cib-awareness.access.cloudserver781.com
Open in
urlscan Pro
95.216.138.31
Public Scan
Effective URL: https://cib-awareness.access.cloudserver781.com/awareness/v/bprciwt5vdiqhx67/index.html
Submission: On December 05 via manual from FR — Scanned from FI
Summary
TLS certificate: Issued by R3 on September 20th 2022. Valid for: 3 months.
This is the only time cib-awareness.access.cloudserver781.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 20 | 95.216.138.31 95.216.138.31 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 3 | 142.250.184.237 142.250.184.237 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 142.250.184.206 142.250.184.206 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.244.42.129 104.244.42.129 | 13414 (TWITTER) (TWITTER) | |
19 | 3 |
ASN24940 (HETZNER-AS, DE)
PTR: static.31.138.216.95.clients.your-server.de
boundriesgroup.businss-semail.com | |
cib-awareness.access.cloudserver781.com |
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f13.1e100.net
accounts.google.com |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
plus.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
cloudserver781.com
3 redirects
cib-awareness.access.cloudserver781.com |
636 KB |
5 |
businss-semail.com
1 redirects
boundriesgroup.businss-semail.com |
6 KB |
4 |
google.com
2 redirects
accounts.google.com — Cisco Umbrella Rank: 88 plus.google.com — Cisco Umbrella Rank: 9534 |
3 KB |
1 |
twitter.com
twitter.com — Cisco Umbrella Rank: 223 |
|
19 | 4 |
Domain | Requested by | |
---|---|---|
15 | cib-awareness.access.cloudserver781.com |
3 redirects
cib-awareness.access.cloudserver781.com
boundriesgroup.businss-semail.com |
5 | boundriesgroup.businss-semail.com |
1 redirects
boundriesgroup.businss-semail.com
|
3 | accounts.google.com |
1 redirects
boundriesgroup.businss-semail.com
|
1 | twitter.com |
boundriesgroup.businss-semail.com
|
1 | plus.google.com | 1 redirects |
19 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
collab.cib.echonet |
Subject Issuer | Validity | Valid | |
---|---|---|---|
boundriesgroup.businss-semail.com R3 |
2022-11-15 - 2023-02-13 |
3 months | crt.sh |
accounts.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
cib-awareness.access.cloudserver781.com R3 |
2022-09-20 - 2022-12-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cib-awareness.access.cloudserver781.com/awareness/v/bprciwt5vdiqhx67/index.html
Frame ID: 78D72E1B2BB8EE40A358D90D12C49364
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
This was a phishing simulation!Page URL History Show full URLs
- https://boundriesgroup.businss-semail.com/bprciwt5vdiqhx67 Page URL
- https://cib-awareness.access.cloudserver781.com/awareness/v/bprciwt5vdiqhx67/index.html Page URL
Detected technologies
TrackJs (Analytics) ExpandDetected patterns
- tracker\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: CyberCulture Sharepoint
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://boundriesgroup.businss-semail.com/bprciwt5vdiqhx67 Page URL
- https://cib-awareness.access.cloudserver781.com/awareness/v/bprciwt5vdiqhx67/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://boundriesgroup.businss-semail.com/js/analyse.js HTTP 302
- https://boundriesgroup.businss-semail.com/obfuscate?path=js/analyse.js
- https://plus.google.com/up/?continue=https://www.google.com/intl/en/images/logos/accounts_logo.png&type=st&gpsrc=ogpy0 HTTP 302
- https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/?continue%3Dhttps://www.google.com/intl/en/images/logos/accounts_logo.png%26type%3Dst%26gpsrc%3Dogpy0&followup=https://plus.google.com/up/?continue%3Dhttps://www.google.com/intl/en/images/logos/accounts_logo.png%26type%3Dst%26gpsrc%3Dogpy0 HTTP 302
- https://accounts.google.com/v3/signin/identifier?dsh=S-603400907%3A1670244275947815&continue=https%3A%2F%2Fplus.google.com%2Fup%2F%3Fcontinue%3Dhttps%3A%2F%2Fwww.google.com%2Fintl%2Fen%2Fimages%2Flogos%2Faccounts_logo.png%26type%3Dst%26gpsrc%3Dogpy0&followup=https%3A%2F%2Fplus.google.com%2Fup%2F%3Fcontinue%3Dhttps%3A%2F%2Fwww.google.com%2Fintl%2Fen%2Fimages%2Flogos%2Faccounts_logo.png%26type%3Dst%26gpsrc%3Dogpy0&osid=1&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAv2n0GXI9HJ3e2ijESw4dzAFQ96QvzSnb8SvG_VbQIjhGd8VYatHi7tAXUwPC0xPO1fieXE3g
- https://cib-awareness.access.cloudserver781.com/js/events.js HTTP 302
- https://cib-awareness.access.cloudserver781.com/obfuscate?path=js/events.js
- https://cib-awareness.access.cloudserver781.com/js/timeme.min.js HTTP 302
- https://cib-awareness.access.cloudserver781.com/obfuscate?path=js/timeme.min.js
- https://cib-awareness.access.cloudserver781.com/js/time-tracker.js HTTP 302
- https://cib-awareness.access.cloudserver781.com/obfuscate?path=js/time-tracker.js
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
bprciwt5vdiqhx67
boundriesgroup.businss-semail.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
obfuscate
boundriesgroup.businss-semail.com/ Redirect Chain
|
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CheckCookie
accounts.google.com/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identifier
accounts.google.com/v3/signin/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login
twitter.com/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
run-analyse
boundriesgroup.businss-semail.com/bprciwt5vdiqhx67/ |
0 419 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.html
cib-awareness.access.cloudserver781.com/awareness/v/bprciwt5vdiqhx67/ |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
run-analyse
boundriesgroup.businss-semail.com/bprciwt5vdiqhx67/ |
0 420 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
obfuscate
cib-awareness.access.cloudserver781.com/ Redirect Chain
|
558 B 985 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CIB_ITO_header.jpg
cib-awareness.access.cloudserver781.com/public/campaign/33/awareness/27/11/ |
100 KB 100 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Button_Phishing_threat_2.png
cib-awareness.access.cloudserver781.com/public/campaign/33/awareness/27/11/ |
50 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Report_As_Phishing.png
cib-awareness.access.cloudserver781.com/public/campaign/33/awareness/27/11/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phish.png
cib-awareness.access.cloudserver781.com/public/campaign/33/awareness/27/11/ |
404 KB 404 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
phish_little.png
cib-awareness.access.cloudserver781.com/admin/awareness-template/307/content/11/file/ |
440 B 440 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CIB_CyberCulture_logo.png
cib-awareness.access.cloudserver781.com/public/campaign/33/awareness/27/11/ |
45 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LOGO_BNPP_BL_Q.jpg
cib-awareness.access.cloudserver781.com/public/campaign/33/awareness/27/11/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
obfuscate
cib-awareness.access.cloudserver781.com/ Redirect Chain
|
4 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
obfuscate
cib-awareness.access.cloudserver781.com/ Redirect Chain
|
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
track-time
cib-awareness.access.cloudserver781.com/awareness/ |
0 589 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| lucyDispatchEvent object| TimeMe boolean| injected function| trackTime function| sendUserActivityTimeData function| runChromeTimeTracker function| isChrome7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
boundriesgroup.businss-semail.com/ | Name: PHPSESSID Value: 5tshmmmbd50ae61664bi4uv364 |
|
boundriesgroup.businss-semail.com/ | Name: link Value: bprciwt5vdiqhx67 |
|
.twitter.com/ | Name: guest_id Value: v1%3A167024427553710535 |
|
.google.com/ | Name: NID Value: 511=L-Bx9WKTWokzxR0cRhBHqyOHsqrFPLN21zemDt_-qvIcryIEz2UaQ-Ym-wAcTxVyL_b58xW_Gc8eBpqyl-BRoPkbc2ND2QOhJ6HLriLV3mMh34q10Yl9hfW-3uJGZepSeriowUPuUjUjYxXasiUXNUxS_fenLwTQ0Rg668A5_SM |
|
cib-awareness.access.cloudserver781.com/ | Name: PHPSESSID Value: b90hoehqm5n78q75r70luhohs3 |
|
cib-awareness.access.cloudserver781.com/ | Name: link Value: bprciwt5vdiqhx67 |
|
cib-awareness.access.cloudserver781.com/ | Name: awareness_link Value: bprciwt5vdiqhx67 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
boundriesgroup.businss-semail.com
cib-awareness.access.cloudserver781.com
plus.google.com
twitter.com
104.244.42.129
142.250.184.206
142.250.184.237
95.216.138.31
1ea66606843a98c6d8775333f382764f51e939b38da23747adf5c8b1a197bc4c
2164694f3ff4925c5d0d747fc5bff5ed3174fabcd974eb3a84aa4c1c1451ea3e
3010ffcb74e77e36146ca2b228e7cdf235d1ac877dea5120b51ee1995faba8a5
3ae66a8d261814acf0678914f1832973fe5be31912abf545f81fe4f97fd707dd
3bcd06e06224324c976733545e2386a631ef0cb16ed269c3936ec7aa8c0c9c79
5979c22c2dd439093c106f4d4df657a59e8515a7d686ee6c242e71d5cebbb474
5e46465549be9aa1ee4c7ea0057428146b24e022ae93cc2e7a25a376b2c2d829
8d29c972dfe502c3b5d9eec3ec0f319af84b6a508ea77b5a2cb1cfa1668f5e7b
a8f7e59c2a6d75c51e1898b2d1ff9f6f666caad39a12d215e506202fce2ce150
ce5b41bb9e310321a957d16cbd21b476c2f68454eb3eb6c5f79a3f3e823908c0
df44e74c857de0cd2b94ae343fe1afced4203aacb6dce3a7107338b0c9a76593
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ba17114ead1a7b0db72e59502e5f723ef5487e3b175deb1cdbf64ab467a78
e5cfedba46032a478be6edea1bdb8f245e6d65bfda14c869d721bf549dfcdcd8