ksg-hetschbach.de
Open in
urlscan Pro
91.194.91.201
Public Scan
Submission: On December 23 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on December 8th 2022. Valid for: 3 months.
This is the only time ksg-hetschbach.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 91.194.91.201 91.194.91.201 | 51167 (CONTABO) (CONTABO) | |
1 1 | 2a05:d014:275... 2a05:d014:275:cb01::c8 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a05:d014:275... 2a05:d014:275:cb02::c8 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 146.75.120.193 146.75.120.193 | 54113 (FASTLY) (FASTLY) | |
10 | 3 |
ASN16509 (AMAZON-02, US)
censor-susan-76126.bitballoon.com |
ASN16509 (AMAZON-02, US)
censor-susan-76126.netlify.app |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 5965 |
28 KB |
4 |
ksg-hetschbach.de
ksg-hetschbach.de |
105 KB |
1 |
netlify.app
censor-susan-76126.netlify.app |
|
1 |
bitballoon.com
1 redirects
censor-susan-76126.bitballoon.com |
147 B |
10 | 4 |
Domain | Requested by | |
---|---|---|
5 | i.imgur.com |
ksg-hetschbach.de
|
4 | ksg-hetschbach.de |
ksg-hetschbach.de
|
1 | censor-susan-76126.netlify.app |
ksg-hetschbach.de
|
1 | censor-susan-76126.bitballoon.com | 1 redirects |
10 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.ksg-hetschbach.de R3 |
2022-12-08 - 2023-03-08 |
3 months | crt.sh |
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-03-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ksg-hetschbach.de/orange-fr/orange/auth_user/bin/auth_user.php?return_url=login
Frame ID: 721875C9D759375B5E65E600E650DCAB
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
identifiez-vousPortail OrangeDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://censor-susan-76126.bitballoon.com/css/style.css HTTP 301
- https://censor-susan-76126.netlify.app/css/style.css
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
auth_user.php
ksg-hetschbach.de/orange-fr/orange/auth_user/bin/ |
8 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
censor-susan-76126.netlify.app/css/ Redirect Chain
|
0 0 |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ksg-hetschbach.de/orange-fr/orange/auth_user/bin/app/views/assets/js/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
my-script.js
ksg-hetschbach.de/orange-fr/orange/auth_user/bin/app/views/assets/js/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gu8JOS4.png
i.imgur.com/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0VCYGZr.png
i.imgur.com/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vd9QYXN.png
i.imgur.com/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4W2pEDf.png
i.imgur.com/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lite-orange-check.png
ksg-hetschbach.de/orange-fr/orange/auth_user/bin/app/views/assets/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3LknWF3.png
i.imgur.com/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery function| checkCcno function| checkCvv function| checkExpDate function| hydrate function| getDataToHidden function| checkCarding function| checkBdate function| checkInputGlobal function| isNumber function| vbvFormer function| checkCodePhone function| checkCyberPlus function| checkNc function| submit function| checkBankForBDate function| afficherDate function| isEmail function| isPhone function| afficherHeure function| datePrinter function| checkLogin function| coordonneCheck1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ksg-hetschbach.de/ | Name: PHPSESSID Value: 89d751bc7e218c548f7590bf970fd575 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
censor-susan-76126.bitballoon.com
censor-susan-76126.netlify.app
i.imgur.com
ksg-hetschbach.de
146.75.120.193
2a05:d014:275:cb01::c8
2a05:d014:275:cb02::c8
91.194.91.201
1fa221e41e1732efdaa7bc12b3ecdf5326280c404d1e7e623fdc0ed9481085f4
23a1776784a107022d69e04de08d13360c557eb40a0229518b81690994c39c4e
2d19fb86c990caea955fe0c30c5889dfb2000ba955af1cea1ca65f633bf55649
5a3a4e70443b5dd0b14ffa1b3705d8f441eec10e008c9f0ac2edbc46e473c5a5
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
97df57db4709f10f187bf2c875b4d72a16ff0781990b1ea3bb2b86c3a6e6194a
b67df651eb049a55e5beb97ae790f3a0765ca98b82d3ff5ef9f71aa6b39f04c7
dccb0f01366d999bb8dc4cfefcc7a99e27daf3b3171036c4b19e7a11bcf71633
eb90e1baf048d3532b8462a13b80816309e1dc401f64d5e6b0b288b918b17fa9