www.z5.tel
Open in
urlscan Pro
15.188.180.100
Public Scan
Effective URL: https://www.z5.tel/wavestone/campaign/run/phishing-annuel-2023-2024-planner-task-1
Submission: On March 19 via manual from FR — Scanned from IL
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on July 19th 2023. Valid for: a year.
This is the only time www.z5.tel was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 51.15.160.155 51.15.160.155 | 12876 (Online SAS) (Online SAS) | |
4 14 | 15.188.180.100 15.188.180.100 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 143.204.98.102 143.204.98.102 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 3 |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-180-100.eu-west-3.compute.amazonaws.com
www.z5.tel |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-102.fra50.r.cloudfront.net
medias.z5.tel |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
z5.tel
4 redirects
www.z5.tel medias.z5.tel |
296 KB |
2 |
limk.email
limk.email |
1 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
14 | www.z5.tel |
4 redirects
limk.email
www.z5.tel |
2 | medias.z5.tel |
www.z5.tel
|
2 | limk.email |
limk.email
|
14 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
7eams.com R3 |
2024-01-31 - 2024-04-30 |
3 months | crt.sh |
*.z5.tel Amazon RSA 2048 M02 |
2023-07-19 - 2024-08-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.z5.tel/wavestone/campaign/run/phishing-annuel-2023-2024-planner-task-1
Frame ID: 0D197CC8CD3C1922AB714A5D05FD7E1D
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountPage URL History Show full URLs
- https://limk.email/nYaaLyTySCJSUR8wxryhpsiDj2p5we9k?signature=0630a3e5634e6018dde031040a057d072... Page URL
-
https://www.z5.tel/swauth/nYaaLyTySCJSUR8wxryhpsiDj2p5we9k
HTTP 302
https://www.z5.tel/wavestone/auth/nYaaLyTySCJSUR8wxryhpsiDj2p5we9k HTTP 302
https://www.z5.tel/wavestone/campaign/run/phishing-annuel-2023-2024-planner-task-1 Page URL
Detected technologies
KineticJS (JavaScript Graphics) ExpandDetected patterns
- kinetic(?:-v?([\d.]+))?(?:\.min)?\.js
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://limk.email/nYaaLyTySCJSUR8wxryhpsiDj2p5we9k?signature=0630a3e5634e6018dde031040a057d072f9bebebdca9f9367e3cc6d814b4abb7 Page URL
-
https://www.z5.tel/swauth/nYaaLyTySCJSUR8wxryhpsiDj2p5we9k
HTTP 302
https://www.z5.tel/wavestone/auth/nYaaLyTySCJSUR8wxryhpsiDj2p5we9k HTTP 302
https://www.z5.tel/wavestone/campaign/run/phishing-annuel-2023-2024-planner-task-1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://www.z5.tel/wavestone/media/campaigns/phishing-annuel-2023-2024-planner-task-1/portals_assets/en-en/202401241117_Wavestone_logo.png HTTP 302
- https://medias.z5.tel/pv3_wavestone/medias/campaigns/phishing-annuel-2023-2024-planner-task-1/portals_assets/en-en/202401241117_Wavestone_logo.png
- https://www.z5.tel/wavestone/media/campaigns/phishing-annuel-2023-2024-planner-task-1/portals_assets/en-en/202401251738_Fond%20%C3%A9cran%20pc.png HTTP 302
- https://medias.z5.tel/pv3_wavestone/medias/campaigns/phishing-annuel-2023-2024-planner-task-1/portals_assets/en-en/202401251738_Fond%20%C3%A9cran%20pc.png
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
nYaaLyTySCJSUR8wxryhpsiDj2p5we9k
limk.email/ |
406 B 535 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b.js
limk.email/ |
2 KB 859 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
phishing-annuel-2023-2024-planner-task-1
www.z5.tel/wavestone/campaign/run/ Redirect Chain
|
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www.z5.tel/vendor/bootstrap/css/ |
152 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open-iconic-bootstrap.min.css
www.z5.tel/vendor/open-iconic-master/css/ |
9 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sw_ui.css
www.z5.tel/css/ |
5 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
202401241117_Wavestone_logo.png
medias.z5.tel/pv3_wavestone/medias/campaigns/phishing-annuel-2023-2024-planner-task-1/portals_assets/en-en/ Redirect Chain
|
53 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.3.min.js
www.z5.tel/vendor/jquery/ |
88 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
www.z5.tel/vendor/popper.js/ |
21 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
www.z5.tel/vendor/bootstrap/js/ |
57 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sw_user_ui.js
www.z5.tel/js/ |
175 B 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kinetic.min.js
www.z5.tel/vendor/kinetic/ |
118 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.scrollTo.min.js
www.z5.tel/vendor/jquery.scrollto/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
202401251738_Fond%20%C3%A9cran%20pc.png
medias.z5.tel/pv3_wavestone/medias/campaigns/phishing-annuel-2023-2024-planner-task-1/portals_assets/en-en/ Redirect Chain
|
93 KB 94 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| Popper object| bootstrap object| Kinetic function| getCertificate function| switch_lang14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.z5.tel/ | Name: PHPSESSID Value: otjdf23n0e245fb3n3gf65ee1l |
|
.z5.tel/ | Name: CloudFront-Key-Pair-Id Value: K2EYO6F4XNX8QF |
|
.z5.tel/ | Name: PHPSESSNAME Value: PHPSESSID |
|
.z5.tel/ | Name: PHPSESSID Value: otjdf23n0e245fb3n3gf65ee1l |
|
.z5.tel/ | Name: SWResourceKey Value: pv3_wavestone%2F%2A |
|
www.z5.tel/ | Name: AWSALBTG Value: mbbzUes9ijUNzyyu7vWy3tRYwSJD9695G8GRhwWwyZhdcMHhdEUXQWy07mIYUdbKfcPa97bPj3NLtHFq/JloRygBROSicc4IaiAirgdRjVTReEX0DAZBbIohpmLkt/QcUdw/EbRpSgKxhrP2hVHllqdNBg/oGqydcMfpIkZexs5sHJTnTbI= |
|
www.z5.tel/ | Name: AWSALBTGCORS Value: mbbzUes9ijUNzyyu7vWy3tRYwSJD9695G8GRhwWwyZhdcMHhdEUXQWy07mIYUdbKfcPa97bPj3NLtHFq/JloRygBROSicc4IaiAirgdRjVTReEX0DAZBbIohpmLkt/QcUdw/EbRpSgKxhrP2hVHllqdNBg/oGqydcMfpIkZexs5sHJTnTbI= |
|
www.z5.tel/ | Name: AWSALB Value: gcJUpMHCFlMpBDvOv3ypBP/n/ReSNBo0o4quCtl7GXpVSH0TVXcxRzCeKDl4M7Z+q1H6u6vxPaoVkUzFd9rlws+z/yVKpcRdPYFkXnGGrXHh7eFCP4/f6dctFPDK |
|
www.z5.tel/ | Name: AWSALBCORS Value: gcJUpMHCFlMpBDvOv3ypBP/n/ReSNBo0o4quCtl7GXpVSH0TVXcxRzCeKDl4M7Z+q1H6u6vxPaoVkUzFd9rlws+z/yVKpcRdPYFkXnGGrXHh7eFCP4/f6dctFPDK |
|
.z5.tel/ | Name: CloudFront-Policy Value: eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiaHR0cHM6Ly9tZWRpYXMuejUudGVsL3B2M193YXZlc3RvbmUvKiIsIkNvbmRpdGlvbiI6eyJEYXRlTGVzc1RoYW4iOnsiQVdTOkVwb2NoVGltZSI6MTcxMDg1ODIxNX19fV19 |
|
.z5.tel/ | Name: CloudFront-Signature Value: qENngpJcKf8J1kQBHD8P4xNoNObU8edw4O5QExb6A0LaJmRMycmFNy95NcC3sdJZ0fWfHlvroR5G3IqO4w8QHGwfWRbrbXgqqP4vy4q%7ElHcCmNTMkJ1AJLfaOmVxgGKUY7NXMeckCUrwKf7wZbKKp5MQw-Njw99a5PL-Ln5L%7EM3Q5eow-VRQDIhUNXs1rWmG-QrTRjrt%7EnRNTWlWwMR7Aj4aex7AGtd1YhUNPAqrcgFJ1Vz51OGkaVutY-WPwbuoskKeax8jzZE7EtR6%7E1DG%7EDSI3v4DM--w6wb3CJ3Ixg%7EX8w3DvFsNsb5jWXKSqaILnaGurbHa54aAde7xpbcyTA__ |
|
.z5.tel/ | Name: CloudFront-Expires Value: 1710858215 |
|
www.z5.tel/ | Name: XSRF-TOKEN Value: eyJpdiI6ImhGMjBzR25VQm5GQmNuVXpWWkh1dHc9PSIsInZhbHVlIjoiOThBaTh0eVwvVTdrZ1JWUkNnT1MzNXloXC9hZTZ3c29jZEsrTGU2Y3lQY2NVbW4rRWF5Z0R2VXgxQjQ3OXcrZHNCIiwibWFjIjoiNzY4ZDRiOTM0ZjJhMDM1ZDY3YjY1ZTFhZTdkNWI5Y2JhZDY1YzIwY2NjYmQwZTI1MmExZDVjMTIyZjY0NTg4MiJ9 |
|
www.z5.tel/ | Name: sensiwave_session Value: eyJpdiI6ImFHaUEyeGVHSjFnMEtrTjVabGFIckE9PSIsInZhbHVlIjoiS3QxNXR6TlZYNGQ4b3R6cnVKVG9aWjh6RWxwK21nSXNyQXpNRTd2RUR5K296YVBXUEVVR2dLdWlLMUNGVWVNRiIsIm1hYyI6ImQwNmE4ZGY5YWI0NTc0NjI1M2NkOGU3MjY2MjRhYWVjNmI2NDc0NjExZjU5MDBlYjkxNjFmN2Y0ZDMwODliN2MifQ%3D%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
limk.email
medias.z5.tel
www.z5.tel
143.204.98.102
15.188.180.100
51.15.160.155
016c3563377a03fd6baf28e7c6b49d64b4ac3917fcd465bcc8c087fbd5f20762
01fd4fbca507333afca32af21e7108e6669414d60260202e47901e74f650de44
049fc6f9efb2edb41dad8912d91053c8d7c11e903d22e19a3e67fd86db9be4c4
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
19e607ab1c5865e0046971394613ee282646d0b5603252857f5d81368530288c
1c649986870e0841ef8aaeecddaf75ecbca331aa9707be42ee42d50ea94c7dd7
2b45fe53cd2590454a72c27e4b61b09132f434a53ad2c7d961d6acd0301f2cb4
3fd56cf2806144b79321a40381af149aefec00c505ed90ca06f823af0aab3f07
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
bda9f137198f53b89750d38eb423ebb5f6d83a57aaae476767a9769c79392f88
cd0e7c923d9e0fcd6b15f78e40cd0d8e695e13ffa92f43d2931e4b4474659e0c
fd779360c99f209b388f7800995ec959572174f14faea95b587efe7d8483fab7