kostkanailsystem.com
Open in
urlscan Pro
88.99.96.6
Malicious Activity!
Public Scan
Effective URL: https://kostkanailsystem.com/wp-admin/images/vise/viseca/
Submission Tags: 7213091
Submission: On July 04 via api from NL
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 4th 2020. Valid for: a year.
This is the only time kostkanailsystem.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Viseca (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 91.103.219.229 91.103.219.229 | 198047 (UKWEB-EQX) (UKWEB-EQX) | |
2 | 88.99.96.6 88.99.96.6 | 24940 (HETZNER-AS) (HETZNER-AS) | |
11 | 217.111.139.8 217.111.139.8 | 208305 (VISECA-AS) (VISECA-AS) | |
20 | 4 |
ASN198047 (UKWEB-EQX, DE)
PTR: voyager.servers.prgn.misp.co.uk
angelaknows.co.uk |
ASN208305 (VISECA-AS, CH)
PTR: one-digitalservice.ch
one-digitalservice.ch |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
one-digitalservice.ch
one-digitalservice.ch |
684 KB |
2 |
kostkanailsystem.com
kostkanailsystem.com |
16 KB |
1 |
angelaknows.co.uk
angelaknows.co.uk |
441 B |
20 | 3 |
Domain | Requested by | |
---|---|---|
11 | one-digitalservice.ch |
kostkanailsystem.com
one-digitalservice.ch |
2 | kostkanailsystem.com | |
1 | angelaknows.co.uk | |
20 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.viseca.ch |
itunes.apple.com |
play.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
kostkanailsystem.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-04 - 2021-10-06 |
a year | crt.sh |
one-digitalservice.ch QuoVadis Global SSL ICA G3 |
2021-05-18 - 2022-05-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://kostkanailsystem.com/wp-admin/images/vise/viseca/
Frame ID: 407A68667CA5D6B9A8A42433506302AA
Requests: 20 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://angelaknows.co.uk//a2d9c6f4d4/vs-5678/de/ Page URL
- https://kostkanailsystem.com/wp-admin/images/vise/viseca/ Page URL
- https://kostkanailsystem.com/wp-admin/images/vise/viseca/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Instructions for activating cookies
Search URL Search Domain Scan URL
Title: App Store (iOS)
Search URL Search Domain Scan URL
Title: Play Store (Android)
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://angelaknows.co.uk//a2d9c6f4d4/vs-5678/de/ Page URL
- https://kostkanailsystem.com/wp-admin/images/vise/viseca/ Page URL
- https://kostkanailsystem.com/wp-admin/images/vise/viseca/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
angelaknows.co.uk//a2d9c6f4d4/vs-5678/de/ |
162 B 441 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
kostkanailsystem.com/wp-admin/images/vise/viseca/ |
1 B 239 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
kostkanailsystem.com/wp-admin/images/vise/viseca/ |
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
one-digitalservice.ch/login/css/ |
55 KB 55 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ispin.css
one-digitalservice.ch/login/css/ |
470 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
one.svg
one-digitalservice.ch/login/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
one-small.svg
one-digitalservice.ch/login/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr-custom.js
one-digitalservice.ch/login/js/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.2.min.js
one-digitalservice.ch/login/js/ |
94 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
one-digitalservice.ch/login/js/ |
36 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
content.js
one-digitalservice.ch/login/js/ |
201 B 815 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.main.js
one-digitalservice.ch/login/js/ |
435 KB 436 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ispin.js
one-digitalservice.ch/login/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fpdata.js
one-digitalservice.ch/login/js/ |
51 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTStd-Roman.woff
one-digitalservice.ch/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTStd-Bold.woff
one-digitalservice.ch/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTStd-Light.woff
one-digitalservice.ch/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTStd-Light.ttf
one-digitalservice.ch/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTStd-Roman.ttf
one-digitalservice.ch/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FrutigerLTStd-Bold.ttf
one-digitalservice.ch/login/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- one-digitalservice.ch
- URL
- https://one-digitalservice.ch/login/fonts/FrutigerLTStd-Roman.woff
- Domain
- one-digitalservice.ch
- URL
- https://one-digitalservice.ch/login/fonts/FrutigerLTStd-Bold.woff
- Domain
- one-digitalservice.ch
- URL
- https://one-digitalservice.ch/login/fonts/FrutigerLTStd-Light.woff
- Domain
- one-digitalservice.ch
- URL
- https://one-digitalservice.ch/login/fonts/FrutigerLTStd-Light.ttf
- Domain
- one-digitalservice.ch
- URL
- https://one-digitalservice.ch/login/fonts/FrutigerLTStd-Roman.ttf
- Domain
- one-digitalservice.ch
- URL
- https://one-digitalservice.ch/login/fonts/FrutigerLTStd-Bold.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Viseca (Financial)75 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Modernizr function| $ function| jQuery object| jQuery111207485192679338193 function| initInputValueCheck function| initCheckboxStateCheck function| initTouchNav function| initMultiLevelNav function| initHidePopoverOnClickOutside function| initKartenForm function| initAjaxSelect function| initAjaxCheckboxes function| initDateTextFields function| initBootstrapDatePickerRange function| initCardFieldValidation function| initAjaxTabsTB function| initCarousel function| initAutoShowAlerts function| initAddItems function| initInputMask function| initProgressAnimation function| initDisableScroll function| initCustomTabs function| stopVideosOnModalClose function| initAjaxModal function| initYoutubeOverlay function| playPauseIframeYoutube function| initBootstrapDatePicker function| initNavDrop function| initRegistrationCodeForm function| formSendAjax function| formOnAjaxSuccess function| initSimpleForm function| initSmsForm function| initFormValidation function| initCustomForms function| initTBResizeFix function| initMobileTable function| initFixedTable function| initPopover function| initCloseCollapse function| initRetinaCover function| initSlickCarousel function| initCustomHover function| initOpenClose function| TouchNav object| lib function| MultiLevelNav function| AjaxSelectContent function| AddCloneItem object| CssAnimationHelper object| ResponsiveHelper function| DisablePageScroll function| FixedTable object| jcf object| picturefillCFG function| picturefill function| Inputmask function| Hammer function| closePhishingAlert function| checkPhishingMessageVisibility function| doPost function| Fingerprint2 number| $h0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
angelaknows.co.uk
kostkanailsystem.com
one-digitalservice.ch
one-digitalservice.ch
217.111.139.8
88.99.96.6
91.103.219.229
16bcaff23332afd97f153d54c2669e4b386b799231d67850af7e50352cd1a04e
25f4ac7806b895326e6e2ddaf741f64eeeee2e729237556072ac297745ca15c4
2cbfba442e84de59ee547ea3195984c2e9b15d5974d4b324cc7f592df1fa2fa3
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
86e44759b26c327061c4cccbf43dcd989191c2aa927d9847f9da5cd70f6473c7
8b1ac825153c2c2e7321901e800fdaf9ca16e65aaf28d362698400ac3642b18b
9e5d9608c0a0edfe0e7661a72da49cdf56cb1341eed20b240a1ab1fdb3057026
a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec
af8b48e6c225d2d4acc0a47459f2a0e6c6043dc1403f91bc572fb64557ce92c8
bcb8125e03517caf9d0d1cee183543a72c794b4fca4192d94e7c03dd8013c878
d212be8b148b358486c94de06d52b5509788acc02b2faa3ac40614e94ec011d5