vcloud.exasys.com
Open in
urlscan Pro
46.235.145.251
Public Scan
Effective URL: https://vcloud.exasys.com/login/?service=tenant:pase0000&redirectTo=%2Ftenant%2Fpase0000
Submission Tags: @phishunt_io
Submission: On October 17 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 29th 2020. Valid for: 2 years.
This is the only time vcloud.exasys.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 217.26.61.94 217.26.61.94 | 29097 (HOSTPOINT-AS) (HOSTPOINT-AS) | |
2 7 | 46.235.145.251 46.235.145.251 | 48218 (HIHO hiho.ch) (HIHO hiho.ch) | |
6 | 3 |
ASN29097 (HOSTPOINT-AS, CH)
PTR: sl1777.web.hostpoint.ch
vcloud.sitak.ch |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
exasys.com
2 redirects
vcloud.exasys.com |
213 KB |
1 |
sitak.ch
vcloud.sitak.ch |
274 B |
6 | 2 |
Domain | Requested by | |
---|---|---|
7 | vcloud.exasys.com |
2 redirects
vcloud.exasys.com
|
1 | vcloud.sitak.ch | |
6 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
vcloud.sitak.ch R3 |
2021-10-16 - 2022-01-14 |
3 months | crt.sh |
*.exasys.com Sectigo RSA Domain Validation Secure Server CA |
2020-05-29 - 2022-06-28 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://vcloud.exasys.com/login/?service=tenant:pase0000&redirectTo=%2Ftenant%2Fpase0000
Frame ID: 89D5C5D7A7556A5D6B62CF1515DAFDD7
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Willkommen bei exaSys vCloudPage URL History Show full URLs
- https://vcloud.sitak.ch/ Page URL
-
https://vcloud.exasys.com/tenant/pase0000
HTTP 302
https://vcloud.exasys.com/login?service=tenant:pase0000&redirectTo=%2Ftenant%2Fpase0000 HTTP 302
https://vcloud.exasys.com/login/?service=tenant:pase0000&redirectTo=%2Ftenant%2Fpase0000 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://vcloud.sitak.ch/ Page URL
-
https://vcloud.exasys.com/tenant/pase0000
HTTP 302
https://vcloud.exasys.com/login?service=tenant:pase0000&redirectTo=%2Ftenant%2Fpase0000 HTTP 302
https://vcloud.exasys.com/login/?service=tenant:pase0000&redirectTo=%2Ftenant%2Fpase0000 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
vcloud.sitak.ch/ |
142 B 274 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
vcloud.exasys.com/login/ Redirect Chain
|
15 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clarity-base.css
vcloud.exasys.com/login/css/ |
768 KB 163 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme-default.css
vcloud.exasys.com/login/css/ |
60 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css-vars-ponyfill.js
vcloud.exasys.com/login/js/ |
22 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inline.bundle.js
vcloud.exasys.com/login/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
338 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
21 KB 21 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
21 KB 21 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
21 KB 21 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| cssVars function| disable function| enable function| isDisabled function| hide function| show function| loginClicked function| safeBtoa function| handleSuccess function| handleError function| handleLoginEnable function| onPageLoad function| setSessionCookie function| redirectOrReload function| onSubmit function| redirectToTenant function| webpackJsonp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
vcloud.exasys.com
vcloud.sitak.ch
217.26.61.94
46.235.145.251
0c8900123c48c8d6ca72d85cc104a9a9283a1912c95449153421b8430129874b
1c751fc4b8e8d34316c47695bc6e75d93d74ff992ec1bec5891c8972077f1fcc
20c9a678ad9a84e0b8b0dc4f735c6f972f4503981916dbda85c19889bca428a2
258b4865e3b22b585f78e822f4006356c692425224afd5480885efcff57eddbb
292d09ee21fb3e8b26db610108df607143ac2b56d54b433668289a2a75b728c6
297593e489ca8aa115c756af36f4c53dd043867223562cf17446b82fc11d4156
2c1ee4761ca27613b228b29fc2ac75ba8595884925cd001111d1627ba6b21723
32251aaf2107f8a285c7724b9134266c73a9ad9a94a324a07d00cebadcacd197
33e25b4dfdde30e0e9c460c0f314ab25d2727b614cc69cc1abab0df6ff53c0f5
37f2cde2eacbf8c1233f1fc098063667d0faee29d32125507027586a5fc4a1a9
dd55d3a0fac557cb4c358e98bd24b383e9a831da6e448abdbc0d95f7930d8b6a