one-digitalservice.ch
Open in
urlscan Pro
217.111.139.8
Malicious Activity!
Public Scan
URL:
https://one-digitalservice.ch/start?flow=appActivation&otp=cdp5pYsN8LYEWRctvZ1qMNfE1fXwNdrbubDC2swcP8LCMEBJRDpRVnUNuUp2
Submission: On October 08 via manual from SE — Scanned from CH
Submission: On October 08 via manual from SE — Scanned from CH
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 14 HTTP transactions.
The main IP is 217.111.139.8, located in
Basel, Switzerland and
belongs to AS_VISECA, CH.
The main domain is one-digitalservice.ch.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 9th 2024. Valid for: a year.
This is the only time one-digitalservice.ch was scanned on urlscan.io!
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on August 9th 2024. Valid for: a year.
This is the only time one-digitalservice.ch was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Viseca (Financial)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 14 | 217.111.139.8 217.111.139.8 | 208305 (AS_VISECA) (AS_VISECA) | |
| 14 | 1 |
14
217.111.139.8
(Basel, Switzerland)
ASN208305 (AS_VISECA, CH)
PTR: one.viseca.ch
ASN208305 (AS_VISECA, CH)
PTR: one.viseca.ch
| one-digitalservice.ch |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 14 |
one-digitalservice.ch
one-digitalservice.ch |
719 KB |
| 14 | 1 |
| Domain | Requested by | |
|---|---|---|
| 14 | one-digitalservice.ch |
one-digitalservice.ch
|
| 14 | 1 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| itunes.apple.com |
| play.google.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| one-digitalservice.ch DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-08-09 - 2025-08-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://one-digitalservice.ch/start?flow=appActivation&otp=cdp5pYsN8LYEWRctvZ1qMNfE1fXwNdrbubDC2swcP8LCMEBJRDpRVnUNuUp2
Frame ID: 14850584A02AC3D9A8798A4A412EEAC3
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Konto einrichten | one Digital ServiceDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://itunes.apple.com/us/app/visecaone/id970439160?ls=1&mt=8
Title: App Store (iOS)
Title: App Store (iOS)
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=ch.viseca.visecaone
Title: Play Store (Android)
Title: Play Store (Android)
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
start
one-digitalservice.ch/ |
20 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
one-digitalservice.ch/register/css/ |
52 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
one.svg
one-digitalservice.ch/register/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
one-small.svg
one-digitalservice.ch/register/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modernizr-custom.js
one-digitalservice.ch/register/js/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.5.1.min.js
one-digitalservice.ch/register/js/ |
87 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.js
one-digitalservice.ch/register/js/ |
36 KB 37 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
content.js
one-digitalservice.ch/register/js/ |
196 B 628 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.main.js
one-digitalservice.ch/register/js/ |
427 KB 428 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ispin.js
one-digitalservice.ch/register/js/ |
995 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FrutigerLTStd-Roman.woff
one-digitalservice.ch/register/fonts/ |
17 KB 17 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FrutigerLTStd-Bold.woff
one-digitalservice.ch/register/fonts/ |
17 KB 17 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
FrutigerLTStd-Light.woff
one-digitalservice.ch/register/fonts/ |
17 KB 17 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
one-digitalservice.ch/register/images/favicons/ |
33 KB 33 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Viseca (Financial)64 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| APPLE_URL string| ANDROID_URL string| SCHEMA_URL object| Modernizr function| $ function| jQuery function| initInputValueCheck function| initCheckboxStateCheck function| initTouchNav function| initMultiLevelNav function| initHidePopoverOnClickOutside function| initKartenForm function| initAjaxSelect function| initAjaxCheckboxes function| initDateTextFields function| initBootstrapDatePickerRange function| initCardFieldValidation function| initAjaxTabsTB function| initCarousel function| initAutoShowAlerts function| initAddItems function| initInputMask function| initProgressAnimation function| initDisableScroll function| initCustomTabs function| stopVideosOnModalClose function| initAjaxModal function| initYoutubeOverlay function| playPauseIframeYoutube function| initBootstrapDatePicker function| initNavDrop function| initRegistrationCodeForm function| formSendAjax function| formOnAjaxSuccess function| initSimpleForm function| initSmsForm function| initFormValidation function| initCustomForms function| initTBResizeFix function| initMobileTable function| initFixedTable function| initPopover function| initCloseCollapse function| initRetinaCover function| initSlickCarousel function| initCustomHover function| initOpenClose function| TouchNav object| lib function| MultiLevelNav function| AjaxSelectContent function| AddCloneItem object| CssAnimationHelper object| ResponsiveHelper function| DisablePageScroll function| FixedTable object| jcf object| picturefillCFG function| picturefill function| Inputmask function| Hammer function| closePhishingAlert function| checkPhishingMessageVisibility function| doPost1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .one-digitalservice.ch/ | Name: AL_SESS-S Value: Afz7mTmRexwhhhqXkKMOeAVdREJeDDILP0xhoL7lJ4PzEg8S8Xn3DH_E0zxEjitZky2l |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=16070400 |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
one-digitalservice.ch
217.111.139.8
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5d29b073511e9f889a3207eddc6ddccd072a88c85202a22bd3bac1a6f4d419eb
6b41b9fb0b088fcc0ffe9ca96fb9d9de6bfe17eacc72aa3a9902fe9744b4ac7e
8b1ac825153c2c2e7321901e800fdaf9ca16e65aaf28d362698400ac3642b18b
8cfb7f5b639dd5a1c083545019adc8f2d0e0ccf31dba296f464a3f204cc85e72
91a08ef7a4c076bb3a4c313a0ef9808687a3cfb7ff6313bf459e9b5a1379f991
936fc24432cf7afee924f9319f392504d1ce085d34936e18005c042f4a0f94ad
aef8f90504b7057036c2b0ffaf37cbc7b4b8bf3f2689648e74d205731c503670
b0a09d0d09227b1e112d8b9ddca9c4343f5e1decd830a2c68d0bf9bd26d51c77
c486e27c1068d0df133271e24dc54496b115ae9c3b075c9230fb9d43d0f06f79
ca23b78fd83dca9de30029f7391667c348331c838c7968bfeb5abfc50d49300a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb6362a763530522388194bbaed02ecd8e806e41b2e9ae672fda8df5d9d9426b