srv70.hostserv.co.za Open in urlscan Pro
41.185.8.68 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/
Submission: On March 13 via manual (March 13th 2024, 1:34:26 am UTC) from DZ — Scanned from DE

Summary HTTP 22 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 22 HTTP transactions. The main IP is 41.185.8.68, located in South Africa and belongs to ZA-1-Grid, ZA. The main domain is srv70.hostserv.co.za.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 24th 2024. Valid for: 3 months.

This is the only time srv70.hostserv.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Swisscom (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
20	41.185.8.68 41.185.8.68		36943 (ZA-1-Grid) (ZA-1-Grid)
22	2

20 41.185.8.68 (South Africa)

ASN36943 (ZA-1-Grid, ZA)
PTR: srv70.hostserv.co.za

srv70.hostserv.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	hostserv.co.za srv70.hostserv.co.za	795 KB
0	bluewin.ch Failed service-login.sso.bluewin.ch Failed
22	2

	Domain	Requested by
20	srv70.hostserv.co.za	srv70.hostserv.co.za
0	service-login.sso.bluewin.ch Failed	srv70.hostserv.co.za
22	2

This site contains links to these domains. Also see Links.

Domain
service-login.sso.bluewin.ch
www.swisscom.ch

Subject Issuer	Validity	Valid
srv70.hostserv.co.za cPanel, Inc. Certification Authority	`2024-01-24` - `2024-04-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/
Frame ID: CF89A7B04D8211FB484633A95353D6C9
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Swisscom Login

Page Statistics

22
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

795 kB
Transfer

792 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://service-login.sso.bluewin.ch/

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/de/privatkunden/hilfe/daten-und-rechnungen/das-swisscom-login.html
Title: Über Swisscom Login

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/	22 KB 22 KB	705ms 177ms	Document text/html	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / PHP/7.0.33 Resource Hash `1144829a9ad0289481915946a961245b8b88402d635a2e7bca9e3e589903c243` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Wed, 13 Mar 2024 01:34:21 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked X-Powered-By PHP/7.0.33
GET H/1.1	200 OK	commons.css srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/	351 KB 351 KB	321ms 165ms	Stylesheet text/css	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash `5ad15e30f915778a7f512d442dd2e6aad992f1e0aa44dbcd3b3a19ba7002f324` Request headers accept-language de-DE,de;q=0.9 Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:21 GMT Last-Modified Mon, 04 Jan 2021 07:28:44 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 358978
GET H/1.1	200 OK	password.css srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/	223 B 464 B	498ms 167ms	Stylesheet text/css	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/password.css Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash `5b852a24046a17a29ddca92bee7b9f7f8cef9d770154ce3b12c7456239e1aba9` Request headers accept-language de-DE,de;q=0.9 Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:21 GMT Last-Modified Mon, 04 Jan 2021 07:28:44 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 223
GET H/1.1	200 OK	webcomponents_002.js Show response srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/	23 KB 24 KB	499ms 167ms	Script application/javascript	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/webcomponents_002.js Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash `a2d412121620524a5a34997c31f2ea9cf9fcb5c4f7b8a4e73afe88e8a4988c1c` Request headers Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ Origin https://srv70.hostserv.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:21 GMT Last-Modified Mon, 04 Jan 2021 07:28:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 23905
GET H/1.1	200 OK	myswisscom_logo.png srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/	1 KB 1 KB	535ms 172ms	Image image/png	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/myswisscom_logo.png Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash `1573af38d48a35675d955142f69dcc06c6e5d5b78193f86763d2750f39770d6b` Request headers accept-language de-DE,de;q=0.9 Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:21 GMT Last-Modified Mon, 04 Jan 2021 07:28:44 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1274
GET H/1.1	200 OK	webcomponents.js Show response srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/	2 KB 2 KB	384ms 169ms	Script application/javascript	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/webcomponents.js Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash `3b3d4c57d3694575c88a29fb1c9faad1a6e361778ba705dbe017e699fbe4a79d` Request headers accept-language de-DE,de;q=0.9 Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:21 GMT Last-Modified Mon, 04 Jan 2021 07:28:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2199
GET H/1.1	200 OK	commons.js Show response srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/	383 KB 383 KB	508ms 167ms	Script application/javascript	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.js Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash `a482ff648905575cfbe2e0a4dbb570441656fc8715e86ed8796f99ea5f1d345c` Request headers accept-language de-DE,de;q=0.9 Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:21 GMT Last-Modified Mon, 04 Jan 2021 07:28:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 392224
GET H/1.1	200 OK	login-layout.js Show response srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/	4 KB 4 KB	193ms 172ms	Script application/javascript	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/login-layout.js Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash `231fefe41695871b5d409e94c22520bafb7ba46d37071ab956ba73f9ad0f1905` Request headers accept-language de-DE,de;q=0.9 Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:21 GMT Last-Modified Mon, 04 Jan 2021 07:28:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3648
GET H/1.1	200 OK	password.js Show response srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/	2 KB 3 KB	169ms 168ms	Script application/javascript	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/password.js Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash `8cd1ddd3283f6cd5ac76b3bcc3a0b839431659ad65f024dca082234f84773257` Request headers accept-language de-DE,de;q=0.9 Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:21 GMT Last-Modified Mon, 04 Jan 2021 07:28:44 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2539
GET H/1.1	404 Not Found	webcomponents.lgd0guuk.js srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/webcomponents/	0 0	163ms 163ms	Script text/html	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/webcomponents/webcomponents.lgd0guuk.js Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/webcomponents.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash Request headers Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/ Origin https://srv70.hostserv.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:22 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	lifeform-spritesheet.png srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/	4 KB 4 KB	170ms 170ms	Image text/html	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/lifeform-spritesheet.png Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash `b60274d418e2efc43f055492c6da37ef3c591ca6414ad4a348679131707a8d67` Request headers accept-language de-DE,de;q=0.9 Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:22 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	TheSansB_400_.woff2 srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/	0 0	172ms 172ms	Font text/html	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/TheSansB_400_.woff2 Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash Request headers Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Origin https://srv70.hostserv.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:22 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	sdx-icons.woff2 srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/	0 0	174ms 174ms	Font text/html	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/sdx-icons.woff2 Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash Request headers Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Origin https://srv70.hostserv.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:22 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	TheSansB_300_.woff2 srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/	0 0	168ms 168ms	Font text/html	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/TheSansB_300_.woff2 Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash Request headers Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Origin https://srv70.hostserv.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:22 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	TheSansB_300_.woff srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/	0 0	165ms 163ms	Font text/html	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/TheSansB_300_.woff Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash Request headers Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Origin https://srv70.hostserv.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:22 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	TheSansB_400_.woff srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/	0 0	170ms 169ms	Font text/html	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/TheSansB_400_.woff Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash Request headers Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Origin https://srv70.hostserv.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:22 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	sdx-icons.woff srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/	0 0	172ms 172ms	Font text/html	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/sdx-icons.woff Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash Request headers Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Origin https://srv70.hostserv.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:22 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	TheSansB_300_.ttf srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/	0 0	174ms 174ms	Font text/html	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/TheSansB_300_.ttf Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash Request headers Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Origin https://srv70.hostserv.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:22 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	TheSansB_400_.ttf srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/	0 0	163ms 163ms	Font text/html	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/TheSansB_400_.ttf Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash Request headers Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Origin https://srv70.hostserv.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:22 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	sdx-icons.ttf srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/	0 0	174ms 173ms	Font text/html	41.185.8.68 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/sdx-icons.ttf Requested by Host: srv70.hostserv.co.za URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 41.185.8.68 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv70.hostserv.co.za Software Apache / Resource Hash Request headers Referer https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/commons.css Origin https://srv70.hostserv.co.za accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 01:34:22 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Transfer-Encoding chunked Content-Type text/html
GET		ty0ne4z6.entry.js service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/	0 0

GET		mibbflfq.entry.js service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: service-login.sso.bluewin.ch
URL: https://service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ty0ne4z6.entry.js

Domain: service-login.sso.bluewin.ch
URL: https://service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/mibbflfq.entry.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swisscom (Telecommunication)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/index_files/webcomponents/webcomponents.lgd0guuk.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/TheSansB_300_.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/lifeform-spritesheet.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/TheSansB_400_.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/sdx-icons.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/TheSansB_300_.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/TheSansB_400_.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/sdx-icons.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/TheSansB_400_.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/TheSansB_300_.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://srv70.hostserv.co.za/~ngheld25/-/ch/z0n51/sdx-icons.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ty0ne4z6.entry.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/mibbflfq.entry.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

service-login.sso.bluewin.ch
srv70.hostserv.co.za
service-login.sso.bluewin.ch
41.185.8.68
1144829a9ad0289481915946a961245b8b88402d635a2e7bca9e3e589903c243
1573af38d48a35675d955142f69dcc06c6e5d5b78193f86763d2750f39770d6b
231fefe41695871b5d409e94c22520bafb7ba46d37071ab956ba73f9ad0f1905
3b3d4c57d3694575c88a29fb1c9faad1a6e361778ba705dbe017e699fbe4a79d
5ad15e30f915778a7f512d442dd2e6aad992f1e0aa44dbcd3b3a19ba7002f324
5b852a24046a17a29ddca92bee7b9f7f8cef9d770154ce3b12c7456239e1aba9
8cd1ddd3283f6cd5ac76b3bcc3a0b839431659ad65f024dca082234f84773257
a2d412121620524a5a34997c31f2ea9cf9fcb5c4f7b8a4e73afe88e8a4988c1c
a482ff648905575cfbe2e0a4dbb570441656fc8715e86ed8796f99ea5f1d345c
b60274d418e2efc43f055492c6da37ef3c591ca6414ad4a348679131707a8d67

srv70.hostserv.co.za Open in urlscan Pro 41.185.8.68 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

22 Requests

91 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

795 kBTransfer

792 kBSize

0 Cookies

2 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

33 JavaScript Global Variables

0 Cookies

13 Console Messages

Indicators

srv70.hostserv.co.za Open in urlscan Pro
41.185.8.68 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

795 kB
Transfer

792 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!