URL: https://europe.aticloud.aero/vpn/index.html
Submission Tags: @phishunt_io
Submission: On March 05 via api from ES

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 57.191.0.244, located in Frankfurt am Main, Germany and belongs to SITA-ATICLOUD-FRA, BE. The main domain is europe.aticloud.aero.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 27th 2020. Valid for: a year.
This is the only time europe.aticloud.aero was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 57.191.0.244 198912 (SITA-ATIC...)
13 1
Apex Domain
Subdomains
Transfer
13 aticloud.aero
europe.aticloud.aero
249 KB
13 1
Domain Requested by
13 europe.aticloud.aero europe.aticloud.aero
13 1

This site contains no links.

Subject Issuer Validity Valid
*.aticloud.aero
DigiCert SHA2 Secure Server CA
2020-02-27 -
2021-04-13
a year crt.sh

This page contains 1 frames:

Primary Page: https://europe.aticloud.aero/vpn/index.html
Frame ID: 9C800828CA1B9649A1691480271B1727
Requests: 13 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

249 kB
Transfer

244 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set index.html
europe.aticloud.aero/vpn/
6 KB
6 KB
Document
General
Full URL
https://europe.aticloud.aero/vpn/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
82653928d2e3067ba975ac5d8f3821592503e0ecb541b04137741f9bbf6ab521
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
europe.aticloud.aero
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Last-Modified
Tue, 06 Oct 2020 02:32:33 GMT
ETag
"1667-5b0f769439240"
Accept-Ranges
bytes
Content-Length
5735
X-XSS-Protection
1; mode=block
Cache-Control
no-cache, no-store, must-revalidate no-cache
Pragma
no-cache
Expires
0
Keep-Alive
timeout=15, max=93
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Set-Cookie
pwcount=0;Secure;HttpOnly;Path=/;expires=Wednesday, 09-Nov-1999 23:12:40 GMT
caxtonstyle.css
europe.aticloud.aero/vpn/images/
27 KB
28 KB
Stylesheet
General
Full URL
https://europe.aticloud.aero/vpn/images/caxtonstyle.css
Requested by
Host: europe.aticloud.aero
URL: https://europe.aticloud.aero/vpn/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
6531ff7849a6fd55e9131e5221ff4ccd889319244b8d7f16912e2e8aebdb37e1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://europe.aticloud.aero/vpn/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Via
NS-CACHE-10.0: 166
Last-Modified
Tue, 06 Oct 2020 02:32:33 GMT
Server
Apache
Age
1
ETag
"6dff-5b0f769439240"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=87
Content-Length
28159
X-XSS-Protection
1; mode=block
resources.js
europe.aticloud.aero/vpn/
15 KB
16 KB
Script
General
Full URL
https://europe.aticloud.aero/vpn/resources.js
Requested by
Host: europe.aticloud.aero
URL: https://europe.aticloud.aero/vpn/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
c5ba6f220fe6ae9efc531f4363a643c70312a82afa82a57ff5bc37a6faddba59
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://europe.aticloud.aero/vpn/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Via
NS-CACHE-10.0: 166
Last-Modified
Tue, 06 Oct 2020 02:32:33 GMT
Server
Apache
Age
1
ETag
"3cc9-5b0f769439240"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=88
Content-Length
15561
X-XSS-Protection
1; mode=block
nsshare.js
europe.aticloud.aero/vpn/
14 KB
14 KB
Script
General
Full URL
https://europe.aticloud.aero/vpn/nsshare.js
Requested by
Host: europe.aticloud.aero
URL: https://europe.aticloud.aero/vpn/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
7404cf2bbd6b32c0db35a2c2bf6feeef70bc1cf02a61689bc24924704d185058
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://europe.aticloud.aero/vpn/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Via
NS-CACHE-10.0: 166
Last-Modified
Tue, 06 Oct 2020 02:32:33 GMT
Server
Apache
Age
1
ETag
"3793-5b0f769439240"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=86
Content-Length
14227
X-XSS-Protection
1; mode=block
login.js
europe.aticloud.aero/vpn/
4 KB
4 KB
Script
General
Full URL
https://europe.aticloud.aero/vpn/login.js
Requested by
Host: europe.aticloud.aero
URL: https://europe.aticloud.aero/vpn/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
c51dc9b16bb072b9b943c360742a277b8ce313d945825116674b358816722ba4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://europe.aticloud.aero/vpn/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Via
NS-CACHE-10.0: 166
Last-Modified
Tue, 06 Oct 2020 02:32:33 GMT
Server
Apache
Age
1
ETag
"e2f-5b0f769439240"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
no-cache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=85
Content-Length
3631
X-XSS-Protection
1; mode=block
LoginButtonRolloverGlow.gif
europe.aticloud.aero/vpn/images/
2 KB
2 KB
Image
General
Full URL
https://europe.aticloud.aero/vpn/images/LoginButtonRolloverGlow.gif
Requested by
Host: europe.aticloud.aero
URL: https://europe.aticloud.aero/vpn/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
7d66a471480ec7319436a5cb6fdaebffcf4a06c5759b09bdeecb2ef731e8d218
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://europe.aticloud.aero/vpn/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Via
NS-CACHE-10.0: 166
Last-Modified
Tue, 06 Oct 2020 02:32:02 GMT
Server
Apache
Age
1
ETag
"6e3-5b0f7676a8c80"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=35
Content-Length
1763
X-XSS-Protection
1; mode=block
Loader.gif
europe.aticloud.aero/vpn/images/
5 KB
5 KB
Image
General
Full URL
https://europe.aticloud.aero/vpn/images/Loader.gif
Requested by
Host: europe.aticloud.aero
URL: https://europe.aticloud.aero/vpn/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
6fbeb616163296b4c000a13ed5ed47ee2f139d8721afec98c00d73e959fb11ff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://europe.aticloud.aero/vpn/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Via
NS-CACHE-10.0: 166
Last-Modified
Tue, 06 Oct 2020 02:32:33 GMT
Server
Apache
Age
1
ETag
"13e0-5b0f769439240"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=34
Content-Length
5088
X-XSS-Protection
1; mode=block
config.xml
europe.aticloud.aero/vpn/resources/
280 B
659 B
XHR
General
Full URL
https://europe.aticloud.aero/vpn/resources/config.xml
Requested by
Host: europe.aticloud.aero
URL: https://europe.aticloud.aero/vpn/resources.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
6b06b78c51a0dde1f08ae84769e7215b24302c75d578700bc7b3478d5aa30df1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://europe.aticloud.aero/vpn/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Via
NS-CACHE-10.0: 166
Last-Modified
Tue, 06 Oct 2020 02:32:33 GMT
Server
Apache
Age
1
ETag
"118-5b0f769439240"
X-Frame-Options
SAMEORIGIN
Content-Type
application/xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=33
Content-Length
280
X-XSS-Protection
1; mode=block
en.xml
europe.aticloud.aero/vpn/resources/
42 KB
42 KB
XHR
General
Full URL
https://europe.aticloud.aero/vpn/resources/en.xml
Requested by
Host: europe.aticloud.aero
URL: https://europe.aticloud.aero/vpn/resources.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
156d7e3cf8ed563766e3cf7eae5179c0e14107a0411c51350147d3e7d1c38135
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://europe.aticloud.aero/vpn/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Via
NS-CACHE-10.0: 166
Last-Modified
Tue, 06 Oct 2020 02:32:33 GMT
Server
Apache
Age
1
ETag
"a845-5b0f769439240"
X-Frame-Options
SAMEORIGIN
Content-Type
application/xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=32
Content-Length
43077
X-XSS-Protection
1; mode=block
bg_bubbles.jpg
europe.aticloud.aero/vpn/images/
56 KB
57 KB
Image
General
Full URL
https://europe.aticloud.aero/vpn/images/bg_bubbles.jpg
Requested by
Host: europe.aticloud.aero
URL: https://europe.aticloud.aero/vpn/images/caxtonstyle.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
6fa4b9062400b88daf311f20db277db3d5f1b9b16d0a120ca95fcef7486d0758
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://europe.aticloud.aero/vpn/images/caxtonstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Via
NS-CACHE-10.0: 166
Last-Modified
Tue, 06 Oct 2020 02:32:33 GMT
Server
Apache
Age
1
ETag
"e1a6-5b0f769439240"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=31
Content-Length
57766
X-XSS-Protection
1; mode=block
LogonBox.png
europe.aticloud.aero/vpn/images/
69 KB
70 KB
Image
General
Full URL
https://europe.aticloud.aero/vpn/images/LogonBox.png
Requested by
Host: europe.aticloud.aero
URL: https://europe.aticloud.aero/vpn/images/caxtonstyle.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
22c86a31c1e1fd65be341b24bdc2bc82dab731d90fe6cd98012820c2b24817bb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://europe.aticloud.aero/vpn/images/caxtonstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Via
NS-CACHE-10.0: 166
Last-Modified
Tue, 06 Oct 2020 02:32:33 GMT
Server
Apache
Age
1
ETag
"11571-5b0f769439240"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=30
Content-Length
71025
X-XSS-Protection
1; mode=block
userbox.png
europe.aticloud.aero/vpn/images/
948 B
1 KB
Image
General
Full URL
https://europe.aticloud.aero/vpn/images/userbox.png
Requested by
Host: europe.aticloud.aero
URL: https://europe.aticloud.aero/vpn/images/caxtonstyle.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
7decd21ae89ead0a8cb7b2f9789e5aa1bea390af44dfb0bc70ba3b9a9cde022f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://europe.aticloud.aero/vpn/images/caxtonstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Via
NS-CACHE-10.0: 166
Last-Modified
Tue, 06 Oct 2020 02:32:33 GMT
Server
Apache
Age
1
ETag
"3b4-5b0f769439240"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=29
Content-Length
948
X-XSS-Protection
1; mode=block
logon.png
europe.aticloud.aero/vpn/images/
2 KB
2 KB
Image
General
Full URL
https://europe.aticloud.aero/vpn/images/logon.png
Requested by
Host: europe.aticloud.aero
URL: https://europe.aticloud.aero/vpn/images/caxtonstyle.css
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
57.191.0.244 Frankfurt am Main, Germany, ASN198912 (SITA-ATICLOUD-FRA, BE),
Reverse DNS
Software
Apache /
Resource Hash
6176aa28701adb40433b057879ae96f124bfe88c920e67c7b28d89a04456ec10
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://europe.aticloud.aero/vpn/images/caxtonstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 20:32:22 GMT
Via
NS-CACHE-10.0: 166
Last-Modified
Tue, 06 Oct 2020 02:32:33 GMT
Server
Apache
Age
1
ETag
"856-5b0f769439240"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=28
Content-Length
2134
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| ResourceManager function| _ object| Resources function| CreateMainTable function| CreateBannerI function| CreateBannerII function| AddHeaderAndBar function| AddHeaderAndBarForTM function| AddHeaderAndBarForCitrix function| AddFooter function| AddBanner boolean| suitable_browser_to_use_png function| canShowPNGWell function| documentWriteGlowBoxUpper function| documentWriteGlowBoxLower function| documentWriteActionPane function| DialogueBodyTop function| DialogueBodyBottom function| DialogInclude function| DialogueBodyI function| DialogueBodyII function| TransferInclude function| TransferOnesessBodyI function| TransferMultsessBodyI function| TransferBodyII boolean| loginPrefilled function| SetCookie function| UnsetCookie function| ns_check function| ns_formLogon function| ns_disperrmsg function| ns_getcookie function| ns_fillName function| loginFieldCheck function| clean_name_cookie function| ns_showpwd function| ShowDivScreen function| CleanDivScreen function| changePage function| setFocus

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block