bms-cs.cloudgate.microfin.de
Open in
urlscan Pro
80.158.108.252
Malicious Activity!
Public Scan
Submission: On April 12 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 11th 2024. Valid for: 3 months.
This is the only time bms-cs.cloudgate.microfin.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
30 | 80.158.108.252 80.158.108.252 | 34086 (SCZN-AS) (SCZN-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 104.16.88.20 104.16.88.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
34 | 3 |
ASN34086 (SCZN-AS, DE)
PTR: ecs-80-158-108-252.reverse.open-telekom-cloud.com
bms-cs.cloudgate.microfin.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
microfin.de
bms-cs.cloudgate.microfin.de |
2 MB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 315 |
8 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
1 KB |
34 | 3 |
Domain | Requested by | |
---|---|---|
30 | bms-cs.cloudgate.microfin.de |
bms-cs.cloudgate.microfin.de
|
3 | cdn.jsdelivr.net |
bms-cs.cloudgate.microfin.de
|
1 | fonts.googleapis.com |
bms-cs.cloudgate.microfin.de
|
34 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bms-cs.cloudgate.microfin.de R3 |
2024-04-11 - 2024-07-10 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://bms-cs.cloudgate.microfin.de/users/login/?next=/dashboard
Frame ID: CD190C0920FE0E048A3AE7F45D1DDD36
Requests: 34 HTTP requests in this frame
Screenshot
Page Title
CloudGate-AnmeldungDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Django (Web Frameworks) Expand
Detected patterns
- (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Select2 (JavaScript Libraries) Expand
Detected patterns
- select2(?:\.min|\.full)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- jquery-ui.*\.js
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bms-cs.cloudgate.microfin.de/users/login/ |
8 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.css
bms-cs.cloudgate.microfin.de/static/css/ |
133 KB 133 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
bms-cs.cloudgate.microfin.de/static/js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.js
bms-cs.cloudgate.microfin.de/static/js/ |
231 KB 232 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tempus-dominus.min.css
bms-cs.cloudgate.microfin.de/static/tempus-dominus/ |
47 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select2.min.css
bms-cs.cloudgate.microfin.de/static/admin/css/vendor/select2/ |
15 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
django_select2.css
bms-cs.cloudgate.microfin.de/static/django_select2/ |
54 B 231 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
bms-cs.cloudgate.microfin.de/static/js/ |
20 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select2.full.min.js
bms-cs.cloudgate.microfin.de/static/admin/js/vendor/select2/ |
77 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tempus-dominus.min.js
bms-cs.cloudgate.microfin.de/static/tempus-dominus/ |
78 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
de.js
bms-cs.cloudgate.microfin.de/static/admin/js/vendor/select2/i18n/ |
866 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
django_select2.js
bms-cs.cloudgate.microfin.de/static/django_select2/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
18 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-iconic-bootstrap.css
bms-cs.cloudgate.microfin.de/static/css/ |
11 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.min.css
bms-cs.cloudgate.microfin.de/static/font-awesome/css/ |
57 KB 57 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
solid.min.css
bms-cs.cloudgate.microfin.de/static/font-awesome/css/ |
669 B 848 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
regular.min.css
bms-cs.cloudgate.microfin.de/static/font-awesome/css/ |
677 B 855 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
datatables.min.css
bms-cs.cloudgate.microfin.de/static/DataTables/ |
28 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
bms-cs.cloudgate.microfin.de/static/css/jstree/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
messages.css
bms-cs.cloudgate.microfin.de/static/notes/css/ |
141 B 319 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
bms-cs.cloudgate.microfin.de/static/documents/css/ |
163 B 341 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
notifications.css
bms-cs.cloudgate.microfin.de/static/css/ |
302 B 480 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background_tasks.css
bms-cs.cloudgate.microfin.de/static/css/ |
197 B 375 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
drop_down_select_multiple.css
bms-cs.cloudgate.microfin.de/static/css/ |
701 B 880 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.css
bms-cs.cloudgate.microfin.de/static/css/ |
31 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
classic.min.css
cdn.jsdelivr.net/npm/@simonwep/pickr/dist/themes/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
monolith.min.css
cdn.jsdelivr.net/npm/@simonwep/pickr/dist/themes/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
nano.min.css
cdn.jsdelivr.net/npm/@simonwep/pickr/dist/themes/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
bms-cs.cloudgate.microfin.de/static/css/ |
16 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-blue.svg
bms-cs.cloudgate.microfin.de/static/img/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menschen_transparent_rollen.png
bms-cs.cloudgate.microfin.de/static/img/ |
549 KB 550 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Startscreen.jpg
bms-cs.cloudgate.microfin.de/static/img/ |
206 KB 206 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft.png
bms-cs.cloudgate.microfin.de/static/img/ |
455 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
bms-cs.cloudgate.microfin.de/static/img/ |
15 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| bootstrap object| Popper object| tempusDominus function| cgImport1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bms-cs.cloudgate.microfin.de/ | Name: csrftoken Value: sARmJPeOLl0jLSU9KjRoa7ghQ8Rrxp9C |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bms-cs.cloudgate.microfin.de
cdn.jsdelivr.net
fonts.googleapis.com
104.16.88.20
2a00:1450:4001:810::200a
80.158.108.252
01b620a4bed26434fbfc2a814f34f49ad03c5c065d3b9267f30101f289108b98
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8
0588d1661498d804543dc1537f9784877a962b9f0ef3c4ccee765eb7f2543611
096f196b783388020de0c96ab6a23a8a2919f058b4b9058b469fc803d8490c85
1537ab04917a679c4873c0f6c2c45fe98a6804a744682420ae5f3e9dc8c10def
15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81
20d90f7b2c4613c4b8d4925daa1295578d7d2a286dc9f4def19932c532ede4e0
33944de1222740fdc1f1d3e09138e8fa4c844580983f50bdae3b90ea9af3c000
358ec9c38ff69d0d6466affa4a8cfa0d9391d325af2ccc01ebcb0ab8d0fe95d4
39a908049d872fb4858de2c04d78aa5c18904f231dc1895723d012b9d71cac9c
3a3bf708e198ac29d39363fbe549321158235af6c124eeaad0519d57b9e5b6a3
41eb27d1f2327c903455f1adce6d0a81ae51a3d782ce891d36830f91eedb4b11
5c6fdab80cb86a279695dccc226a1fac50e2c922bea70242edaa28f52b7bad2d
60bd27207f3df89b79e16593cd7777205a9bfbd7d98b978241db2c9c6217bb17
668417c926850f49d0ebeadcb153f57ba67a2b26501bcda891619856a8053a15
73d7115f992026da130c95d84b8ac4fe3ac67ee6eefddc5a133c8fbe6bb530fc
7ad679ae1949391f4c6ba080b045063546e12951a4ea4c5701a65f971abea9a2
7beff286c9ef60c654103389f4bd2c0f811fd15181bfbd1ce16776f8f6955dd2
817f59e047affc40e0f556796089262904aa7001cbf2d493f74747bedbad8d38
82634919b29ec374af4be4702720a2fecdb79c2df0341850efa3dc4fff723d09
882e58c671a484d0daa97a2807060e1a1ad16e73a87753f494a0a8f24412164b
8991d1c7387d410056a4666ffa4f7fd7369c1c5ade21b18d202c5cc7f3e51a81
8e38c4791be77a536f2127e2516ada734a691b19cd4ac2b1acd12226c7dc6f8e
8ffbd97e0bd6d33be9ea8ccc0f497377055e61c00c8b412f696eaab4a929978e
9864fdf995368063ea9a55fb0f6baa42cfb677c33d704f959459b0848dbda8b3
a420adf9449b2542281c7ce39781831846775b4e9d65213893e5cdd58871ade4
a4ffbd93234f876444a75f185c968f46cb6a599d6f44bccf10ec0e2b6d2cfc2d
bce043ca2de96b5dcb11c4494f7725cdf514ddf69ac7d7fa6a16256c48cf8eb1
d058e597a406a783c7ce0a88b13905514c533c244b7070a1e128232e4400e63d
d1fb3a646f2987a3e8ca8c6531ce7c6c1e29565d3e88066ac504f7a011eda71a
e5bb297dc8a1329f325c3c1f72abc2fe75774136ed06e403991ddced43d0b45c
e946ab11202382827c7430078865d004049a8951d5aef54d94b5971f84518a37
f23dd51eaff9dca3de29ac35677def07a6a505211ba478233675d60ad48a1d86
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d