online.157-230-16-15.access.suisse.web.apps.plesk.page
Open in
urlscan Pro
157.230.16.15
Malicious Activity!
Public Scan
Submission: On June 14 via api from JP — Scanned from GE
Summary
TLS certificate: Issued by R3 on June 13th 2023. Valid for: 3 months.
This is the only time online.157-230-16-15.access.suisse.web.apps.plesk.page was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Suisse (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 157.230.16.15 157.230.16.15 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
3 | 151.101.65.229 151.101.65.229 | 54113 (FASTLY) (FASTLY) | |
1 | 69.16.175.42 69.16.175.42 | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.185.234 142.250.185.234 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.181.227 142.250.181.227 | 15169 (GOOGLE) (GOOGLE) | |
1 | 66.29.146.24 66.29.146.24 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
22 | 7 |
ASN14061 (DIGITALOCEAN-ASN, US)
online.157-230-16-15.access.suisse.web.apps.plesk.page |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium225-1.web-hosting.com
mincex.fun |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
plesk.page
online.157-230-16-15.access.suisse.web.apps.plesk.page |
455 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 377 |
53 KB |
1 |
mincex.fun
mincex.fun |
1 KB |
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67 |
1 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263 |
355 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 768 |
30 KB |
22 | 7 |
Domain | Requested by | |
---|---|---|
14 | online.157-230-16-15.access.suisse.web.apps.plesk.page |
online.157-230-16-15.access.suisse.web.apps.plesk.page
|
3 | cdn.jsdelivr.net |
online.157-230-16-15.access.suisse.web.apps.plesk.page
|
1 | mincex.fun |
online.157-230-16-15.access.suisse.web.apps.plesk.page
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
online.157-230-16-15.access.suisse.web.apps.plesk.page
|
1 | cdnjs.cloudflare.com |
online.157-230-16-15.access.suisse.web.apps.plesk.page
|
1 | code.jquery.com |
online.157-230-16-15.access.suisse.web.apps.plesk.page
|
22 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
online.157-230-16-15.access.suisse.web.apps.plesk.page R3 |
2023-06-13 - 2023-09-11 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
mincex.fun Sectigo RSA Domain Validation Secure Server CA |
2023-02-09 - 2024-02-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/login
Frame ID: 17F3A3C1091B78EB56F47D985A1C7F66
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Login - Credit Suisse Direct / CSXDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/ |
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ |
157 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helpers.css
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/css/ |
41 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo2.svg
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/imgs/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone.png
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/imgs/ |
665 B 834 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/imgs/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img.jpg
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/imgs/ |
352 KB 353 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img2.jpg
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/imgs/ |
75 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error.png
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/imgs/ |
716 B 884 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.png
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/imgs/ |
548 B 717 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.png
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/imgs/ |
384 B 553 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eye1.png
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/imgs/ |
675 B 844 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow.png
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/imgs/ |
212 B 380 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ |
82 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/ |
1 MB 355 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
simpleUpload.min.js
cdn.jsdelivr.net/npm/jquery-simple-upload@1.1.0/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
online.157-230-16-15.access.suisse.web.apps.plesk.page/ch/main/assets/js/ |
1 KB 588 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
loginde
mincex.fun/newsystem/pages/get/1569e6622f9edb5e6343614986b68ff5/ |
1 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Suisse (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| simpleUpload function| getContent1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
online.157-230-16-15.access.suisse.web.apps.plesk.page/ | Name: PHPSESSID Value: 45qnievvav3hbi807ka65jfvkb |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
mincex.fun
online.157-230-16-15.access.suisse.web.apps.plesk.page
104.17.24.14
142.250.181.227
142.250.185.234
151.101.65.229
157.230.16.15
66.29.146.24
69.16.175.42
0e64e0984ddd28ba07cd2674453327b36d697d47a7eee3a3bedc89ecf30c2933
0edf99608dfa07e0ba8a58dd416b4f51dc8e96455b2f452871fe271d30b03ff4
1cbfa90acbbc5df4856ae2ad15c9285228c17aee1a77a24b004ce98ad2fad239
20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72
5db8deaaf620d2147f30ea6d666f65c5bb9d23a6146f9f55d1078d959f903b47
65c4230a26597853a276f154e975c2a0cd90a3b18077fb1a76d0aa2929c80b3a
6bf3e539da4a88d7f0faa777a897c01891947fb2af95725ffe81ab5379515118
7bd4a8f95f6d0affca1dcd16798dbf3586bc552be8ad721226522503da3f5b9e
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
85e5c779e1a19e70950d973b34fbcbbd36c5aab093694d5f7c0d6d57b28b8aa2
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8dadf68ee9e905cc1261007e5993dcd2a908a1184fce80b08c229a83f2749402
8fc1848a14813448fbb27bc7cb1187265f7fc349775f9d8134ed651eae83fc8a
9b1bb59ef108f4bc2a57721c644b81c9758f200fade734f34d765acbd310c89d
ade1a9f20ab9f88cc31af7c4cbb0b9e5a36842c445c85e18b7af7a8febd1e805
c94328682edabda584a8380131d5cabb0c7dea7a7ae74d18cd0f6e577421c55c
d1a2c3deab9b73df1c9d90fcd15ba95fd336a014291a3ec977c654d210956b6a
da6f0ec6b4c66ef63af70d162d8da8eea19593061eb027f5da05d33d1a6783a0
ddcce19c3c9cd1f411479fda1975bef9b19fec58c0c59f8870b00fec72ab1d62
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765