viseca-one-ch.codeanyapp.com
Open in
urlscan Pro
45.55.112.74
Malicious Activity!
Public Scan
Submitted URL: https://viseca-one-ch.codeanyapp.com/login/
Effective URL: https://viseca-one-ch.codeanyapp.com/login/login.php
Submission: On June 19 via api from JP — Scanned from JP
Effective URL: https://viseca-one-ch.codeanyapp.com/login/login.php
Submission: On June 19 via api from JP — Scanned from JP
Summary
This website contacted 4 IPs
in 2 countries
across 2 domains to perform 29 HTTP transactions.
The main IP is 45.55.112.74, located in
San Francisco, United States and
belongs to DIGITALOCEAN-ASN, US.
The main domain is viseca-one-ch.codeanyapp.com.
TLS certificate: Issued by R3 on April 21st 2023. Valid for: 3 months.
This is the only time viseca-one-ch.codeanyapp.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on April 21st 2023. Valid for: 3 months.
This is the only time viseca-one-ch.codeanyapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Viseca (Financial)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 25 | 45.55.112.74 45.55.112.74 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 2 | 23.44.51.163 23.44.51.163 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 2 | 23.2.131.30 23.2.131.30 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 29 | 4 |
25
45.55.112.74
(San Francisco, United States)
ASN14061 (DIGITALOCEAN-ASN, US)
ASN14061 (DIGITALOCEAN-ASN, US)
| viseca-one-ch.codeanyapp.com |
2
23.44.51.163
(Tokyo, Japan)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-51-163.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-51-163.deploy.static.akamaitechnologies.com
| consent.cookiebot.com |
2
23.2.131.30
(Tokyo, Japan)
ASN16625 (AKAMAI-AS, US)
PTR: a23-2-131-30.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-2-131-30.deploy.static.akamaitechnologies.com
| consentcdn.cookiebot.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 25 |
codeanyapp.com
1 redirects
viseca-one-ch.codeanyapp.com |
379 KB |
| 4 |
cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4302 consentcdn.cookiebot.com — Cisco Umbrella Rank: 4756 |
35 KB |
| 29 | 2 |
| Domain | Requested by | |
|---|---|---|
| 25 | viseca-one-ch.codeanyapp.com |
1 redirects
viseca-one-ch.codeanyapp.com
consent.cookiebot.com |
| 2 | consentcdn.cookiebot.com |
consent.cookiebot.com
|
| 2 | consent.cookiebot.com |
viseca-one-ch.codeanyapp.com
consent.cookiebot.com |
| 29 | 3 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.viseca.ch |
| itunes.apple.com |
| play.google.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| codeanyapp.com R3 |
2023-04-21 - 2023-07-20 |
3 months | crt.sh |
| consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-06 - 2024-04-06 |
a year | crt.sh |
| *.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-17 - 2024-04-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://viseca-one-ch.codeanyapp.com/login/login.php
Frame ID: 0CF9C09543F475A7E3BA61B12BFB26E0
Requests: 28 HTTP requests in this frame
Frame:
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: E0DDB68285AB8ADDC9715F9BFDBF027B
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Login | one Digital ServicePage URL History Show full URLs
-
https://viseca-one-ch.codeanyapp.com/login/
HTTP 302
https://viseca-one-ch.codeanyapp.com/login/login.php Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Cookiebot
(Cookie compliance)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- consent\.cookiebot\.com
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: https://www.viseca.ch/technische-voraussetzungen-visecaone
Title: Anleitung fürs Aktivieren von Cookies
Title: Anleitung fürs Aktivieren von Cookies
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/us/app/visecaone/id970439160?ls=1&mt=8
Title: App Store (iOS)
Title: App Store (iOS)
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=ch.viseca.visecaone
Title: Play Store (Android)
Title: Play Store (Android)
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://viseca-one-ch.codeanyapp.com/login/
HTTP 302
https://viseca-one-ch.codeanyapp.com/login/login.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
login.php
viseca-one-ch.codeanyapp.com/login/ Redirect Chain
|
18 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
viseca-one-ch.codeanyapp.com/login/css/ |
54 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ispin.css
viseca-one-ch.codeanyapp.com/login/css/ |
470 B 423 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
uc.js
consent.cookiebot.com/ |
107 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
one.svg
viseca-one-ch.codeanyapp.com/login/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
one-small.svg
viseca-one-ch.codeanyapp.com/login/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modernizr-custom.js
viseca-one-ch.codeanyapp.com/login/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.11.2.min.js
viseca-one-ch.codeanyapp.com/login/js/ |
157 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
viseca-one-ch.codeanyapp.com/login/js/ |
50 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
content.js
viseca-one-ch.codeanyapp.com/login/js/ |
224 B 356 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.main.js
viseca-one-ch.codeanyapp.com/login/js/ |
639 KB 122 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ispin.js
viseca-one-ch.codeanyapp.com/login/js/ |
1 KB 655 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fpdata.js
viseca-one-ch.codeanyapp.com/login/js/ |
56 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
configuration.js
consentcdn.cookiebot.com/consentconfig/9d1c7e8d-e398-4c0c-8420-a37cefc1bd67/viseca-one-ch.codeanyapp.com/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cc.js
consent.cookiebot.com/9d1c7e8d-e398-4c0c-8420-a37cefc1bd67/ |
384 B 678 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FrutigerLTStd-Roman.woff
viseca-one-ch.codeanyapp.com/login/fonts/ |
78 B 231 B |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FrutigerLTStd-Bold.woff
viseca-one-ch.codeanyapp.com/login/fonts/ |
77 B 230 B |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FrutigerLTStd-Light.woff
viseca-one-ch.codeanyapp.com/login/fonts/ |
78 B 231 B |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame E0DD |
627 B 805 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FrutigerLTStd-Roman.ttf
viseca-one-ch.codeanyapp.com/login/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FrutigerLTStd-Bold.ttf
viseca-one-ch.codeanyapp.com/login/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FrutigerLTStd-Light.ttf
viseca-one-ch.codeanyapp.com/login/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modernizr-custom.js
viseca-one-ch.codeanyapp.com/login/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.11.2.min.js
viseca-one-ch.codeanyapp.com/login/js/ |
157 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
viseca-one-ch.codeanyapp.com/login/js/ |
50 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
content.js
viseca-one-ch.codeanyapp.com/login/js/ |
224 B 355 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.main.js
viseca-one-ch.codeanyapp.com/login/js/ |
639 KB 122 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ispin.js
viseca-one-ch.codeanyapp.com/login/js/ |
1 KB 654 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
fpdata.js
viseca-one-ch.codeanyapp.com/login/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- viseca-one-ch.codeanyapp.com
- URL
- https://viseca-one-ch.codeanyapp.com/login/js/fpdata.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Viseca (Financial)75 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| dataLayer object| CookieConsent string| cookiedomainwarning object| Modernizr function| $ function| jQuery number| CB_jQueryHoldReadyStarted object| jQuery1112036177040123960347 function| initInputValueCheck function| initCheckboxStateCheck function| initTouchNav function| initMultiLevelNav function| initHidePopoverOnClickOutside function| initKartenForm function| initAjaxSelect function| initAjaxCheckboxes function| initDateTextFields function| initBootstrapDatePickerRange function| initCardFieldValidation function| initAjaxTabsTB function| initCarousel function| initAutoShowAlerts function| initAddItems function| initInputMask function| initProgressAnimation function| initDisableScroll function| initCustomTabs function| stopVideosOnModalClose function| initAjaxModal function| initYoutubeOverlay function| playPauseIframeYoutube function| initBootstrapDatePicker function| initNavDrop function| initRegistrationCodeForm function| formSendAjax function| formOnAjaxSuccess function| initSimpleForm function| initSmsForm function| initFormValidation function| initCustomForms function| initTBResizeFix function| initMobileTable function| initFixedTable function| initPopover function| initCloseCollapse function| initRetinaCover function| initSlickCarousel function| initCustomHover function| initOpenClose function| TouchNav object| lib function| MultiLevelNav function| AjaxSelectContent function| AddCloneItem object| CssAnimationHelper object| ResponsiveHelper function| DisablePageScroll function| FixedTable object| jcf object| picturefillCFG function| picturefill function| Inputmask function| Hammer function| addEventListenerBase0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
consent.cookiebot.com
consentcdn.cookiebot.com
viseca-one-ch.codeanyapp.com
viseca-one-ch.codeanyapp.com
23.2.131.30
23.44.51.163
45.55.112.74
1861bd07d7cb7cdeb1829bddb92c79c977497b7125aaa3432fe0a0f7160a8287
445a40338fb4c488b9b8432ec3014e6fda1e95370e87f33fdc527c06d04dbaa5
4e2ad3b91d7fd9c3448a3e28509d84e6d109af5523514345c79961fa68e23ce2
52374d2ce8508abc6eb980ef331f997a62acb5e46a3f25d00bf7bd08913d0259
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
786964c982ce06813033af2504466bc31f41ef7ab6cb6f315870be50b37c2e4c
892e60c998d008c29c11d397f0595dc0a493b2f2d317f9b7ee203a11b889e0ee
8b1ac825153c2c2e7321901e800fdaf9ca16e65aaf28d362698400ac3642b18b
92eed3a29c1613c1567dcb8d8dffc5dde7b83760bdc85f890d8cddf81775c15a
9456ec63c740c2ccb27fddc9bfd7437da4e106ba5c723b9d24d4f2d800031438
99fcb1f657eb586df5c20e45852ba8c80d51e127e326f777997d53a69deaa363
9e5d9608c0a0edfe0e7661a72da49cdf56cb1341eed20b240a1ab1fdb3057026
b57167e92a536f767a2df71fd445e500490b19accbe00047492de6b4bd0cd3a1
badaa269a8a72493f05a91e43262a5e0097a697a33ae81eeee0148b55804cd21
c53f98a64cb466d281e693f76eb3248e7d0663c962f80d6d5ba910dc8682d98c
d8ff864b43d6481ec467e04a1af7fa861fa3f872edfb711e0384a1a3eb9817f0
ecff943794ff5394b9380aade765f1ae4c8fa44578a25d34c17a408b3d4bed2b