access.cloudserver781.com
Open in
urlscan Pro
95.216.138.31
Public Scan
Effective URL: https://access.cloudserver781.com/awareness/v/alf7mkl4qr9abe8x/index.html
Submission: On June 25 via manual from FR — Scanned from FI
Summary
TLS certificate: Issued by R11 on June 18th 2024. Valid for: 3 months.
This is the only time access.cloudserver781.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 35 | 95.216.138.31 95.216.138.31 | 24940 (HETZNER-AS) (HETZNER-AS) | |
27 | 1 |
ASN24940 (HETZNER-AS, DE)
PTR: static.31.138.216.95.clients.your-server.de
hrcardif.tools-sharing.com | |
access.cloudserver781.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
cloudserver781.com
7 redirects
access.cloudserver781.com |
2 MB |
5 |
tools-sharing.com
1 redirects
hrcardif.tools-sharing.com |
2 KB |
27 | 2 |
Domain | Requested by | |
---|---|---|
30 | access.cloudserver781.com |
7 redirects
access.cloudserver781.com
hrcardif.tools-sharing.com |
5 | hrcardif.tools-sharing.com |
1 redirects
hrcardif.tools-sharing.com
|
27 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
echonet.bnpparibas |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hrcardif.tools-sharing.com R11 |
2024-06-07 - 2024-09-05 |
3 months | crt.sh |
access.cloudserver781.com R11 |
2024-06-18 - 2024-09-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://access.cloudserver781.com/awareness/v/alf7mkl4qr9abe8x/index.html
Frame ID: 659B8E7F8077C04F45C5CB5D0478AFDF
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
This was a phishing simulation!Page URL History Show full URLs
- https://hrcardif.tools-sharing.com/alf7mkl4qr9abe8x Page URL
-
http://access.cloudserver781.com/awareness/v/alf7mkl4qr9abe8x/index.html
HTTP 307
https://access.cloudserver781.com/awareness/v/alf7mkl4qr9abe8x/index.html Page URL
Detected technologies
TrackJs (Analytics) ExpandDetected patterns
- tracker\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: CyberCulture Sharepoint
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://hrcardif.tools-sharing.com/alf7mkl4qr9abe8x Page URL
-
http://access.cloudserver781.com/awareness/v/alf7mkl4qr9abe8x/index.html
HTTP 307
https://access.cloudserver781.com/awareness/v/alf7mkl4qr9abe8x/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://hrcardif.tools-sharing.com/js/views/campaign/detect.js HTTP 302
- https://hrcardif.tools-sharing.com/obfuscate?path=js/views/campaign/detect.js
- https://access.cloudserver781.com/js/events.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=js/events.js
- https://access.cloudserver781.com/js/quiz.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=js/quiz.js
- https://access.cloudserver781.com/js/views/campaign/bot-tracker.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=js/views/campaign/bot-tracker.js
- https://access.cloudserver781.com/js/timeme.min.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=js/timeme.min.js
- https://access.cloudserver781.com/js/time-tracker.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=js/time-tracker.js
- https://access.cloudserver781.com/assets/modules/rating/js/awareness-rating.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=assets/modules/rating/js/awareness-rating.js
- https://access.cloudserver781.com/js/jquery/jquery.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=js/jquery/jquery.js
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
alf7mkl4qr9abe8x
hrcardif.tools-sharing.com/ |
224 B 534 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
hrcardif.tools-sharing.com/ Redirect Chain
|
1 KB 898 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
plugin-list
hrcardif.tools-sharing.com/ |
65 B 185 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
access.cloudserver781.com/awareness/v/alf7mkl4qr9abe8x/ Redirect Chain
|
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
hrcardif.tools-sharing.com/ |
198 B 119 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
558 B 443 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
1 KB 803 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bot-link.css
access.cloudserver781.com/css/ |
199 B 244 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CARDIF1.jpg
access.cloudserver781.com/public/campaign/954/awareness/1111/11/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Cardif_finale.PNG
access.cloudserver781.com/public/campaign/954/awareness/1111/11/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Button_Phishing_threat_2.png
access.cloudserver781.com/public/campaign/954/awareness/1111/11/ |
50 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Banner_EN.png
access.cloudserver781.com/public/campaign/954/awareness/1111/11/ |
104 KB 104 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phish.png
access.cloudserver781.com/public/campaign/954/awareness/1111/11/ |
404 KB 404 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phish_little.png
access.cloudserver781.com/public/campaign/954/awareness/1111/11/ |
270 B 270 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CIB_CyberCulture_logo.png
access.cloudserver781.com/public/campaign/954/awareness/1111/11/ |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
access.cloudserver781.com/public/campaign/954/awareness/1111/11/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
access.cloudserver781.com/public/campaign/954/awareness/1111/11/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
access.cloudserver781.com/css/new-template/ |
715 B 237 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
awareness-rating.css
access.cloudserver781.com/assets/modules/rating/css/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
69 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
access.cloudserver781.com/ |
198 B 114 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track-time
access.cloudserver781.com/awareness/ |
0 230 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-star-feedback.png
access.cloudserver781.com/images/new-template/icons/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| lucyDispatchEvent function| Request function| lucyQuizStart function| lucyQuizEnd function| lucyQuizAnswer function| lucyQuizResults function| lucySetVariable function| lucyGetVariable function| trackClick function| closeCourse function| goEnd object| TimeMe boolean| injected function| trackTime function| sendUserActivityTimeData function| runTimeTracker function| isChrome object| objAwarenessRating function| AwarenessRating function| $ function| jQuery5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
hrcardif.tools-sharing.com/ | Name: PHPSESSID Value: hlugh0frlln628fjaj2dk112hm |
|
hrcardif.tools-sharing.com/ | Name: link Value: alf7mkl4qr9abe8x |
|
access.cloudserver781.com/ | Name: PHPSESSID Value: dcgn066uenc69cffom9mv4nqse |
|
access.cloudserver781.com/ | Name: link Value: alf7mkl4qr9abe8x |
|
access.cloudserver781.com/ | Name: awareness_link Value: alf7mkl4qr9abe8x |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
access.cloudserver781.com
hrcardif.tools-sharing.com
95.216.138.31
031989df8dfd4dfd579dc8d80bba4dfa11597f0e34bb77b35c286ea4c0692e10
129f58b8b836cc17e45ef17e2e37d794eeb6acf28cf170fb92e1f3870a53a547
17c95654e88abec19b1f0acf6400fccbd68f663c6c1ae2c1453109e60f750a03
1c1aff1501eb2b60d97d99b9f4cddfde783d6503a1a2f3fd7889d0ca9be45f26
1ebe19e41a80646d99691bf907f012f60c4a6f29d362ed8209a5e0964709808d
2fce19886f93f2d6338ba2d5fe34d313e51099e8368386ea94c1b039c1dc71ab
3a6a8cbb0b62b916db06a049cab318768abe60a136709861939616cef81b1f38
524e0f4776c1c53cf74db581ad1a48f999ce7bc202bdad39955e752e9a500e91
57719de43ce724fd5a6216028ffde4ca63cc548b5b1435071cf919e301f3230c
5e46465549be9aa1ee4c7ea0057428146b24e022ae93cc2e7a25a376b2c2d829
69acfb1ec44f06fc2e2751a5e63cddaf3e340c611647651d3e67178675958e24
73680a81b910970b437a56e912d84da8595c4683253e578d54412e8f207b4516
8a08ce93b27b7d6c369f4c516bddadae57c0e149981c566beac99b60c33ed7cd
8d29c972dfe502c3b5d9eec3ec0f319af84b6a508ea77b5a2cb1cfa1668f5e7b
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
a08e4b9fb58d73db6e34139d8bf2520400a8eadf3db2bc564c8d506c82b67667
a4cdf56198270d7d0523eebde60225f2c53c52336a1484e7a0328046ef72fb38
ade1addea71e3eb5aeb5b44ecc7fa960d2f702f7102745cca6216194d077e41a
d608e2bd595848941197c13ea75121cc21a08d9095214cc90006f6538c574820
e09e53f9b87b98ba636752489e3f77c4b2f555ca8bdb2c765f1f0a2ff9a6a16a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ba17114ead1a7b0db72e59502e5f723ef5487e3b175deb1cdbf64ab467a78
f53941103f6922446d2f5490b628638bffa13b74888ca07f40b2811ac743d98c