post-ch-suivi.com
Open in
urlscan Pro
193.222.96.65
Malicious Activity!
Public Scan
Effective URL: https://post-ch-suivi.com/swisspost/app/
Submission: On July 08 via manual from CH — Scanned from CH
Summary
TLS certificate: Issued by R10 on July 5th 2024. Valid for: 3 months.
This is the only time post-ch-suivi.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Swiss Post (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 13 | 193.222.96.65 193.222.96.65 | 215208 (DOLPHINNE...) (DOLPHINNETWORKS) | |
13 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
post-ch-suivi.com
2 redirects
post-ch-suivi.com |
37 KB |
0 |
swissid.ch
Failed
login.swissid.ch Failed |
|
0 |
post.ch
Failed
service.post.ch Failed |
|
13 | 3 |
Domain | Requested by | |
---|---|---|
13 | post-ch-suivi.com |
2 redirects
post-ch-suivi.com
|
0 | login.swissid.ch Failed | |
0 | service.post.ch Failed | |
13 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
post-ch-suivi.com R10 |
2024-07-05 - 2024-10-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://post-ch-suivi.com/swisspost/app/
Frame ID: E9D0C447314804791F88E27C31D047D6
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Swiss PostPage URL History Show full URLs
-
https://post-ch-suivi.com/swisspost
HTTP 301
https://post-ch-suivi.com/swisspost/ HTTP 302
https://post-ch-suivi.com/swisspost/app/ Page URL
Detected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://post-ch-suivi.com/swisspost
HTTP 301
https://post-ch-suivi.com/swisspost/ HTTP 302
https://post-ch-suivi.com/swisspost/app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
post-ch-suivi.com/swisspost/app/ Redirect Chain
|
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
post-ch-suivi.com/swisspost/app/styles/css/ |
335 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Arrow_Back.91b517ca.svg
post-ch-suivi.com/swisspost/app/styles/img/ |
709 B 882 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-die-post-fr.3fa6ffb4.svg
post-ch-suivi.com/swisspost/app/styles/img/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Close.2c3ffcb1.svg
post-ch-suivi.com/swisspost/app/styles/img/ |
727 B 900 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background-circle-post.446ace4d.svg
post-ch-suivi.com/swisspost/app/styles/img/ |
200 B 372 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SwissSignCircularWeb-Bold.c6a5de6b.woff2
post-ch-suivi.com/login/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SwissSignCircularWeb-Regular.3938e032.woff2
post-ch-suivi.com/login/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Arrow_Forward.553777b7.svg
post-ch-suivi.com/swisspost/app/styles/img/ |
656 B 829 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SwissSignCircularWeb-Regular.1f0db59a.woff
post-ch-suivi.com/login/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SwissSignCircularWeb-Bold.3a3e400d.woff
post-ch-suivi.com/login/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon-32x32.png
service.post.ch//login/img/icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon-16x16.png
login.swissid.ch/login/img/icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- service.post.ch
- URL
- https://service.post.ch//login/img/icons/favicon-32x32.png
- Domain
- login.swissid.ch
- URL
- https://login.swissid.ch/login/img/icons/favicon-16x16.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Swiss Post (Transportation)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.swissid.ch
post-ch-suivi.com
service.post.ch
login.swissid.ch
service.post.ch
193.222.96.65
02bccc8398397aecd364759ddae4c4c1a018f989d288d5062ad841bc6fe3ab14
0e9f6842b9430ba79c50e8ec9da03698ccf9eea37f88edf6d6120cae9b7a9f1b
37b67a8de94c83feecc63858b3a6f837a5355492ea0fdf08d98893d9a98ef046
77bfbdb8c94b4dcc24c89b9a0d518f6fa920d75b7ad83d3ef5308dda55b87631
7aa1e865ad399a65e1f8d3ab8095b62c3ba7aa7fd0ad1fe240e5e0ee7988e1c0
8a85794149411e3b75e50228a9e7632135f5295788f431ec6339cc0f5564cb91
a76691ee82e86d542ebed6028085ba9237139af839f9f1ef752983c236215a3c