fakevm.site
Open in
urlscan Pro
172.67.176.152
Public Scan
Effective URL: https://fakevm.site/?rid=FSu9Mkl
Submission Tags: falconsandbox
Submission: On September 05 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on August 14th 2024. Valid for: 3 months.
This is the only time fakevm.site was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.123.122 167.89.123.122 | 11377 (SENDGRID) (SENDGRID) | |
1 4 | 172.67.176.152 172.67.176.152 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 99.83.249.126 99.83.249.126 | 16509 (AMAZON-02) (AMAZON-02) | |
17 | 3 |
ASN11377 (SENDGRID, US)
PTR: o16789123x122.outbound-mail.sendgrid.net
u44433001.ct.sendgrid.net |
ASN16509 (AMAZON-02, US)
PTR: a4023aff01b5a6263.awsglobalaccelerator.com
auth.exelatech.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
exelatech.com
auth.exelatech.com |
440 KB |
4 |
fakevm.site
1 redirects
fakevm.site |
10 KB |
1 |
sendgrid.net
1 redirects
u44433001.ct.sendgrid.net |
234 B |
17 | 3 |
Domain | Requested by | |
---|---|---|
11 | auth.exelatech.com |
fakevm.site
auth.exelatech.com |
4 | fakevm.site |
1 redirects
fakevm.site
|
1 | u44433001.ct.sendgrid.net | 1 redirects |
17 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
fakevm.site WE1 |
2024-08-14 - 2024-11-12 |
3 months | crt.sh |
*.exelatech.com Sectigo RSA Organization Validation Secure Server CA |
2024-01-31 - 2025-01-30 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://fakevm.site/?rid=FSu9Mkl
Frame ID: C9D7B2C99B72A6CB3974025135ED8306
Requests: 15 HTTP requests in this frame
Frame:
https://fakevm.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js
Frame ID: EA655F11CD69BE7B60CB794168F58531
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Welcome to Exela SSOPage URL History Show full URLs
-
https://u44433001.ct.sendgrid.net/ls/click?upn=u001.Z91zSr8vfxa4WBMGMGT0nlOip6a4f139XuAC-2B2nOx-2BA6GXVCSrBNUq...
HTTP 302
https://fakevm.site/?rid=FSu9Mkl Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://u44433001.ct.sendgrid.net/ls/click?upn=u001.Z91zSr8vfxa4WBMGMGT0nlOip6a4f139XuAC-2B2nOx-2BA6GXVCSrBNUq7wmbGGuUDE2bxS_L5o2Tp6tvBYrWdoGcRHTqaYEp7IT2lfbOHUk-2B66vUtjs9uICQU-2Bp7ILHxQqXq7eAXGx-2B0onljHsn82oTuXiNaE8GkQDg1-2BqXDaXk6w7UtkPN-2FCBk71rd1OvMACHUxUriUa39Odw1WlBtcEDlZlsJIDsl-2F8J1YWG7rzwcfMBoqdrTRLqMxB-2BvwCVbwvcLq5NjzEE3fMoDvPkRSh1MTVUUYS4JpcjLtXvEEwvFsT5oSVs-3D
HTTP 302
https://fakevm.site/?rid=FSu9Mkl Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://fakevm.site/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://fakevm.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
fakevm.site/ Redirect Chain
|
24 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
auth.exelatech.com/resources/zzu6c/login/hcmer/js/plugins/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
auth.exelatech.com/resources/zzu6c/login/hcmer/css/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert2@8.js
auth.exelatech.com/resources/zzu6c/login/hcmer/js/ |
63 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
auth.exelatech.com/resources/zzu6c/login/hcmer/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
auth.exelatech.com/resources/zzu6c/login/hcmer/css/ |
149 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otp.css
auth.exelatech.com/resources/zzu6c/login/hcmer/css/ |
719 B 928 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
auth.exelatech.com/resources/zzu6c/login/hcmer/keycloak_css/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tile.css
auth.exelatech.com/resources/zzu6c/login/hcmer/keycloak_css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
auth.exelatech.com/resources/zzu6c/login/hcmer/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginbg.jpg
auth.exelatech.com/resources/zzu6c/login/hcmer/images/ |
352 KB 353 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontawesome-webfont.woff2
auth.exelatech.com/resources/zzu6c/login/hcmer/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
fakevm.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/ Frame EA65 Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8be732900ebed25e
fakevm.site/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame EA65 |
0 917 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontawesome-webfont.woff
auth.exelatech.com/resources/zzu6c/login/hcmer/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontawesome-webfont.ttf
auth.exelatech.com/resources/zzu6c/login/hcmer/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.svg
auth.exelatech.com/resources/zzu6c/login/hcmer/images/ |
1 KB 1 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- auth.exelatech.com
- URL
- https://auth.exelatech.com/resources/zzu6c/login/hcmer/fonts/fontawesome-webfont.woff2?v=4.3.0
- Domain
- auth.exelatech.com
- URL
- https://auth.exelatech.com/resources/zzu6c/login/hcmer/fonts/fontawesome-webfont.woff?v=4.3.0
- Domain
- auth.exelatech.com
- URL
- https://auth.exelatech.com/resources/zzu6c/login/hcmer/fonts/fontawesome-webfont.ttf?v=4.3.0
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| togglePassword function| PasswordVisible function| PasswordInvisible function| isNumeric function| CheckUsernameIsNumeric function| showHCMRegistrationNotification function| openFAQ function| openHelpTab function| callAlertMessage2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fakevm.site/ | Name: cf_clearance Value: m_Sl1DvXQSx8PhNZq9Mr_pu6tOHtgS58mYJ9DctMdxo-1725549566-1.2.1.1-fKuyDtFbiltLrh8tTHdjTnU9j_zRjJhiLotDUNUfnOiMUXsxhvnOvg5eY.q.OZy.xO3w24AxOL4S7Qn_nRZVzKMkDDyLTYnPIAlVAA6F83eEu0MwNGjzn.VfDTVkzr2X1j3FTrn6Wea.9eJVtA7BkIz5UQooOSV6pzzivW3xolhA55H49riMwYMHcz5rXJtbvPRFpKAMpjoo9s_BNlw15boWGxgV2kp3DPX48OIC8ZfCe2XVy5zts2L53870D6dSs4_kJoK8W8IlXIh9JX.GiMn5TUYZBlpcnlAbuPi_ILs0jrkRFVljz._nCzuUPXITLxMJfLhQIplnAA20A2mNBpVUjMrPxEsCLti7bcrJ5ayS13RnJjKR9KNnQzbzGC36 |
|
auth.exelatech.com/ | Name: AWSALBCORS Value: ByGuhGtiNshWNXMBw18V7HSxsTsFbQDMMs/GbGqdoYrU6Vc1aC+HM0OGcwmGM8gxMPEucKr+moDoVJVdej3zU1v+UvD0fX9xGvvx8UUoT6JO/AgWHrU534aI/njM |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.exelatech.com
fakevm.site
u44433001.ct.sendgrid.net
auth.exelatech.com
167.89.123.122
172.67.176.152
99.83.249.126
0f3c887ae97d9efdd89db5c13680497c94a15b322103a2ea428ccc0947d9007d
38f57a9833dde172f48a5d3294357b7cdde64c6ad734ad59261e2c4246e4dd40
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
671cb08137fc76509b9504e46348d81b90800f81d50c85fcce84c39681a31ca9
6991bf8cf523deffae4b4e47b572347b6a41cd55af05c6e5ba8550282f644393
799f97a8e1dcbd1b8593a6432ff889f046ef1773cd57ada4aa476aa885bd9d3d
a39d17e275d18c968a86fec77d4c51b4d14c9628d2d13a7f06b789cd7261593b
bf355174e3149c8a598d883ca154a0bc29f1b9267d0068351268a1439f2e2b8d
c5cb60e4ccad11fd34763ccfc68d4fca32839712ed15fee2a2003af1a679fec8
c724dbf1e3e67013dbcb10a512fe302f2f5f3958e60bc153b6308d2dac072ac2
d293e6a5aa853a6ffb19d7a3caa9fbd26948b10eb8de4ebbde42218cd5b459d8
dd30c31bd74fd534efc5e22e79f67a6622c3418e4ae489cf5ae5c67b97659dbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e