{
  "website": "*.plesk.page",
  "tags": [
    "Phishing",
    "C&C",
    "Exfiltration",
    "Download"
  ],
  "service_provider": "Plesk",
  "phishing": "Attackers can use a customized subdomain of plesk.page to host their phishing websites.",
  "command_and_control": "Attackers can use a customized subdomain of plesk.page as their C&C server.",
  "exfiltration": "Attackers can add upload functionalities hosted on *.mybluehost.me and exfiltrate data on there.",
  "download": "Malicious tools can be stored on *.plesk.page and downloaded when required.",
  "sample_url": "https://www.joesandbox.com/analysis/600205/0/html",
  "created": "2022-07-28",
  "last_update": "2022-07-28",
  "credits": "Jonathan Lind",
  "detail_path": "/site/2a2e706c65736b2e70616765",
  "detail_slug": "2a2e706c65736b2e70616765",
  "detail_url": "https://lots-project.com/site/2a2e706c65736b2e70616765",
  "scraped_at": "2026-06-16T11:58:36Z"
}