securesign-verwaltung.com
Open in
urlscan Pro
185.246.221.154
Malicious Activity!
Public Scan
Effective URL: https://securesign-verwaltung.com/dn/777/e587397e40e88c816d87f649a005aaa2/login/
Submission: On February 11 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on February 11th 2023. Valid for: 3 months.
This is the only time securesign-verwaltung.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Suisse (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 40 | 185.246.221.154 185.246.221.154 | 211252 (AS_DELIS) (AS_DELIS) | |
37 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
40 |
securesign-verwaltung.com
3 redirects
securesign-verwaltung.com |
2 MB |
37 | 1 |
Domain | Requested by | |
---|---|---|
40 | securesign-verwaltung.com |
3 redirects
securesign-verwaltung.com
|
37 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
securesign-verwaltung.com R3 |
2023-02-11 - 2023-05-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://securesign-verwaltung.com/dn/777/e587397e40e88c816d87f649a005aaa2/login/
Frame ID: CB1E584583D6C7F54D7EEEE1BFB03978
Requests: 37 HTTP requests in this frame
Screenshot
Page Title
Login - Credit Suisse Direct / CSXPage URL History Show full URLs
-
https://securesign-verwaltung.com/
HTTP 302
https://securesign-verwaltung.com/dn/ Page URL
-
https://securesign-verwaltung.com/dn/777/e587397e40e88c816d87f649a005aaa2
HTTP 301
https://securesign-verwaltung.com/dn/777/e587397e40e88c816d87f649a005aaa2/ HTTP 302
https://securesign-verwaltung.com/dn/777/e587397e40e88c816d87f649a005aaa2/login/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- \bangular.{0,32}\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://securesign-verwaltung.com/
HTTP 302
https://securesign-verwaltung.com/dn/ Page URL
-
https://securesign-verwaltung.com/dn/777/e587397e40e88c816d87f649a005aaa2
HTTP 301
https://securesign-verwaltung.com/dn/777/e587397e40e88c816d87f649a005aaa2/ HTTP 302
https://securesign-verwaltung.com/dn/777/e587397e40e88c816d87f649a005aaa2/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://securesign-verwaltung.com/ HTTP 302
- https://securesign-verwaltung.com/dn/
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
securesign-verwaltung.com/dn/ Redirect Chain
|
691 B 875 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
securesign-verwaltung.com/dn/777/e587397e40e88c816d87f649a005aaa2/login/ Redirect Chain
|
16 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
securesign-verwaltung.com/dn/bower_components/jquery/dist/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ua-parser.min.js
securesign-verwaltung.com/dn/bower_components/ua-parser-js/dist/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
securesign-verwaltung.com/dn/bower_components/font-awesome/css/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core_form.js
securesign-verwaltung.com/dn/core/form/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core_form.css
securesign-verwaltung.com/dn/core/form/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core_token.js
securesign-verwaltung.com/dn/core/token/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular.min.js
securesign-verwaltung.com/dn/bower_components/angular/ |
165 KB 165 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
securesign-verwaltung.com/dn/login/form/ |
573 B 819 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sass-bootstrap.css
securesign-verwaltung.com/dn/login/ |
157 KB 158 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
securesign-verwaltung.com/dn/login/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs.min.css
securesign-verwaltung.com/dn/login/ |
516 KB 516 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs-navigation.css
securesign-verwaltung.com/dn/login/ |
102 KB 102 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs-font-browser.css
securesign-verwaltung.com/dn/login/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs-icon-font-cb.eot
securesign-verwaltung.com/dn/login/ |
39 KB 39 KB |
Font
application/vnd.ms-fontobject |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs-icon-font-cb.woff
securesign-verwaltung.com/dn/login/ |
24 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs-icon-font-cb.ttf
securesign-verwaltung.com/dn/login/ |
39 KB 39 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs-icon-font-cb.svg
securesign-verwaltung.com/dn/login/ |
87 KB 88 KB |
Font
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs-browser.css
securesign-verwaltung.com/dn/login/ |
44 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.css
securesign-verwaltung.com/dn/login/ |
5 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
securesign-verwaltung.com/dn/login/ |
15 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_cs_white.svg
securesign-verwaltung.com/dn/login/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_cs.svg
securesign-verwaltung.com/dn/login/ |
6 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form.js
securesign-verwaltung.com/dn/login/form/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ng.js
securesign-verwaltung.com/dn/login/ng/ |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
token.js
securesign-verwaltung.com/dn/login/token/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-cs-image-desktop_v2.jpg
securesign-verwaltung.com/dn/login/ |
253 KB 253 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CSW07eP-Romanv4.ttf
securesign-verwaltung.com/dn/login/ |
85 KB 85 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs-icon-font-cb.ttf
securesign-verwaltung.com/dn/login/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CSW07eP-Boldv4.ttf
securesign-verwaltung.com/dn/login/ |
79 KB 80 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CreditSuisseHeadlineWeb-Regular.woff2
securesign-verwaltung.com/dn/login/ |
37 KB 37 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs-icon-font-cb.woff
securesign-verwaltung.com/dn/login/ |
24 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
newloader.gif
securesign-verwaltung.com/dn/login/form/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.php
securesign-verwaltung.com/dn/ |
58 B 240 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.php
securesign-verwaltung.com/dn/ |
58 B 240 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs-icon-font-cb.woff
securesign-verwaltung.com/dn/login/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Suisse (Banking)44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| UAParser function| save_logs__ function| save_logs_done__ function| ask_login_proxy function| ask_activation_code_proxy function| ask_login_confirm_proxy function| ask_payment_confirm_proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| lock_redirect function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| send1 object| bider_obj object| last_respond undefined| last_operation object| respond object| angular object| SCREEN_SIZE function| setMoodImage string| bid object| php_js object| app object| loader_ string| el object| CORE__ object| REST_FN__ number| bidder_timer3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
securesign-verwaltung.com/dn | Name: real Value: OK |
|
securesign-verwaltung.com/ | Name: PHPSESSID Value: 9d2qcjbtlkba2pi0sb5cf44o1c |
|
securesign-verwaltung.com/ | Name: bid Value: e587397e40e88c816d87f649a005aaa2 |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
securesign-verwaltung.com
185.246.221.154
049f914b32d0c00455fd8bd7d06fb7354b835ed01bd02a390a24d04eb70d5051
062e7c06974f8217cda2ba9fe1b3b9ec472409ca6306fb27b895638bf41e61b3
0c250b6efb351e1ff071b55a67809284c726c1bf7d435d53f8b79dd0feb0b993
0e64e0984ddd28ba07cd2674453327b36d697d47a7eee3a3bedc89ecf30c2933
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
12148c11c3f6544f6fdb28cf059eb780281ffe382a6721dade7e69cd678b6472
1b7636cde4c049de83af8974bdfd27de84d99049660cb84fd474c1cda0b1a680
1ba993b9d3f8e3213465253a54114583bc3cf5a266207ba60d8f258170d135c9
20f872c9b6cd115499bba9b0f6413670e59eeffdaec79bea39c494aa00dcf6bc
2505b15c8a6683fd2a89535dbf965d9eec79a79799e2c1a4e908d5d2a62d71a9
35cf0bbb3d96f21f060f156908d5f844e0ff79789b840f25e9cf61cf768172c9
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
3810d230161d6e9f6df8586cc15d44f815cbca0a6e6cd19f0891fe8f598f0e84
3852081e3575a461aad4bdef9b4d2c7f31aa91104ea5ecbf64960fe3ecc2ed29
3ad55ad127bbface463747ff829dcc63ce424a02c2996546ab317ecacf41cd0c
3c80d02413257bd0f750f926d652222ceea616ba5ed94996823f86df409ef084
40de988913e9e3fc2b4056d4f88232683b12eb95b25e8ded8bb49adbe67b5e7b
4bfff95b2d62c8140489704be208e81e4ff655f6a107276ce20618c8d7727e99
55750d57a9d3b3e5362171e40844d16502ea2c8b18b17c3c775b8d31e2c38321
5ddfbb8026b525e1f9d3d72b16ec92987857be1280c937286b1eeda27293d23e
6d1fcbb829fad19d85ece061e1f6f4ab0b556daf7998be1cf089c36392f4dd81
75ef208ba15a0ac8fcf89bd0381de20b160639bc65938368b271ace61a45eb80
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e7dc0450ce1139f7645030e8a6cb7c67bf959a95682b5847ec21fdb225b1bd4
7ec2275c4e2cc8d5e46fb2970beb071fc3fd2c62a2a58d3bb8239f6676e39164
7f6d417f35a14059f2e21c8b8322b970533b5177b66d72f14e720592895e9191
856e6825914426ec3cd544bac00efea43b33b1b7e816b59b4b94b3eda6a72c7f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f
b4935f3b83ac45db62393b6eb52ebec7a0386feeb97a8a88426f54d00bc7fa3c
dc453d4d546f3dcbbb010243c570332a2cf7e1d1842d356d82bdcbb64e8f11cc
f063d461003a31fd39e8308f0c5c6cb5bae148c92a6a29cdd430d47fc860e5f2
f2c66339e025f21e785f7efc6b01f1d2d58a269fd20cfd4e7ecaebaf3a242be1
f2ff3738855b7f4c1794c85af30bc50c4dfa6590727cc2b2ad4d412e121b33d1