https://www.sportsbasementswim.com/
104.21.76.181 · Cloudflare, Inc.
Toronto, Canada
22 days
200 · 43.8s
Valid· E7, Let's Encrypt, US
COMPLETED
Linked Phishing Report
This scan is attached to a vendor submission report
Brand
Sports Basement
Vendors
3/3
Status
completed
Registered-domain escalation
Submit sportsbasementswim.com as the primary IOC, enriched with evidence from hostile subdomains like www.sportsbasementswim.com.
No KB/IOK detections were recorded for this scan.
E-Commerce · 7/19/2026
The page presents branding for Sports Basement with Finnish language branding and a Sports Basement logo, but the registered domain is www.sportsbasementswim.com, a newly created domain (22 days old) with a Let's Encrypt certificate. The page contains a login form and password fields in static HTML, and numerous assets and endpoints that suggest a dynamic e-commerce site. However, the domain name differs from the visible brand, indicating potential impersonation or misalignment between domain and branding. No definitive credential harvesting or malware delivery is observed in the data provided, but the combination of a first-party login surface on a recently created domain with impersonation-like branding warrants caution and further investigation.
Capture
Stages: 2
Canonical: Settled Render
Changed: No
Credential Signals
Forms: 5
Password fields: 2
Late-stage login UI: No
Resource Signals
Resources: 70
Hosts: 2
Domains: 2
Suspicious Endpoints
hxxps://www[.]sportsbasementswim[.]com/
No suspicious indicators identified
The domain sportsbasementswim.com is a newly registered host that uses a legitimate CA and Cloudflare fronting. The page visually clones a recognizable brand (Sports Basement) but the domain name does not match the official brand domain, which constitutes a strong impersonation indicator. The presence of a login form and password field on a domain that is newly registered raises risk of credential harvesting if users are directed to this site. However, the evidence does not conclusively show active credential theft at this time; it warrants heightened monitoring and potentially takedown actions if further signals confirm credential capture attempts or misrepresentation at scale.
Monitor