urlscan.io logo urlscan.io
SecurityTrails logo

upbeat-chandrasekhar.67-23-166-125.plesk.page Open in urlscan Pro
67.23.166.125  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/XmHOq2O55C
Effective URL: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__afr...
Submission: On August 25 via automatic, source phishtank — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 67.23.166.125, located in Asheville, United States and belongs to IMMEDION, US. The main domain is upbeat-chandrasekhar.67-23-166-125.plesk.page.
TLS certificate: Issued by R11 on August 20th 2024. Valid for: 3 months.
This is the only time upbeat-chandrasekhar.67-23-166-125.plesk.page was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banque Postale (Banking)

Domain & IP information

IP Address AS Autonomous System
1 93.184.221.165 15133 (EDGECAST)
9 67.23.166.125 15085 (IMMEDION)
1 2a04:4e42::649 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.10.207 13335 (CLOUDFLAR...)
13 5
1    93.184.221.165 (London, United Kingdom)

ASN15133 (EDGECAST, US)
t.co
9    67.23.166.125 (Asheville, United States)

ASN15085 (IMMEDION, US)
PTR: us-avl-id-srv19.advancedserverdns.com
upbeat-chandrasekhar.67-23-166-125.plesk.page
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
Apex Domain
Subdomains		 Transfer
9 plesk.page
upbeat-chandrasekhar.67-23-166-125.plesk.page
881 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508
18 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
8 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
24 KB
1 t.co
t.co — Cisco Umbrella Rank: 979
669 B
13 5
Domain Requested by
9 upbeat-chandrasekhar.67-23-166-125.plesk.page t.co
upbeat-chandrasekhar.67-23-166-125.plesk.page
1 stackpath.bootstrapcdn.com upbeat-chandrasekhar.67-23-166-125.plesk.page
1 cdn.jsdelivr.net upbeat-chandrasekhar.67-23-166-125.plesk.page
1 code.jquery.com upbeat-chandrasekhar.67-23-166-125.plesk.page
1 t.co
13 5

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-08 -
2025-05-07		 a year crt.sh
upbeat-chandrasekhar.67-23-166-125.plesk.page
R11		 2024-08-20 -
2024-11-18		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
bootstrapcdn.com
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
Frame ID: D5B05B88F6E2BF0E4C52B27D2955A471
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Connexion à l'espace client - La Banque Postale

Page URL History Show full URLs

  1. https://t.co/XmHOq2O55C Page URL
  2. https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decap... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

13
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

931 kB
Transfer

1170 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/XmHOq2O55C Page URL
  2. https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
XmHOq2O55C
t.co/ 		692 B
669 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/XmHOq2O55C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f /
Resource Hash
13cd5cddf3cba39b5356bc3082c477f940cd272f8172e38a72ab8d675c9ac49c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
299
content-type
text/html; charset=utf-8
date
Sun, 25 Aug 2024 00:37:22 GMT
expires
Sun, 25 Aug 2024 00:42:22 GMT
perf
7402827104
server
tsa_f
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
eb80aa6a40d22a6bb927e13d11f55ea5cab0c3cab6ea3cb40c71cd398c651808
x-response-time
114
x-transaction-id
636b016308e4557f
x-xss-protection
0
Primary Request /
upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
Requested by
Host: t.co
URL: https://t.co/XmHOq2O55C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.23.166.125 Asheville, United States, ASN15085 (IMMEDION, US),
Reverse DNS
us-avl-id-srv19.advancedserverdns.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
038fa5506cc61d44b09b8d6eec732a51cc64d7a577da29beac1ad8a681f17ec2

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-length
3356
content-type
text/html; charset=UTF-8
date
Sun, 25 Aug 2024 00:37:22 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
bootstrap.min.css
upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/css/ 		156 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/css/bootstrap.min.css
Requested by
Host: upbeat-chandrasekhar.67-23-166-125.plesk.page
URL: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.23.166.125 Asheville, United States, ASN15085 (IMMEDION, US),
Reverse DNS
us-avl-id-srv19.advancedserverdns.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
da476f8bea9dc8102654ef3cf025af143624ea69f4cd5b544d493ebaaab5754b

Request headers

Referer
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 25 Aug 2024 00:37:22 GMT
content-encoding
br
last-modified
Sun, 19 Sep 2021 04:44:00 GMT
server
Microsoft-IIS/10.0
etag
"0e8a7f610add71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
20628
header_main2.png
upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/header_main2.png
Requested by
Host: upbeat-chandrasekhar.67-23-166-125.plesk.page
URL: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.23.166.125 Asheville, United States, ASN15085 (IMMEDION, US),
Reverse DNS
us-avl-id-srv19.advancedserverdns.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
41830ecfce2f5ccf2e21b43f664681d86a7269b0381520b653ad848900e10514

Request headers

Referer
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 25 Aug 2024 00:37:22 GMT
last-modified
Thu, 26 May 2022 15:10:21 GMT
server
Microsoft-IIS/10.0
etag
"802c89b71271d81:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
58718
moblie_header2.png
upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/moblie_header2.png
Requested by
Host: upbeat-chandrasekhar.67-23-166-125.plesk.page
URL: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.23.166.125 Asheville, United States, ASN15085 (IMMEDION, US),
Reverse DNS
us-avl-id-srv19.advancedserverdns.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7006a2d185c85a4b6d88561f727f9aa75d724f5b2f0c5bfff3ecb79c5356baff

Request headers

Referer
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 25 Aug 2024 00:37:22 GMT
last-modified
Thu, 26 May 2022 15:19:32 GMT
server
Microsoft-IIS/10.0
etag
"01af5ff1371d81:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
19073
main_footer3.png
upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/ 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/main_footer3.png
Requested by
Host: upbeat-chandrasekhar.67-23-166-125.plesk.page
URL: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.23.166.125 Asheville, United States, ASN15085 (IMMEDION, US),
Reverse DNS
us-avl-id-srv19.advancedserverdns.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7bad7164a6268d6304e22afd2471a678b6ff35d701940f9c46fe0d18ed297233

Request headers

Referer
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 25 Aug 2024 00:37:22 GMT
last-modified
Thu, 26 May 2022 15:44:58 GMT
server
Microsoft-IIS/10.0
etag
"039868d1771d81:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
130061
footer.png
upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/ 		236 KB
237 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/footer.png
Requested by
Host: upbeat-chandrasekhar.67-23-166-125.plesk.page
URL: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.23.166.125 Asheville, United States, ASN15085 (IMMEDION, US),
Reverse DNS
us-avl-id-srv19.advancedserverdns.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1decb4d9eeeb54c5532ead5b45f46bb2122dd7c203075ed22cd7058b94736b61

Request headers

Referer
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 25 Aug 2024 00:37:22 GMT
last-modified
Thu, 26 May 2022 15:22:32 GMT
server
Microsoft-IIS/10.0
etag
"0ec3e6b1471d81:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
241990
mobile_footer2.png
upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/ 		349 KB
349 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/mobile_footer2.png
Requested by
Host: upbeat-chandrasekhar.67-23-166-125.plesk.page
URL: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.23.166.125 Asheville, United States, ASN15085 (IMMEDION, US),
Reverse DNS
us-avl-id-srv19.advancedserverdns.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a4ca624126da1b2388c00e481462d05d962b1a6eca4e3e334e92eb3dd4dd603b

Request headers

Referer
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 25 Aug 2024 00:37:22 GMT
last-modified
Thu, 26 May 2022 15:26:27 GMT
server
Microsoft-IIS/10.0
etag
"801351f71471d81:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
356906
jquery-3.4.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by
Host: upbeat-chandrasekhar.67-23-166-125.plesk.page
URL: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Referer
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/
Origin
https://upbeat-chandrasekhar.67-23-166-125.plesk.page
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 00:37:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1688443
x-cache
HIT, HIT
content-length
24328
x-served-by
cache-lga13626-LGA, cache-lhr-egll1980079-LHR
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1724546243.927824,VS0,VE0
etag
W/"28feccc0-1157d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
251, 9034
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: upbeat-chandrasekhar.67-23-166-125.plesk.page
URL: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/
Origin
https://upbeat-chandrasekhar.67-23-166-125.plesk.page
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 00:37:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4503912
x-jsd-version
1.16.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7510
x-served-by
cache-fra-eddf8230104-FRA, cache-lga21938-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lY3TNaWeg2J4v1c4T%2FFEYmchb9uBqnsNSmoXzKp3u7vyvc7U4C0At2CdoNbyWrNMFCsAnQG0e53ESvO1%2FP7wZhS7hAAswc0kzWkGrjH%2BKqPzv9v9QA90mY9l8TjyipGZAhumYvW8%2FyaV7tCRJyw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b8783625de163c2-LHR
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: upbeat-chandrasekhar.67-23-166-125.plesk.page
URL: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/
Origin
https://upbeat-chandrasekhar.67-23-166-125.plesk.page
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 00:37:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
946
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
31330
cdn-cachedat
03/18/2024 12:41:35
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"61f338f870fcd0ff46362ef109d28533"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
331cf597406a9ba567e1d2c5ff8f10e4
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
8b8783622d5d4188-LHR
cdn-requestpullsuccess
True
main_footer2.png
upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/main_footer2.png
Requested by
Host: upbeat-chandrasekhar.67-23-166-125.plesk.page
URL: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.23.166.125 Asheville, United States, ASN15085 (IMMEDION, US),
Reverse DNS
us-avl-id-srv19.advancedserverdns.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4a678c489adfc01e1529111af6e22b6b1cace18981c09c0e0c419a2dcf3aff8

Request headers

Referer
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/css/bootstrap.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 25 Aug 2024 00:37:22 GMT
last-modified
Mon, 13 Sep 2021 23:33:10 GMT
server
Microsoft-IIS/10.0
etag
"0ff52b6f7a8d71:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
10857
favicon.png
upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/ 		57 KB
58 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/depot/image/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.23.166.125 Asheville, United States, ASN15085 (IMMEDION, US),
Reverse DNS
us-avl-id-srv19.advancedserverdns.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa3a956e876f90b2f9a08ce34812ae2911c4b5a4a149dd5a2970f3b86a72b55e

Request headers

Referer
https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 25 Aug 2024 00:37:23 GMT
last-modified
Thu, 07 Apr 2022 02:20:18 GMT
server
Microsoft-IIS/10.0
etag
"01d296264ad81:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
58801

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banque Postale (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap function| clavier

1 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: cb34694f-21dc-40b5-b0c4-79fe19aa45aa

1 Console Messages

Source Level URL
Text
recommendation warning URL: https://upbeat-chandrasekhar.67-23-166-125.plesk.page/mammou__--67890/france__--__nouvelle/romeo-et-julliette/destruction--__decapartin/contine--__africaine/zammer--__--dimitri/
Message:
[DOM] Found 16 elements with non-unique id #: (More info: https://goo.gl/9p2vKq) %o %o %o %o %o %o %o %o %o %o %o %o %o %o %o %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0