links
These are links going to different origins than the main page.
Title: Zurück
Search URL Search Domain Scan URL
Title: Benutzername oder Passwort vergessen?
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Über Swisscom Login
Search URL Search Domain Scan URL
Title: fr
Search URL Search Domain Scan URL
Title: it
Search URL Search Domain Scan URL
Title: en
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Swisscom.php
www.humberlooka.website/swiss1/ |
1 MB 661 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
55 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
94 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
50 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
85 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
54 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
92 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
24 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
29 KB 0 |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
login.sso.bluewin.ch/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
8c659412-f666-4e0f-b2d4-c5b4bcf61f25
http://www.humberlooka.website/ |
562 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swisscom (Telecommunication)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| savepage_ContentLoaders0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.sso.bluewin.ch
www.humberlooka.website
195.186.145.195
198.54.114.208
04e6b82fc06cd19523edf3d271bef05cb53b577aeb6a97e43214bab0d4751a3d
06f449cdf9a25d9d55a22e797374da2fa5313c892e523e5aeb601db6e92fc53d
193c495a4e993ab48893a5e4595486efb7b925357e96e0733615f7525e78eac6
25936dd747c2cad3744aad6f31a6825cf2fa20e0c6db4a02f190d9e3e99c6b10
5e39a8bb7dc50616b9f41997f90bbb8330be6eb35bb973995618c38a0e3c21f4
7c47f1b25cde477d2fdd56e85aedc14b79612ef83e8e8239ed1a69e70326a94c
8875748ee0e73c777072738772ac439e29eece7248c16e09c3e3065f52073aa0
a6bab48f290efd74478d95eab8bc0610cc32ffa78dc5adbb8fbc34f30ce8d930
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f07b8927a11190e0d9988dd003bb5079a5905678ad8951eb424ab7c71dcaba33
f0cc4ee9dc83925f474ab0b5ed3a5395038c979e157d4bae8e67225f1b0922d8
f9adb57dca9cbd2514ed249714b613d65e78a81cadda2882679a9672c812d25e