access.cloudserver781.com
Open in
urlscan Pro
95.216.138.31
Public Scan
Effective URL: https://access.cloudserver781.com/awareness/v/ly9yd825piap3hcm/index.html
Submission: On September 24 via manual from IN — Scanned from FI
Summary
TLS certificate: Issued by R10 on September 15th 2024. Valid for: 3 months.
This is the only time access.cloudserver781.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 33 | 95.216.138.31 95.216.138.31 | 24940 (HETZNER-AS) (HETZNER-AS) | |
26 | 1 |
ASN24940 (HETZNER-AS, DE)
PTR: static.31.138.216.95.clients.your-server.de
microsoft-planner.notif-group.com | |
access.cloudserver781.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
cloudserver781.com
7 redirects
access.cloudserver781.com |
2 MB |
2 |
notif-group.com
microsoft-planner.notif-group.com |
667 B |
26 | 2 |
Domain | Requested by | |
---|---|---|
31 | access.cloudserver781.com |
7 redirects
access.cloudserver781.com
microsoft-planner.notif-group.com |
2 | microsoft-planner.notif-group.com | |
26 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
echonet.bnpparibas |
Subject Issuer | Validity | Valid | |
---|---|---|---|
microsoft-planner.notif-group.com R11 |
2024-09-18 - 2024-12-17 |
3 months | crt.sh |
access.cloudserver781.com R10 |
2024-09-15 - 2024-12-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://access.cloudserver781.com/awareness/v/ly9yd825piap3hcm/index.html
Frame ID: AFB44ED679CD40FB29ADC906594C3B1D
Requests: 26 HTTP requests in this frame
Screenshot
Page Title
This was a phishing simulation!Page URL History Show full URLs
- https://microsoft-planner.notif-group.com/ly9yd825piap3hcm Page URL
-
http://access.cloudserver781.com/awareness/v/ly9yd825piap3hcm/index.html
HTTP 307
https://access.cloudserver781.com/awareness/v/ly9yd825piap3hcm/index.html Page URL
Detected technologies
TrackJs (Analytics) ExpandDetected patterns
- tracker\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: CyberCulture Sharepoint
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://microsoft-planner.notif-group.com/ly9yd825piap3hcm Page URL
-
http://access.cloudserver781.com/awareness/v/ly9yd825piap3hcm/index.html
HTTP 307
https://access.cloudserver781.com/awareness/v/ly9yd825piap3hcm/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://access.cloudserver781.com/js/events.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=js/events.js
- https://access.cloudserver781.com/js/quiz.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=js/quiz.js
- https://access.cloudserver781.com/js/views/campaign/bot-tracker.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=js/views/campaign/bot-tracker.js
- https://access.cloudserver781.com/js/timeme.min.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=js/timeme.min.js
- https://access.cloudserver781.com/js/time-tracker.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=js/time-tracker.js
- https://access.cloudserver781.com/assets/modules/rating/js/awareness-rating.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=assets/modules/rating/js/awareness-rating.js
- https://access.cloudserver781.com/js/jquery/jquery.js HTTP 302
- https://access.cloudserver781.com/obfuscate?path=js/jquery/jquery.js
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
ly9yd825piap3hcm
microsoft-planner.notif-group.com/ |
171 B 494 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
access.cloudserver781.com/awareness/v/ly9yd825piap3hcm/ Redirect Chain
|
18 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
microsoft-planner.notif-group.com/ |
198 B 173 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
558 B 443 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
1 KB 803 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bot-link.css
access.cloudserver781.com/css/ |
199 B 221 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Image2.png
access.cloudserver781.com/public/campaign/1019/awareness/1189/11/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
123.png
access.cloudserver781.com/public/campaign/1019/awareness/1189/11/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Button_Phishing_threat_2.png
access.cloudserver781.com/public/campaign/1019/awareness/1189/11/ |
50 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Banner_EN.png
access.cloudserver781.com/public/campaign/1019/awareness/1189/11/ |
104 KB 104 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phish.png
access.cloudserver781.com/public/campaign/1019/awareness/1189/11/ |
404 KB 404 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phish_little.png
access.cloudserver781.com/public/campaign/1019/awareness/1189/11/ |
270 B 270 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LOGO_BNPP_BL_Q.jpg
access.cloudserver781.com/public/campaign/1019/awareness/1189/11/ |
115 KB 116 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CIB_CyberCulture_logo.png
access.cloudserver781.com/public/campaign/1019/awareness/1189/11/ |
45 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
access.cloudserver781.com/public/campaign/1019/awareness/1189/11/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
access.cloudserver781.com/public/campaign/1019/awareness/1189/11/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
access.cloudserver781.com/css/new-template/ |
715 B 260 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
awareness-rating.css
access.cloudserver781.com/assets/modules/rating/css/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
obfuscate
access.cloudserver781.com/ Redirect Chain
|
69 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
access.cloudserver781.com/ |
198 B 114 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track-time
access.cloudserver781.com/awareness/ |
0 229 B |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-star-feedback.png
access.cloudserver781.com/images/new-template/icons/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| lucyDispatchEvent function| Request function| lucyQuizStart function| lucyQuizEnd function| lucyQuizAnswer function| lucyQuizResults function| lucySetVariable function| lucyGetVariable function| trackClick function| closeCourse function| goEnd object| TimeMe boolean| injected function| trackTime function| sendUserActivityTimeData function| runTimeTracker function| isChrome object| objAwarenessRating function| AwarenessRating function| $ function| jQuery5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
microsoft-planner.notif-group.com/ | Name: PHPSESSID Value: er4g47jc75ubp7t3ai68stk0tg |
|
microsoft-planner.notif-group.com/ | Name: link Value: ly9yd825piap3hcm |
|
access.cloudserver781.com/ | Name: PHPSESSID Value: ua4f44j9ul8djpgpo6q2ilbs7m |
|
access.cloudserver781.com/ | Name: link Value: ly9yd825piap3hcm |
|
access.cloudserver781.com/ | Name: awareness_link Value: ly9yd825piap3hcm |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
access.cloudserver781.com
microsoft-planner.notif-group.com
95.216.138.31
031989df8dfd4dfd579dc8d80bba4dfa11597f0e34bb77b35c286ea4c0692e10
129f58b8b836cc17e45ef17e2e37d794eeb6acf28cf170fb92e1f3870a53a547
17c95654e88abec19b1f0acf6400fccbd68f663c6c1ae2c1453109e60f750a03
1c1aff1501eb2b60d97d99b9f4cddfde783d6503a1a2f3fd7889d0ca9be45f26
1ebe19e41a80646d99691bf907f012f60c4a6f29d362ed8209a5e0964709808d
3a6a8cbb0b62b916db06a049cab318768abe60a136709861939616cef81b1f38
48b8ecc8828ce4e364f1cc6c139841bcfdd58d51ae530aaeebccf94f856e6721
524e0f4776c1c53cf74db581ad1a48f999ce7bc202bdad39955e752e9a500e91
5e46465549be9aa1ee4c7ea0057428146b24e022ae93cc2e7a25a376b2c2d829
68f1e52f9d6e1a82045f49c2587f0893ea31697b46cc223a7876ac9eef356913
73680a81b910970b437a56e912d84da8595c4683253e578d54412e8f207b4516
8a08ce93b27b7d6c369f4c516bddadae57c0e149981c566beac99b60c33ed7cd
8d29c972dfe502c3b5d9eec3ec0f319af84b6a508ea77b5a2cb1cfa1668f5e7b
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
a4cdf56198270d7d0523eebde60225f2c53c52336a1484e7a0328046ef72fb38
ba00bb41c7c6c2fac8d8d51d4c7572a43ac1c084965764864bef8e52f6993c83
bac7820b4f65429376e9a45f12dbde7f69dbc66466612569c43039783c5030fa
d2f23576669c3c71ff1f77b3c32171350d43a6b27726798d69bb8f3f995091f5
d5eb4a7da73d8433705de7d0110f8bd758ae4f8c7009d34444a901cf2d673782
d608e2bd595848941197c13ea75121cc21a08d9095214cc90006f6538c574820
e09e53f9b87b98ba636752489e3f77c4b2f555ca8bdb2c765f1f0a2ff9a6a16a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ba17114ead1a7b0db72e59502e5f723ef5487e3b175deb1cdbf64ab467a78