contactswissline.com Open in urlscan Pro
66.29.141.130 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.domidje.com/SaBj3B52yrJn8rUFwr97Cqjle4NXlpcyIi1dRmstHE1O7VmncqgpXenYbB0sWXpU8OZk9l7G5tuAr/
Effective URL:
https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228
Submission: On August 11 via automatic, source openphish (August 11th 2021, 1:56:23 am UTC)

Summary HTTP 22 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 66.29.141.130, located in United States and belongs to NAMECHEAP-NET, US. The main domain is contactswissline.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 10th 2021. Valid for: a year.

This is the only time contactswissline.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Swisscom (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:813::2013	15169 (GOOGLE) (GOOGLE)
1 21	66.29.141.130 66.29.141.130	22612 (NAMECHEAP...) (NAMECHEAP-NET)
22	2

1 2a00:1450:4001:813::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.domidje.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 66.29.141.130 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: premium214-1.web-hosting.com

contactswissline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	contactswissline.com 1 redirects contactswissline.com	179 KB
1	domidje.com 1 redirects www.domidje.com	224 B
0	bluewin.ch Failed service-login.sso.bluewin.ch Failed
22	3

	Domain	Requested by
21	contactswissline.com	1 redirects contactswissline.com
1	www.domidje.com	1 redirects
0	service-login.sso.bluewin.ch Failed	contactswissline.com
22	3

This site contains links to these domains. Also see Links.

Domain
service-login.sso.bluewin.ch
www.swisscom.ch

Subject Issuer	Validity	Valid
contactswissline.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-10` - `2022-08-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228
Frame ID: E2912591B67C8EFD8D18BD74052FE785
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.domidje.com/SaBj3B52yrJn8rUFwr97Cqjle4NXlpcyIi1dRmstHE1O7VmncqgpXenYbB0sWXpU8OZk9l7G5tuAr/ HTTP 302
https://contactswissline.com/ HTTP 302
https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

22
Requests

91 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

179 kB
Transfer

797 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://service-login.sso.bluewin.ch/
Title:

Search URL Search Domain Scan URL

URL: https://www.swisscom.ch/de/privatkunden/hilfe/daten-und-rechnungen/das-swisscom-login.html
Title: Über Swisscom Login

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.domidje.com/SaBj3B52yrJn8rUFwr97Cqjle4NXlpcyIi1dRmstHE1O7VmncqgpXenYbB0sWXpU8OZk9l7G5tuAr/ HTTP 302
https://contactswissline.com/ HTTP 302
https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.php Show response contactswissline.com/185.236.201.228/ Redirect Chain http://www.domidje.com/SaBj3B52yrJn8rUFwr97Cqjle4NXlpcyIi1dRmstHE1O7VmncqgpXenYbB0sWXpU8OZk9l7G5tuAr/ https://contactswissline.com/ https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228	22 KB 4 KB	2696ms 2696ms	Document text/html	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / PHP/7.2.34 Resource Hash `4356fbd5d578380200dc61543901c830a60cd80c0d6d543aa5577ba810d933c6` Request headers :method GET :authority contactswissline.com :scheme https :path /185.236.201.228/index.php?ip=185.236.201.228 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:00 GMT server Apache x-powered-by PHP/7.2.34 vary Accept-Encoding content-encoding gzip content-length 4155 content-type text/html; charset=UTF-8 Redirect headers date Wed, 11 Aug 2021 01:55:57 GMT server Apache x-powered-by PHP/7.2.34 location 185.236.201.228/index.php?ip=185.236.201.228 content-length 0 content-type text/html; charset=UTF-8
GET H2	200	commons.css contactswissline.com/185.236.201.228/index_files/	351 KB 44 KB	835ms 834ms	Stylesheet text/css	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/index_files/commons.css Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash `5ad15e30f915778a7f512d442dd2e6aad992f1e0aa44dbcd3b3a19ba7002f324` Request headers :path /185.236.201.228/index_files/commons.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 :scheme https sec-fetch-site same-origin :method GET Referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:03 GMT content-encoding gzip last-modified Wed, 11 Aug 2021 01:56:00 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 44831
GET H2	200	password.css contactswissline.com/185.236.201.228/index_files/	223 B 300 B	179ms 179ms	Stylesheet text/css	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/index_files/password.css Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash `5b852a24046a17a29ddca92bee7b9f7f8cef9d770154ce3b12c7456239e1aba9` Request headers :path /185.236.201.228/index_files/password.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 :scheme https sec-fetch-site same-origin :method GET Referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:03 GMT content-encoding gzip last-modified Wed, 11 Aug 2021 01:56:00 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 157
GET H2	200	webcomponents_002.js Show response contactswissline.com/185.236.201.228/index_files/	23 KB 9 KB	502ms 502ms	Script application/javascript	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/index_files/webcomponents_002.js Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash `a2d412121620524a5a34997c31f2ea9cf9fcb5c4f7b8a4e73afe88e8a4988c1c` Request headers :path /185.236.201.228/index_files/webcomponents_002.js pragma no-cache origin https://contactswissline.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest script :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 :scheme https sec-fetch-site same-origin :method GET Origin https://contactswissline.com Referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:03 GMT content-encoding gzip last-modified Wed, 11 Aug 2021 01:56:00 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 9412
GET H2	200	myswisscom_logo.png contactswissline.com/185.236.201.228/index_files/	1 KB 1 KB	1624ms 1624ms	Image image/png	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://contactswissline.com/185.236.201.228/index_files/myswisscom_logo.png Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash `1573af38d48a35675d955142f69dcc06c6e5d5b78193f86763d2750f39770d6b` Request headers :path /185.236.201.228/index_files/myswisscom_logo.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 :scheme https sec-fetch-site same-origin :method GET Referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:03 GMT last-modified Wed, 11 Aug 2021 01:56:00 GMT server Apache accept-ranges bytes content-length 1274 content-type image/png
GET H2	200	webcomponents.js Show response contactswissline.com/185.236.201.228/index_files/	2 KB 1 KB	501ms 500ms	Script application/javascript	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/index_files/webcomponents.js Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash `3b3d4c57d3694575c88a29fb1c9faad1a6e361778ba705dbe017e699fbe4a79d` Request headers :path /185.236.201.228/index_files/webcomponents.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 :scheme https sec-fetch-site same-origin :method GET Referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:03 GMT content-encoding gzip last-modified Wed, 11 Aug 2021 01:56:00 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1049
GET H2	200	commons.js Show response contactswissline.com/185.236.201.228/index_files/	383 KB 107 KB	1316ms 1316ms	Script application/javascript	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/index_files/commons.js Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash `a482ff648905575cfbe2e0a4dbb570441656fc8715e86ed8796f99ea5f1d345c` Request headers :path /185.236.201.228/index_files/commons.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 :scheme https sec-fetch-site same-origin :method GET Referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:03 GMT content-encoding gzip last-modified Wed, 11 Aug 2021 01:56:00 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript
GET H2	200	login-layout.js Show response contactswissline.com/185.236.201.228/index_files/	4 KB 2 KB	500ms 500ms	Script application/javascript	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/index_files/login-layout.js Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash `231fefe41695871b5d409e94c22520bafb7ba46d37071ab956ba73f9ad0f1905` Request headers :path /185.236.201.228/index_files/login-layout.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 :scheme https sec-fetch-site same-origin :method GET Referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:03 GMT content-encoding gzip last-modified Wed, 11 Aug 2021 01:56:00 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1550
GET H2	200	password.js Show response contactswissline.com/185.236.201.228/index_files/	2 KB 1 KB	1634ms 1634ms	Script application/javascript	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/index_files/password.js Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash `8cd1ddd3283f6cd5ac76b3bcc3a0b839431659ad65f024dca082234f84773257` Request headers :path /185.236.201.228/index_files/password.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 :scheme https sec-fetch-site same-origin :method GET Referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:03 GMT content-encoding gzip last-modified Wed, 11 Aug 2021 01:56:00 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1108
GET H2	404	webcomponents.lgd0guuk.js contactswissline.com/185.236.201.228/index_files/webcomponents/	0 0	1279ms 1279ms	Script text/html	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/index_files/webcomponents/webcomponents.lgd0guuk.js Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index_files/webcomponents.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash Request headers :path /185.236.201.228/index_files/webcomponents/webcomponents.lgd0guuk.js pragma no-cache origin https://contactswissline.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest script :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 :scheme https sec-fetch-site same-origin :method GET Origin https://contactswissline.com Referer https://contactswissline.com/185.236.201.228/index.php?ip=185.236.201.228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:04 GMT server Apache accept-ranges bytes content-type text/html
GET H2	404	lifeform-spritesheet.png contactswissline.com/185.236.201.228/	8 KB 8 KB	1430ms 1429ms	Image text/html	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://contactswissline.com/185.236.201.228/lifeform-spritesheet.png Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index_files/commons.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash `4d7dbd47e9f1fe848206e59ae17847dfc50cf29f2a6dc4ab328f1d0dd59f5cc9` Request headers :path /185.236.201.228/lifeform-spritesheet.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index_files/commons.css :scheme https sec-fetch-site same-origin :method GET Referer https://contactswissline.com/185.236.201.228/index_files/commons.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:04 GMT server Apache accept-ranges bytes content-type text/html
GET H2	404	TheSansB_400_.woff2 contactswissline.com/185.236.201.228/	0 0	1430ms 1430ms	Font text/html	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/TheSansB_400_.woff2 Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index_files/commons.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash Request headers :path /185.236.201.228/TheSansB_400_.woff2 pragma no-cache origin https://contactswissline.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index_files/commons.css :scheme https sec-fetch-site same-origin :method GET Origin https://contactswissline.com Referer https://contactswissline.com/185.236.201.228/index_files/commons.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:04 GMT server Apache accept-ranges bytes content-type text/html
GET H2	404	sdx-icons.woff2 contactswissline.com/185.236.201.228/	0 0	1436ms 1436ms	Font text/html	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/sdx-icons.woff2 Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index_files/commons.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash Request headers :path /185.236.201.228/sdx-icons.woff2 pragma no-cache origin https://contactswissline.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index_files/commons.css :scheme https sec-fetch-site same-origin :method GET Origin https://contactswissline.com Referer https://contactswissline.com/185.236.201.228/index_files/commons.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:04 GMT server Apache accept-ranges bytes content-type text/html
GET H2	404	TheSansB_300_.woff2 contactswissline.com/185.236.201.228/	0 0	1602ms 1601ms	Font text/html	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/TheSansB_300_.woff2 Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index_files/commons.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash Request headers :path /185.236.201.228/TheSansB_300_.woff2 pragma no-cache origin https://contactswissline.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index_files/commons.css :scheme https sec-fetch-site same-origin :method GET Origin https://contactswissline.com Referer https://contactswissline.com/185.236.201.228/index_files/commons.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:04 GMT server Apache accept-ranges bytes content-type text/html
GET		ty0ne4z6.entry.js service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/	0 0

GET		mibbflfq.entry.js service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/	0 0

GET H2	404	TheSansB_400_.woff contactswissline.com/185.236.201.228/	0 0	329ms 328ms	Font text/html	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/TheSansB_400_.woff Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index_files/commons.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash Request headers :path /185.236.201.228/TheSansB_400_.woff pragma no-cache origin https://contactswissline.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index_files/commons.css :scheme https sec-fetch-site same-origin :method GET Origin https://contactswissline.com Referer https://contactswissline.com/185.236.201.228/index_files/commons.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:06 GMT server Apache accept-ranges bytes content-type text/html
GET H2	404	sdx-icons.woff contactswissline.com/185.236.201.228/	0 0	337ms 335ms	Font text/html	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/sdx-icons.woff Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index_files/commons.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash Request headers :path /185.236.201.228/sdx-icons.woff pragma no-cache origin https://contactswissline.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index_files/commons.css :scheme https sec-fetch-site same-origin :method GET Origin https://contactswissline.com Referer https://contactswissline.com/185.236.201.228/index_files/commons.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:06 GMT server Apache accept-ranges bytes content-type text/html
GET H2	404	TheSansB_300_.woff contactswissline.com/185.236.201.228/	0 0	321ms 321ms	Font text/html	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/TheSansB_300_.woff Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index_files/commons.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash Request headers :path /185.236.201.228/TheSansB_300_.woff pragma no-cache origin https://contactswissline.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index_files/commons.css :scheme https sec-fetch-site same-origin :method GET Origin https://contactswissline.com Referer https://contactswissline.com/185.236.201.228/index_files/commons.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:06 GMT server Apache accept-ranges bytes content-type text/html
GET H2	404	TheSansB_400_.ttf contactswissline.com/185.236.201.228/	0 0	182ms 181ms	Font text/html	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/TheSansB_400_.ttf Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index_files/commons.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash Request headers :path /185.236.201.228/TheSansB_400_.ttf pragma no-cache origin https://contactswissline.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index_files/commons.css :scheme https sec-fetch-site same-origin :method GET Origin https://contactswissline.com Referer https://contactswissline.com/185.236.201.228/index_files/commons.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:06 GMT server Apache accept-ranges bytes content-type text/html
GET H2	404	sdx-icons.ttf contactswissline.com/185.236.201.228/	0 0	324ms 324ms	Font text/html	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/sdx-icons.ttf Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index_files/commons.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash Request headers :path /185.236.201.228/sdx-icons.ttf pragma no-cache origin https://contactswissline.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index_files/commons.css :scheme https sec-fetch-site same-origin :method GET Origin https://contactswissline.com Referer https://contactswissline.com/185.236.201.228/index_files/commons.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:06 GMT server Apache accept-ranges bytes content-type text/html
GET H2	404	TheSansB_300_.ttf contactswissline.com/185.236.201.228/	0 0	728ms 727ms	Font text/html	66.29.141.130 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://contactswissline.com/185.236.201.228/TheSansB_300_.ttf Requested by Host: contactswissline.com URL: https://contactswissline.com/185.236.201.228/index_files/commons.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.29.141.130 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium214-1.web-hosting.com Software Apache / Resource Hash Request headers :path /185.236.201.228/TheSansB_300_.ttf pragma no-cache origin https://contactswissline.com accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept / cache-control no-cache sec-fetch-dest font :authority contactswissline.com referer https://contactswissline.com/185.236.201.228/index_files/commons.css :scheme https sec-fetch-site same-origin :method GET Origin https://contactswissline.com Referer https://contactswissline.com/185.236.201.228/index_files/commons.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Aug 2021 01:56:07 GMT server Apache accept-ranges bytes content-type text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: service-login.sso.bluewin.ch
URL: https://service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/ty0ne4z6.entry.js

Domain: service-login.sso.bluewin.ch
URL: https://service-login.sso.bluewin.ch/node_modules/sdx/dist/js/webcomponents/webcomponents/mibbflfq.entry.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swisscom (Telecommunication)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

contactswissline.com
service-login.sso.bluewin.ch
www.domidje.com
service-login.sso.bluewin.ch
2a00:1450:4001:813::2013
66.29.141.130
1573af38d48a35675d955142f69dcc06c6e5d5b78193f86763d2750f39770d6b
231fefe41695871b5d409e94c22520bafb7ba46d37071ab956ba73f9ad0f1905
3b3d4c57d3694575c88a29fb1c9faad1a6e361778ba705dbe017e699fbe4a79d
4356fbd5d578380200dc61543901c830a60cd80c0d6d543aa5577ba810d933c6
4d7dbd47e9f1fe848206e59ae17847dfc50cf29f2a6dc4ab328f1d0dd59f5cc9
5ad15e30f915778a7f512d442dd2e6aad992f1e0aa44dbcd3b3a19ba7002f324
5b852a24046a17a29ddca92bee7b9f7f8cef9d770154ce3b12c7456239e1aba9
8cd1ddd3283f6cd5ac76b3bcc3a0b839431659ad65f024dca082234f84773257
a2d412121620524a5a34997c31f2ea9cf9fcb5c4f7b8a4e73afe88e8a4988c1c
a482ff648905575cfbe2e0a4dbb570441656fc8715e86ed8796f99ea5f1d345c

contactswissline.com Open in urlscan Pro 66.29.141.130 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

91 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

179 kBTransfer

797 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

44 JavaScript Global Variables

0 Cookies

Indicators

contactswissline.com Open in urlscan Pro
66.29.141.130 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

179 kB
Transfer

797 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!