www.service-support.82-165-250-105.plesk.page
Open in
urlscan Pro
82.165.250.105
Malicious Activity!
Public Scan
Submitted URL: https://www.service-support.82-165-250-105.plesk.page/
Effective URL: https://www.service-support.82-165-250-105.plesk.page/auth/identifiant.php?sid/wsost/OstBrokerWeb/auth
Submission: On April 26 via automatic, source certstream-suspicious — Scanned from DE
Effective URL: https://www.service-support.82-165-250-105.plesk.page/auth/identifiant.php?sid/wsost/OstBrokerWeb/auth
Submission: On April 26 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 2 IPs
in 1 countries
across 1 domains to perform 1 HTTP transactions.
The main IP is 82.165.250.105, located in
Karlsruhe, Germany and
belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE.
The main domain is www.service-support.82-165-250-105.plesk.page.
TLS certificate: Issued by R3 on April 26th 2022. Valid for: 3 months.
This is the only time www.service-support.82-165-250-105.plesk.page was scanned on urlscan.io!
TLS certificate: Issued by R3 on April 26th 2022. Valid for: 3 months.
This is the only time www.service-support.82-165-250-105.plesk.page was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banque Postale (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 3 | 82.165.250.105 82.165.250.105 | 8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS) | |
| 1 | 2 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 3 |
plesk.page
2 redirects
www.service-support.82-165-250-105.plesk.page |
793 KB |
| 1 | 1 |
| Domain | Requested by | |
|---|---|---|
| 3 | www.service-support.82-165-250-105.plesk.page | 2 redirects |
| 1 | 1 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.facebook.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| service-support.82-165-250-105.plesk.page R3 |
2022-04-26 - 2022-07-25 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.service-support.82-165-250-105.plesk.page/auth/identifiant.php?sid/wsost/OstBrokerWeb/auth
Frame ID: E00FE5ECE3BB56C0D966F1591E16E6FC
Requests: 26 HTTP requests in this frame
Frame:
data://truncated
Frame ID: 3C816724F72FA2AC41D02572C172CA67
Requests: 2 HTTP requests in this frame
Frame:
data://truncated
Frame ID: E46F31968B893CDDC75344D1FC9504CB
Requests: 1 HTTP requests in this frame
Frame:
data://truncated
Frame ID: 655F846DDE29AFEE55E9C7A3C997BCD6
Requests: 1 HTTP requests in this frame
Frame:
data://truncated
Frame ID: A042FDAA4813EF6A35FAE97B412404F9
Requests: 1 HTTP requests in this frame
Frame:
data://truncated
Frame ID: EFE76B77193AEDCCB7933FA5783E3912
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
La Banque Postale - Banque et Assurance en ligne – La Banque PostalePage URL History Show full URLs
-
https://www.service-support.82-165-250-105.plesk.page/
HTTP 302
https://www.service-support.82-165-250-105.plesk.page/auth/index.php HTTP 302
https://www.service-support.82-165-250-105.plesk.page/auth/identifiant.php?sid/wsost/OstBrokerWeb/auth Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: http://www.facebook.com/labanquepostale
Title: Facebook
Title: Facebook
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.service-support.82-165-250-105.plesk.page/
HTTP 302
https://www.service-support.82-165-250-105.plesk.page/auth/index.php HTTP 302
https://www.service-support.82-165-250-105.plesk.page/auth/identifiant.php?sid/wsost/OstBrokerWeb/auth Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
1 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
identifiant.php
www.service-support.82-165-250-105.plesk.page/auth/ Redirect Chain
|
3 MB 792 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
735 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
33 KB 33 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
32 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
62 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
12 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
16 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
13 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
28 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
23 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
13 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 3C81 |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 3C81 |
3 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame E46F |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 655F |
48 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame A042 |
48 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame EFE7 |
48 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banque Postale (Banking)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| savepage_ShadowLoader1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.service-support.82-165-250-105.plesk.page/ | Name: PHPSESSID Value: mc9ctks8rftrfr02rg004p77uc |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.service-support.82-165-250-105.plesk.page
82.165.250.105
238721a3322c0aac1535060dd2420e4c33061fdbcd39325045e94dd5fb67775c
2659babf00866049a8a539bcc635974ac5d40034bd7088819fe44a434b6787d9
2c366efc13702d5bf379b6d5d072ff66fe1d602a6c3185ddd6d6009390fea0f5
2f569fe802d603f517a6bf44acd544ad3df64985ec80229455486549f99f40f7
594dcb53c3187466508dcb6b97bab4d0813bfd29f9d7163f52b7d95edb1c1e0c
5dd36181de282a1f8c4ff2b742c5fd83d84b058ab8af37ebdb8d70a40ddfa95d
68428e06709cb53d434185e973dd9a2fd9be28874ae4b717889981493e3d720d
6c2ecc8d8ed497ccfd5de46495d86ec26eb29234a7b65a48cb3bb60ea1519a0a
72e35418c679af04683bfeb3fef38dc5b6032cfc2ab8a6695b6eebdafb415777
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
81e3cb15ea36ad13a06a9b67c66ea31522bc8b4c92cc27ad848526ef2ef05560
89770d6bb0c7f868fc89cb4a3f498e26dbdc4224c533d1ad3e5275e0856be5fc
89ef0383ca4523cbac45fe1203a10f4fd83138015e91e86680c2a1d2d15d5e09
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f4723dabbc7e614ac49a79544f72e3ef67acbe3530809b8c0feca3e3927be6f
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
a69299d71cb8f561f01cf49abcf4dd35ebe8ca2464999c2af0c21ac0d718548d
ad870bae449ef6b31ff821d333b78ae01783d988b94b60e8c11c81844dd882a1
afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e
ba8342a63033ca62f60705e270f925110b80f4aa5e2e942e727cc128d1138473
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
d598e785f0c08fb9984bd847e1cfc15a4cbd620de68f455174ada1627b0ce99f
d8b31bc52c4849500939331bdcddd70c76b45d6ee2c0e4cdefde52ff7e9246dc
da38dd883cdd9b4e3aa06e59d3dcca096ca9a966ea425c641cfafb339981f54b
e7d4d876da9efe30bd6443038f131062fd069174656b33f31cd5f39789143c8c
e82a16b354398501c46036cab262369b7868839e751d53d80e58a032ce5ab701
eeaf9e9e84b69299e5cf608c81b91da54d286e556e9a87feccaddedd9ba7ce93
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fff02ac67c6a1330e62e38c99708c8bb7b63cda4b8d831b9694d4caec6cd80a8