kareleaa.talentlms.com Open in urlscan Pro
3.217.205.239  Malicious Activity! Public Scan

Submitted URL: https://kareleaa.talentlms.com/shared/start/key:LZGIDNHR
Effective URL: https://kareleaa.talentlms.com/unit/view/id:2048
Submission: On April 12 via manual from IN — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 3.217.205.239, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is kareleaa.talentlms.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 21st 2020. Valid for: 2 years.
This is the only time kareleaa.talentlms.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious2 votes Show Verdicts

Domain & IP information

IP Address AS Autonomous System
2 13 3.217.205.239 14618 (AMAZON-AES)
2 54.192.230.88 16509 (AMAZON-02)
2 18.66.242.17 16509 (AMAZON-02)
15 3
Apex Domain
Subdomains
Transfer
15 talentlms.com
kareleaa.talentlms.com
cdn.talentlms.com — Cisco Umbrella Rank: 211358
513 KB
2 cloudfront.net
d3j0t7vrtr92dk.cloudfront.net
140 KB
15 2
Domain Requested by
13 kareleaa.talentlms.com 2 redirects kareleaa.talentlms.com
2 d3j0t7vrtr92dk.cloudfront.net kareleaa.talentlms.com
2 cdn.talentlms.com kareleaa.talentlms.com
15 3

This site contains links to these domains. Also see Links.

Domain
heady-sturdy-cent.glitch.me
Subject Issuer Validity Valid
*.talentlms.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-21 -
2022-07-24
2 years crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh

This page contains 1 frames:

Primary Page: https://kareleaa.talentlms.com/unit/view/id:2048
Frame ID: D82AD279497952657EE13F4D735D8965
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

kareleaa | RFP | PORTAL

Page URL History Show full URLs

  1. https://kareleaa.talentlms.com/shared/start/key:LZGIDNHR HTTP 302
    https://kareleaa.talentlms.com/learner/course/id:126 HTTP 302
    https://kareleaa.talentlms.com/unit/view/id:2048 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

650 kB
Transfer

1864 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kareleaa.talentlms.com/shared/start/key:LZGIDNHR HTTP 302
    https://kareleaa.talentlms.com/learner/course/id:126 HTTP 302
    https://kareleaa.talentlms.com/unit/view/id:2048 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request id:2048
kareleaa.talentlms.com/unit/view/
Redirect Chain
  • https://kareleaa.talentlms.com/shared/start/key:LZGIDNHR
  • https://kareleaa.talentlms.com/learner/course/id:126
  • https://kareleaa.talentlms.com/unit/view/id:2048
71 KB
73 KB
Document
General
Full URL
https://kareleaa.talentlms.com/unit/view/id:2048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.205.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-205-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
319fc5ed6acb8b0ccc26d41e0aa68e4625405a8d5fb1e527195189df15c08e67
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Tue, 12 Apr 2022 06:21:00 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
strict-transport-security
max-age=15768000
transfer-encoding
chunked

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 12 Apr 2022 06:21:00 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://kareleaa.talentlms.com/unit/view/id:2048
pragma
no-cache
server
Apache
strict-transport-security
max-age=15768000
animate.min.css
kareleaa.talentlms.com/pages/themes/default/css/
41 KB
4 KB
Stylesheet
General
Full URL
https://kareleaa.talentlms.com/pages/themes/default/css/animate.min.css?v=530
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/unit/view/id:2048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.205.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-205-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
acd4dcf96c8b5f8b2ff506897cbc8f07ba0d30248b6f19b58c66d5a70f132821
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kareleaa.talentlms.com/unit/view/id:2048
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 06:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 16:57:16 GMT
server
Apache
etag
"a29a-5dae59f301760-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
3231
x-xss-protection
1; mode=block
expires
Wed, 12 Apr 2023 06:21:01 GMT
fmt:1649684864,tn:41,tv:0,ct:1,rtl:0
kareleaa.talentlms.com/index/css/
584 KB
92 KB
Stylesheet
General
Full URL
https://kareleaa.talentlms.com/index/css/fmt:1649684864,tn:41,tv:0,ct:1,rtl:0
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/unit/view/id:2048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.205.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-205-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
aae1c90bb53a023e8454b9f3680b5c3132bea94a14c27c13da540a50f54e1292
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kareleaa.talentlms.com/unit/view/id:2048
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 06:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, max-age=0
transfer-encoding
chunked
strict-transport-security
max-age=15768000
x-xss-protection
1; mode=block
expires
Tue, 26 Apr 2022 06:21:01 GMT
wysiwyg-fonts.css
kareleaa.talentlms.com/pages/themes/default/css/
10 KB
2 KB
Stylesheet
General
Full URL
https://kareleaa.talentlms.com/pages/themes/default/css/wysiwyg-fonts.css?v=530
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/unit/view/id:2048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.205.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-205-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
f75867097f9cb41f58251ebcac64ee4ebdb84f8f08f1f395d217fe9832526c48
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kareleaa.talentlms.com/unit/view/id:2048
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 06:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 16:57:16 GMT
server
Apache
etag
"2807-5dae59f31ec20-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
993
x-xss-protection
1; mode=block
expires
Wed, 12 Apr 2023 06:21:01 GMT
main-530.min.js
kareleaa.talentlms.com/pages/scripts/lib/
918 KB
235 KB
Script
General
Full URL
https://kareleaa.talentlms.com/pages/scripts/lib/main-530.min.js
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/unit/view/id:2048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.205.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-205-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3bbeb615364eac8ad39a4fe8b40466d464e1a4294963c8b589c1261f1e2961f6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kareleaa.talentlms.com/unit/view/id:2048
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 06:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Mar 2022 08:00:25 GMT
server
Apache
etag
"3a7b2-5db6af01d2d76;5db6af03b2552
strict-transport-security
max-age=15768000
content-type
text/javascript
cache-control
max-age=31536000, public
tcn
choice
accept-ranges
bytes
content-location
main-530.min.js.gz
content-length
239538
x-xss-protection
1; mode=block
expires
Wed, 12 Apr 2023 06:21:01 GMT
toastr.min.css
kareleaa.talentlms.com/pages/themes/default/css/
7 KB
4 KB
Stylesheet
General
Full URL
https://kareleaa.talentlms.com/pages/themes/default/css/toastr.min.css?v=530
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/unit/view/id:2048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.205.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-205-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kareleaa.talentlms.com/unit/view/id:2048
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 06:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 16:57:16 GMT
server
Apache
etag
"1a55-5dae59f31dc80-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
3032
x-xss-protection
1; mode=block
expires
Wed, 12 Apr 2023 06:21:01 GMT
loading-small.gif
kareleaa.talentlms.com/pages/images/
34 KB
35 KB
Image
General
Full URL
https://kareleaa.talentlms.com/pages/images/loading-small.gif
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/unit/view/id:2048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.205.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-205-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9cbd8f8a918fb74994193785913646a089d8a7948a49f0774c94ee1d76d840cb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kareleaa.talentlms.com/unit/view/id:2048
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 06:21:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 16:57:16 GMT
server
Apache
etag
"898f-5dae59f2d7781"
vary
User-Agent
content-type
image/gif
cache-control
max-age=31536000, public
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
35215
x-xss-protection
1; mode=block
expires
Wed, 12 Apr 2023 06:21:01 GMT
unknown_big.png
kareleaa.talentlms.com/pages/images/
2 KB
3 KB
Image
General
Full URL
https://kareleaa.talentlms.com/pages/images/unknown_big.png
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/unit/view/id:2048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.205.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-205-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
fb16421910d11124107ae7ffb5db730a6c39c7df9237132aade5514184839c92
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kareleaa.talentlms.com/unit/view/id:2048
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 06:21:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 16:57:16 GMT
server
Apache
etag
"94e-5dae59f2efe20"
vary
User-Agent
content-type
image/png
cache-control
max-age=31536000, public
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
2382
x-xss-protection
1; mode=block
expires
Wed, 12 Apr 2023 06:21:01 GMT
1649653713_mw1920_PDF.jpg
cdn.talentlms.com/kareleaa/
11 KB
11 KB
Image
General
Full URL
https://cdn.talentlms.com/kareleaa/1649653713_mw1920_PDF.jpg?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6XC9cL2Nkbi50YWxlbnRsbXMuY29tXC9rYXJlbGVhYVwvMTY0OTY1MzcxM19tdzE5MjBfUERGLmpwZyIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTY0OTc2NDgwMH19fV19&Signature=Jv5a4OA8y3LkQWnqCfVQnqifotIJFUXxf1hdcUIn0hEE2dGpXr34jvlsuOgdPBtWJUnzk2qAtCS%2Fi7JC9Xo43Q6Br9g7dtCSO0KPEp67%2F8BRT8qH3SQ6hDpj3FeDz7gEgOk%2FMkUu6DmWnlp2cA%2F%2FrgAxY9UolvxZE%2Fa7U2vGofmmNv4LzG8MaXSNQ3aevK4ZkPsY%2FxQxWXlLbKrOF0lNOlwII5w6L88ILd8PCj%2FjcXrQb62eTww2sA11Sb02WeddNSTe5I60QFW8v6DM0niYiCvf9o0WaISWhgaBKiXB6FFAVC7cwoykadBhN1qg%2FMIUm1NGol4hNtIWZm0ht5FCEQ__&Key-Pair-Id=APKAJDCWVQTW4P3KI3XA
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/unit/view/id:2048
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.230.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-230-88.waw50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51632adce1118f293ff58385b14e0b9093ab8620d0d8902367498379ac9bace0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kareleaa.talentlms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
dOyOz7VdUr4xm_kIVJ9RlapG2VTYDZZ_
Via
1.1 5d40d4ac7c3a1e18748166636540091e.cloudfront.net (CloudFront)
Last-Modified
Mon, 11 Apr 2022 05:08:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
WAW50-C1
ETag
"e81aad52b8befeb54f3ae77429471014"
X-Cache
RefreshHit from cloudfront
Content-Type
image/jpeg
Date
Tue, 12 Apr 2022 06:21:03 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11098
X-Amz-Cf-Id
NtyNNn2XGSlO3QRmnyPuBk4IoiWSb7TAnVACBnV4l-PNagnZIs5jqQ==
1649653739_mw1920_PDF2.png
cdn.talentlms.com/kareleaa/
7 KB
7 KB
Image
General
Full URL
https://cdn.talentlms.com/kareleaa/1649653739_mw1920_PDF2.png?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6XC9cL2Nkbi50YWxlbnRsbXMuY29tXC9rYXJlbGVhYVwvMTY0OTY1MzczOV9tdzE5MjBfUERGMi5wbmciLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE2NDk3NjQ4MDB9fX1dfQ__&Signature=Ta-I7wR%2FaIdHSuW3lH2JVckQyJzs-cis3DwjJ-3t56OocXgph9jr24sdnzQndNDhmkD82L4uDdvvklKefV6GljF5b9tdG5YaHHhS2D19L%2FPNpbe4NidILa6ZdDRRasM0LOvBTqbfq-sqX6gxivXLb00xro3ez5MeGXo7CgPLnU%2FCbJaFtFZ4VAyMnlZnw6uIUn4ck%2F7PyBbAH0SuK2bV1JRKBz6SAHN9Y37VEXEk-mJcFs%2FMxM8FsQRtYwryGajoOUUYBuNzBVgpNuha5oIhM17Vc%2FB%2Ff85cmqo0XpRAgSZpLva5KIAEA5sVybam%2FV1AC0KH8Id0vLN2tY8IlnJKLA__&Key-Pair-Id=APKAJDCWVQTW4P3KI3XA
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/unit/view/id:2048
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.230.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-230-88.waw50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42f5f72ee36927a602b8cc0809f593ec6e29a5b90d395b8d1fd378e3a60b126f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kareleaa.talentlms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
nsXSxhFY0JuMtARAhaavpCPB27HozZqR
Via
1.1 70d111e01220d4724cfea727fa9dfb90.cloudfront.net (CloudFront)
Last-Modified
Mon, 11 Apr 2022 05:09:00 GMT
Server
AmazonS3
X-Amz-Cf-Pop
WAW50-C1
ETag
"62e258c3c1e914cec2ea6f9ea931bc92"
X-Cache
RefreshHit from cloudfront
Content-Type
image/png
Date
Tue, 12 Apr 2022 06:21:03 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6956
X-Amz-Cf-Id
k0Qm95zu7JyMr8lM1HkfeUQ3LJ3XIPCFhhiKqi1--CYCIeSvGjQSxg==
course_completed.jpg
d3j0t7vrtr92dk.cloudfront.net/images/
52 KB
53 KB
Image
General
Full URL
https://d3j0t7vrtr92dk.cloudfront.net/images/course_completed.jpg
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/unit/view/id:2048
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-242-17.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a3d8690540ecf3c10b29d3636e04d0cbf1817f1d16b9cfcfed7929562dbbec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kareleaa.talentlms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
8bvleKvPAYGwJELC6O2zmFWQhm0AfwFI
Via
1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
Last-Modified
Wed, 30 Mar 2022 08:02:20 GMT
Server
AmazonS3
Age
1045
ETag
"37efd27c7625ca5314f4dc527421cdef"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Date
Tue, 12 Apr 2022 06:04:57 GMT
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
Content-Length
53560
X-Amz-Cf-Id
JL4vagHjcARznAyuLw4KO0JxfOF31xxF1nUY2dbwrbL5VTvJdp_Wdg==
course_failed.png
d3j0t7vrtr92dk.cloudfront.net/images/
86 KB
87 KB
Image
General
Full URL
https://d3j0t7vrtr92dk.cloudfront.net/images/course_failed.png
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/unit/view/id:2048
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-242-17.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da0c0c4700ea85b9eb1398724e2cb45502acd441057d832d5449a60a405c7a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kareleaa.talentlms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
4ocPtCZix2C.s_9Q4K5YffJy5clDCzDs
Via
1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
Last-Modified
Wed, 30 Mar 2022 08:02:20 GMT
Server
AmazonS3
Age
18414
ETag
"4e7b4460847c94df1eeddbee78f458af"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Date
Tue, 12 Apr 2022 01:50:11 GMT
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
Content-Length
88268
X-Amz-Cf-Id
xB6l0RcAx2-AQ3Vg-kfi4zxClJ8BMiKUq-T0OVoZctzlf2On3Sm-_A==
Open_Sans_700.woff
kareleaa.talentlms.com/pages/themes/default/css/font/
20 KB
21 KB
Font
General
Full URL
https://kareleaa.talentlms.com/pages/themes/default/css/font/Open_Sans_700.woff
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/index/css/fmt:1649684864,tn:41,tv:0,ct:1,rtl:0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.205.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-205-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2944acfdff85dc6308cf8a2766b6efce9ec63fc8356fd5118a98001b936e50dc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kareleaa.talentlms.com/index/css/fmt:1649684864,tn:41,tv:0,ct:1,rtl:0
Origin
https://kareleaa.talentlms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 06:21:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 16:57:16 GMT
server
Apache
etag
"51e4-5dae59f30b3a0"
vary
User-Agent
content-type
application/x-font-woff
cache-control
public
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
20964
x-xss-protection
1; mode=block
Open_Sans_400.woff
kareleaa.talentlms.com/pages/themes/default/css/font/
20 KB
21 KB
Font
General
Full URL
https://kareleaa.talentlms.com/pages/themes/default/css/font/Open_Sans_400.woff
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/index/css/fmt:1649684864,tn:41,tv:0,ct:1,rtl:0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.205.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-205-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
615494a93f61434c21c6a35e51b508950d66d7784b2f4deb10b7a904b4cca17c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kareleaa.talentlms.com/index/css/fmt:1649684864,tn:41,tv:0,ct:1,rtl:0
Origin
https://kareleaa.talentlms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 06:21:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Mar 2022 16:57:16 GMT
server
Apache
etag
"4ef8-5dae59f30a400"
vary
User-Agent
content-type
application/x-font-woff
cache-control
public
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
20216
x-xss-protection
1; mode=block
id:157
kareleaa.talentlms.com/unit/enter/
16 B
2 KB
XHR
General
Full URL
https://kareleaa.talentlms.com/unit/enter/id:157
Requested by
Host: kareleaa.talentlms.com
URL: https://kareleaa.talentlms.com/pages/scripts/lib/main-530.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.205.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-205-239.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://kareleaa.talentlms.com/unit/view/id:2048
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 06:21:01 GMT
server
Apache
strict-transport-security
max-age=15768000
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate
transfer-encoding
chunked
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment


Malicious task.url
Submitted on May 16th 2022, 5:44:48 am UTC — From Australia

Threats: Phishing
Brands: Microsoft US
Comment: Links to Microsoft credential harvesting site

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| $jscomp function| $jscomp$lookupPolyfilledValue boolean| _canLog function| _log function| logMsg function| getDynaTreePersistData number| DTNodeStatus_Error number| DTNodeStatus_Loading number| DTNodeStatus_Ok function| countUp function| makeIframesElastic object| helpVideoItemTemplate function| getHelpVideoItemTemplate function| createHelpVideoItem function| getHelpVideos function| openHelpVideo function| strip_tags function| htmlspecialchars_decode function| initToolTip function| debounce function| isTouchDevice function| toggleOperationsActions function| hasAttribute undefined| longtouch undefined| timeoutOperation function| touchToggleOperationsActions function| calculateLoadMoreHeight string| loadMoreContainerClass string| loadMoreContainerActiveClass string| loadMorePreLoadClass string| loadMorePreLoadEndedClass string| loadMoreWrapHiddenClass function| loadMoreSetLabelAndHeight function| hideOuterElementsBeforeLoading function| showOuterElementsAfterLoading function| removeOuterElementsAfterLoading function| getListLoadMoreContainers function| loadMoreClickEvent object| radioInputsElements function| appendLabelElementAfterRadioInputs function| toggleExpanders function| encodeQueryData function| addParametersToAddressBar function| changeParametersValues function| cleanArray function| addValueToParam function| removeValueToParam function| getUrlParameterValues function| joinParameterValuesToString function| splitParameterValuesToArray object| urlArrayParameters function| getParamsAndValuesFromUrl function| findIndex function| findDuplicates function| getParamsFromUrlWhenPageLoads function| checkEventIsInitialized number| periodicallyCheckEventTimeOutMillisecond function| periodicallyCheckEventIsInitialized function| triggerEventsForUrlParametersValues function| loadMoreTriggerEvents function| triggerEventsForTypes function| removeUserActionsPreferencesBasedOnKey function| clearUserActionsPreferencesAndCookies function| expireCookiesFromPathIfSet function| setState function| expandCourseDescription function| showCourseDescriptionMore function| openAuthModalAt function| closeAuthModal function| signUpformReplaceWithAlertBox function| resetGrecaptcha function| invertColor function| showElement function| hideElement function| padZero function| invertNavbarInnerColors function| convertRgbToHex function| showSection function| hideSection function| fadeInSection function| initAllSections function| onChangeFocusedElement function| initFocusElement function| sectionStayOpen function| initHideSections function| initShowSection function| initSections function| setUpLabels function| setLabel function| hideLabel function| disableELement function| enableELement function| previewCertification function| populateCertificationDaysSelect function| loadAssignmentHistory function| fileTypesRegex function| generalImageCropOptions function| initCropModal function| getModalChangeButton function| generalImageUploadOptions function| getModalId function| initUploader boolean| scrollStateChanged string| editUnitPage number| noteToolbarOffset function| initStickyEditor function| manageEditorSticky function| editorEventScroll function| calculateEditorsToolbar function| removeEditorScroll function| preventEditorScroll function| resetScrollEmbededFile function| resetEditorScroll function| checkOverflow function| setTlmsCookie function| safeRegexString function| showFilesFromTag function| forceDownloadFile function| preventGridResetOnBack function| $ function| jQuery object| Select2 object| jQBrowser object| toastr object| myportal boolean| isLoggingOut number| tl_timer_id boolean| isCompleted object| unitEndDate function| tl_initTimerValue function| tl_startTimer function| tl_stopTimer function| tl_completeUnit number| heartbeatInterval boolean| enableVideoTimer boolean| isMobile boolean| isRtl string| general_css string| editorMaxUploadSize string| editorFormattedMaxUploadSize string| editorAcceptedFileTypes string| editorFormattedAcceptedFileTypes string| imageAcceptedFileTypes string| imageMaxUploadSize string| courseImageCanvasSizeWidth string| courseImageCanvasSizeHeight string| datepickerFormat boolean| showSelect2 string| currentUserId string| currentUserName string| currentUserEmail string| currentUserCreatedOn string| currentUserIntercomHash string| myToken string| myEffectiveDomain string| myAdminDomain number| gridExportChunkSize number| gridExportProgressThreshold boolean| isDummy number| sessionMaxLifeTime string| checkSessionExpirationUrl string| logourRedirectUrl boolean| enableRelogin string| currency function| getTestIdAttr function| printTestId string| current_filter function| onChangeView function| showStatusGradeModal function| showReplyModal function| updateProgress function| submitResults function| completeUnit function| completeAssignmentUnit string| start_time function| tl_setUpCounter function| tl_startCounter function| formatTimeInterval function| setUnitEndDate

5 Cookies

Domain/Path Name / Value
kareleaa.talentlms.com/ Name: PHPSESSID
Value: elb~84p42uefuajh72q7fggfilt134
.talentlms.com/ Name: CloudFront-Key-Pair-Id
Value: APKAJDCWVQTW4P3KI3XA
.talentlms.com/ Name: CloudFront-Policy
Value: eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKiIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTY0OTc1NTI2MX19fV19
.talentlms.com/ Name: CloudFront-Signature
Value: IZ1CgkeK6TDTQVTZZcG-Uu2I5yrdlC5xdrou4ZSamxvOcWJDl1jouZCBuTS2F4afBji9hrCOV0SacE8p86CrD1EwO7B66NKJq9rG0EaKFm2Oez~9Crtp5sdlVqWe94sVp2F4HUGtKg6edJBjg0FyHLNkrlj9M6DuwLq2-LjsiSvjaMipoeKegY-NKwz0xCRbt4dcdsMsqpu5weUxP4H3oOx8tr1aHoBmdfJWags0HSO1ikkppdyv0BxO8vo0B9EFv3QxxHxoaF0KVKtj1gSRPcqkfrUowhhzUzBI0ulndQufbOxtWhFdbhiaAZKUk~rkqZXWsDBMlpKbH3svejxHcA__
kareleaa.talentlms.com/ Name: AWSALB
Value: c4i4dTSJcINMxD5xNjtzxXjwiWhXr8oo0f3cJGU/Ohp5cjZGABOQYj1qKA5amZAEjmHaaqYC17uPiLlsTLkgz21QlIzzzFFmQ3xFbzihhWVcYKirzyEZk6YCPY/K

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000