cybersecurityportal.ch Open in urlscan Pro
20.105.232.8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cybersecurityportal.ch/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 27 via api (November 27th 2024, 1:30:06 pm UTC) from IT — Scanned from CH

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 20.105.232.8, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is cybersecurityportal.ch.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on November 27th 2024. Valid for: 6 months.

This is the only time cybersecurityportal.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	20.105.232.8 20.105.232.8	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:350... 2a02:26f0:3500:c89::33e7	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
7	3

5 20.105.232.8 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cybersecurityportal.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:c89::33e7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

static2.sharepointonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	cybersecurityportal.ch cybersecurityportal.ch	6 MB
2	sharepointonline.com static2.sharepointonline.com — Cisco Umbrella Rank: 1955	67 KB
7	2

	Domain	Requested by
5	cybersecurityportal.ch	cybersecurityportal.ch
2	static2.sharepointonline.com	cybersecurityportal.ch
7	2

This site contains no links.

Subject Issuer	Validity	Valid
cybersecurityportal.ch GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-11-27` - `2025-05-27`	6 months	crt.sh
privatecdn.sharepointonline.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-07-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cybersecurityportal.ch/
Frame ID: FE3AB87BE6AB6EC9F3AA08DB132D633F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cyber Security Portal

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

5708 kB
Transfer

5714 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response cybersecurityportal.ch/	667 B 968 B	214ms 63ms	Document text/html	20.105.232.8 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cybersecurityportal.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.105.232.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express Resource Hash `720c5908814617b360a7243f65a1ff3388a848215597dd763815fba0ab4c3f72` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Cache-Control public, max-age=0 Content-Length 667 Content-Type text/html; charset=UTF-8 Date Wed, 27 Nov 2024 13:29:58 GMT ETag W/"29b-1936c9bdbf0" Last-Modified Wed, 27 Nov 2024 07:52:54 GMT X-Powered-By Express
GET H/1.1	200 OK	main.97c2683b.js Show response cybersecurityportal.ch/static/js/	5 MB 5 MB	58ms 58ms	Script application/javascript	20.105.232.8 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cybersecurityportal.ch/static/js/main.97c2683b.js Requested by Host: cybersecurityportal.ch URL: https://cybersecurityportal.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.105.232.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express Resource Hash `ec36305061a7738ca3022b5ecc6912ff23a3f2d45984f33951d1db71416ccfaf` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://cybersecurityportal.ch/ Response headers Cache-Control public, max-age=0 ETag W/"5696eb-1936c9bdbf0" Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 5674731 Date Wed, 27 Nov 2024 13:29:58 GMT Content-Type application/javascript; charset=UTF-8 Last-Modified Wed, 27 Nov 2024 07:52:54 GMT X-Powered-By Express
GET H/1.1	200 OK	main.28b5aa09.css cybersecurityportal.ch/static/css/	441 B 741 B	192ms 84ms	Stylesheet text/css	20.105.232.8 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cybersecurityportal.ch/static/css/main.28b5aa09.css Requested by Host: cybersecurityportal.ch URL: https://cybersecurityportal.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.105.232.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express Resource Hash `158ba031918fbd50e512ad32c2c394862653be882b041118539b12c8d5397d3c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://cybersecurityportal.ch/ Response headers Cache-Control public, max-age=0 ETag W/"1b9-1936c9bdbf0" Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 441 Date Wed, 27 Nov 2024 13:29:58 GMT Content-Type text/css; charset=UTF-8 Last-Modified Wed, 27 Nov 2024 07:52:54 GMT X-Powered-By Express
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4d2396447f6a31b81f7abd98c14262207d21ca71fb17dede1957bb67ae70e4d0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H/1.1	200 OK	NotAuthenticated.ad79aa5f0928173ecb0a.png cybersecurityportal.ch/static/media/	69 KB 70 KB	50ms 50ms	Image image/png	20.105.232.8 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://cybersecurityportal.ch/static/media/NotAuthenticated.ad79aa5f0928173ecb0a.png Requested by Host: cybersecurityportal.ch URL: https://cybersecurityportal.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.105.232.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express Resource Hash `ac01116bb48e7d586a98ac6d81c6b86353c4f327b0c60947b35dbc5b9caebd12` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://cybersecurityportal.ch/ Response headers Cache-Control public, max-age=0 ETag W/"11515-1936c9bdbf0" Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 70933 Date Wed, 27 Nov 2024 13:30:00 GMT Content-Type image/png Last-Modified Wed, 27 Nov 2024 07:52:54 GMT X-Powered-By Express
GET H2	200	segoeui-semibold.woff2 static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/	31 KB 32 KB	173ms 76ms	Font application/font-woff2	2a02:26f0:3500:c89::33e7 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2 Requested by Host: cybersecurityportal.ch URL: https://cybersecurityportal.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:c89::33e7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://cybersecurityportal.ch Referer https://cybersecurityportal.ch/ Response headers content-md5 ZtEeVbekE932qE6Fhpfntg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=23563193 x-ms-version 2009-09-19 x-ms-lease-status unlocked etag 0x8D51CA4122953A7 x-ms-request-id 1b5a0a60-d01e-004f-343a-5ef779000000 access-control-allow-origin * content-length 31824 date Wed, 27 Nov 2024 13:30:00 GMT content-type application/font-woff2 last-modified Thu, 26 Oct 2017 19:02:14 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-blob-type BlockBlob
GET H2	200	segoeui-regular.woff2 static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/	35 KB 36 KB	130ms 33ms	Font application/font-woff2	2a02:26f0:3500:c89::33e7 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Full URL https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2 Requested by Host: cybersecurityportal.ch URL: https://cybersecurityportal.ch/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:c89::33e7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://cybersecurityportal.ch Referer https://cybersecurityportal.ch/ Response headers content-md5 hl8dtlRfyUovRETdYOe7xg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=23602247 x-ms-version 2009-09-19 x-ms-lease-status unlocked etag 0x8D522163B704E10 x-ms-request-id 18be8bfe-701e-0034-47ac-5eb5e5000000 access-control-allow-origin * content-length 36344 date Wed, 27 Nov 2024 13:30:00 GMT content-type application/font-woff2 last-modified Thu, 02 Nov 2017 17:22:02 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-blob-type BlockBlob
GET H/1.1	200 OK	favicon.ico cybersecurityportal.ch/	27 KB 27 KB	42ms 42ms	Other image/x-icon	20.105.232.8 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cybersecurityportal.ch/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.105.232.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Express Resource Hash `51327f0f8d04ea6310abd0fea01c60d25a47979952cd22a46d799059e0c5d836` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://cybersecurityportal.ch/ Response headers Cache-Control public, max-age=0 ETag W/"6b2e-1936c9bdbf0" Accept-Ranges bytes Access-Control-Allow-Origin * Content-Length 27438 Date Wed, 27 Nov 2024 13:30:01 GMT Content-Type image/x-icon Last-Modified Wed, 27 Nov 2024 07:52:54 GMT X-Powered-By Express

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cybersecurityportal.ch
static2.sharepointonline.com
20.105.232.8
2a02:26f0:3500:c89::33e7
158ba031918fbd50e512ad32c2c394862653be882b041118539b12c8d5397d3c
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
4d2396447f6a31b81f7abd98c14262207d21ca71fb17dede1957bb67ae70e4d0
51327f0f8d04ea6310abd0fea01c60d25a47979952cd22a46d799059e0c5d836
720c5908814617b360a7243f65a1ff3388a848215597dd763815fba0ab4c3f72
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
ac01116bb48e7d586a98ac6d81c6b86353c4f327b0c60947b35dbc5b9caebd12
ec36305061a7738ca3022b5ecc6912ff23a3f2d45984f33951d1db71416ccfaf

cybersecurityportal.ch Open in urlscan Pro 20.105.232.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

5708 kBTransfer

5714 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Indicators

cybersecurityportal.ch Open in urlscan Pro
20.105.232.8 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

5708 kB
Transfer

5714 kB
Size

0
Cookies

7 HTTP transactions
1 data transactions