estv-adminlogin.selfip.com Open in urlscan Pro
37.128.146.44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://estv-adminlogin.selfip.com/d/2fdfbf8174e41e56eae2ea9075ace3ff/
Submission Tags: @phish_report
Submission: On November 13 via api (November 13th 2023, 2:57:53 pm UTC) from FI — Scanned from NL

Summary HTTP 20 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 37.128.146.44, located in Copenhagen, Denmark and belongs to ONECOM, DK. The main domain is estv-adminlogin.selfip.com.
TLS certificate: Issued by R3 on November 13th 2023. Valid for: 3 months.

This is the only time estv-adminlogin.selfip.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	37.128.146.44 37.128.146.44	51468 (ONECOM) (ONECOM)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
20	3

15 37.128.146.44 (Copenhagen, Denmark)

ASN51468 (ONECOM, DK)
PTR: vps-goldeneyes.holtesdesign.nl

estv-adminlogin.selfip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	selfip.com estv-adminlogin.selfip.com	510 KB
1	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 574	17 KB
0	admin.ch Failed chlogin.zd.eiam.admin.ch Failed
20	3

	Domain	Requested by
15	estv-adminlogin.selfip.com	estv-adminlogin.selfip.com
1	ssl.google-analytics.com	estv-adminlogin.selfip.com
0	chlogin.zd.eiam.admin.ch Failed	estv-adminlogin.selfip.com
20	3

This site contains links to these domains. Also see Links.

Domain
chlogin.zd.eiam.admin.ch
www.eiam.admin.ch
www.disclaimer.admin.ch

Subject Issuer	Validity	Valid
estv-adminlogin.selfip.com R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://estv-adminlogin.selfip.com/d/2fdfbf8174e41e56eae2ea9075ace3ff/
Frame ID: 574BF9A7E3DDB6DDF3279725BE8C80A5
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CH-LOGIN - Anmeldung

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

20
Requests

80 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

527 kB
Transfer

669 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://chlogin.zd.eiam.admin.ch/auth/saml2/broker/?login&language=de
Title: DE

Search URL Search Domain Scan URL

URL: https://chlogin.zd.eiam.admin.ch/auth/saml2/broker/?login&language=fr
Title: FR

Search URL Search Domain Scan URL

URL: https://chlogin.zd.eiam.admin.ch/auth/saml2/broker/?login&language=it
Title: IT

Search URL Search Domain Scan URL

URL: https://chlogin.zd.eiam.admin.ch/auth/saml2/broker/?login&language=en
Title: EN

Search URL Search Domain Scan URL

URL: https://www.eiam.admin.ch/support
Title: https://www.eiam.admin.ch/support

Search URL Search Domain Scan URL

URL: http://www.disclaimer.admin.ch/index.html
Title: Rechtliche Grundlagen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
estv-adminlogin.selfip.com/d/2fdfbf8174e41e56eae2ea9075ace3ff/ 18 KB
4 KB 296ms
61ms Document
text/html 37.128.146.44
ONECOM

General

Source	Level	URL Text
javascript	error	URL: https://estv-adminlogin.selfip.com/d/2fdfbf8174e41e56eae2ea9075ace3ff/ Message: Access to font at 'https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/6f4a128e881cb1ea0dc1.woff' from origin 'https://estv-adminlogin.selfip.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/6f4a128e881cb1ea0dc1.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://estv-adminlogin.selfip.com/d/2fdfbf8174e41e56eae2ea9075ace3ff/ Message: Access to font at 'https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/24a6611c28f373a0e1d7.ttf' from origin 'https://estv-adminlogin.selfip.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/24a6611c28f373a0e1d7.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://estv-adminlogin.selfip.com/d/2fdfbf8174e41e56eae2ea9075ace3ff/ Message: Access to font at 'https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/b1bd3d1473d4178b0cfe.woff' from origin 'https://estv-adminlogin.selfip.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/b1bd3d1473d4178b0cfe.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://estv-adminlogin.selfip.com/d/2fdfbf8174e41e56eae2ea9075ace3ff/ Message: Access to font at 'https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/1915080092b357172b50.woff' from origin 'https://estv-adminlogin.selfip.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://chlogin.zd.eiam.admin.ch/login/resources/nevislogrend/applications/arm_sso_chlogin/webdata/static/1915080092b357172b50.woff Message: Failed to load resource: net::ERR_FAILED

estv-adminlogin.selfip.com Open in urlscan Pro 37.128.146.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

80 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

527 kBTransfer

669 kBSize

0 Cookies

6 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

estv-adminlogin.selfip.com Open in urlscan Pro
37.128.146.44 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

80 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

527 kB
Transfer

669 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions