urlscan.io logo urlscan.io
SecurityTrails logo

accounts.riseact.site Open in urlscan Pro
168.119.2.181  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://accounts.riseact.site/
Effective URL: https://accounts.riseact.site/login/?next=/
Submission: On November 18 via automatic, source certstream-suspicious — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 168.119.2.181, located in Düsseldorf, Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is accounts.riseact.site.
TLS certificate: Issued by E6 on November 18th 2024. Valid for: 3 months.
This is the only time accounts.riseact.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 168.119.2.181 24940 (HETZNER-A...)
1 142.250.186.40 15169 (GOOGLE)
6 2
Apex Domain
Subdomains		 Transfer
6 riseact.site
accounts.riseact.site
179 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
70 KB
6 2
Domain Requested by
6 accounts.riseact.site 1 redirects accounts.riseact.site
1 www.googletagmanager.com accounts.riseact.site
6 2

This site contains links to these domains. Also see Links.

Domain
accounts.riseact.org
Subject Issuer Validity Valid
accounts.riseact.site
E6		 2024-11-18 -
2025-02-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://accounts.riseact.site/login/?next=/
Frame ID: E7305DAAADD3A2777EF3357FF6044C5D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Entra | Riseact

Page URL History Show full URLs

  1. https://accounts.riseact.site/ HTTP 302
    https://accounts.riseact.site/login/?next=/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

248 kB
Transfer

410 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://accounts.riseact.site/ HTTP 302
    https://accounts.riseact.site/login/?next=/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
accounts.riseact.site/login/
Redirect Chain
  • https://accounts.riseact.site/
  • https://accounts.riseact.site/login/?next=/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.riseact.site/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.2.181 Düsseldorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.181.2.119.168.clients.your-server.de
Software
Caddy gunicorn /
Resource Hash
aa2b4d2799fb182763c75162ed2a327f716c01f8cd502b17d569ed1f43fa03d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors file: http: https: data:
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
content-language
it
content-length
3827
content-security-policy
frame-ancestors file: http: https: data:
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 18 Nov 2024 13:58:15 GMT
expires
Mon, 18 Nov 2024 13:58:15 GMT
referrer-policy
same-origin
server
Caddy gunicorn
vary
Cookie, Accept-Language, Authorization, Origin
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

alt-svc
h3=":443"; ma=2592000
content-language
it
content-length
0
content-security-policy
frame-ancestors file: http: https: data:
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 18 Nov 2024 13:58:15 GMT
location
/login/?next=/
referrer-policy
same-origin
server
Caddy gunicorn
vary
Accept-Language, Cookie, Authorization, Origin
x-content-type-options
nosniff
x-frame-options
DENY
style.02af5a265590.css
accounts.riseact.site/static/styles/ 		48 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.riseact.site/static/styles/style.02af5a265590.css
Requested by
Host: accounts.riseact.site
URL: https://accounts.riseact.site/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.2.181 Düsseldorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.181.2.119.168.clients.your-server.de
Software
Caddy, gunicorn /
Resource Hash
12f79343d3a2c7a615529e978be84d5c29d948c9c8720b9cd74d2d22efd2ed48
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://accounts.riseact.site/login/?next=/

Response headers

cache-control
max-age=315360000, public, immutable
content-encoding
gzip
cross-origin-opener-policy
same-origin-allow-popups
etag
"6735e8ef-bfd5"
referrer-policy
same-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
content-length
8383
date
Mon, 18 Nov 2024 13:58:16 GMT
content-type
text/css; charset="utf-8"
last-modified
Thu, 14 Nov 2024 12:11:27 GMT
server
Caddy, gunicorn
vary
Accept-Encoding, Origin
riseact-logo.3d14a989802a.png
accounts.riseact.site/static/images/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.riseact.site/static/images/riseact-logo.3d14a989802a.png
Requested by
Host: accounts.riseact.site
URL: https://accounts.riseact.site/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.2.181 Düsseldorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.181.2.119.168.clients.your-server.de
Software
Caddy, gunicorn /
Resource Hash
e17c461f63b28fb03d6ed07a9daa039ba45cfa66aa12acb9e009d06130bce3db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://accounts.riseact.site/login/?next=/

Response headers

cache-control
max-age=315360000, public, immutable
cross-origin-opener-policy
same-origin-allow-popups
etag
"6735e8ee-1a272"
referrer-policy
same-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
content-length
107122
date
Mon, 18 Nov 2024 13:58:16 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 12:11:26 GMT
server
Caddy, gunicorn
vary
Origin
gtm.js
www.googletagmanager.com/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MQQDW7QV
Requested by
Host: accounts.riseact.site
URL: https://accounts.riseact.site/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
307c832129e4b28a96b1685eba71cca47eb2dfbbda4e76ed87255d5516cd0a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 18 Nov 2024 13:58:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:58:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 18 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
70699
x-xss-protection
0
server
Google Tag Manager
bg_login.e02a03935a38.png
accounts.riseact.site/static/images/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.riseact.site/static/images/bg_login.e02a03935a38.png
Requested by
Host: accounts.riseact.site
URL: https://accounts.riseact.site/login/?next=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.2.181 Düsseldorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.181.2.119.168.clients.your-server.de
Software
Caddy, gunicorn /
Resource Hash
0d8c140032fe802b6f7a245199272f68c76956c7d6d1ed9b0a4ef6562cc3ba44
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://accounts.riseact.site/login/?next=/

Response headers

cache-control
max-age=315360000, public, immutable
cross-origin-opener-policy
same-origin-allow-popups
etag
"6735e8ee-ec29"
referrer-policy
same-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
content-length
60457
date
Mon, 18 Nov 2024 13:58:16 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 12:11:26 GMT
server
Caddy, gunicorn
vary
Origin
riseact-favicon.ef49c1ae39ba.ico
accounts.riseact.site/static/images/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.riseact.site/static/images/riseact-favicon.ef49c1ae39ba.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
168.119.2.181 Düsseldorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.181.2.119.168.clients.your-server.de
Software
Caddy, gunicorn /
Resource Hash
bfca0fa9932dc5cc1854b8bc1ab6a634447b8e8a769b236ca10be4e00ff80763
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://accounts.riseact.site/login/?next=/

Response headers

cache-control
max-age=315360000, public, immutable
cross-origin-opener-policy
same-origin-allow-popups
etag
"6735e8ee-70f"
referrer-policy
same-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
content-length
1807
date
Mon, 18 Nov 2024 13:58:17 GMT
content-type
image/x-icon
last-modified
Thu, 14 Nov 2024 12:11:26 GMT
server
Caddy, gunicorn
vary
Origin

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager object| google_tag_data

1 Cookies

Domain/Path Name / Value
accounts.riseact.site/ Name: csrftoken
Value: 7WLjmaPujW6MPN2GLkOGaLxPhp2EtE1r

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://accounts.riseact.site/login/?next=/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors file: http: https: data:
X-Content-Type-Options nosniff
X-Frame-Options DENY