- ID de l'analyse :
- 61947ca4-afc9-4ba7-842a-a0be312b6fdcTerminée
- URL soumise :
- https://helpdesk-itsupport.com/click/4b7d69fe-160b-41c2-9456-bb190e4d9343
- Fin du rapport :
Liens : 0 trouvé(s)
Liens sortants identifiés à partir de la page
Variables JavaScript : 7 trouvée(s)
Les variables JavaScript globales chargées dans l'objet fenêtre d'une page sont des variables déclarées en dehors des fonctions et accessibles depuis n'importe quel endroit du code au sein du champ d'application actuel
| Nom | Type |
|---|---|
| onbeforetoggle | object |
| documentPictureInPicture | object |
| onscrollend | object |
| appInsights | object |
| LaunchSession | function |
| Microsoft | object |
| __dynProto$Gbl | object |
Messages de journal de console : 2 trouvé(s)
Messages consignés dans la console web
| Type | Catégorie | Enregistrement |
|---|---|---|
| error | network |
|
| error | network |
|
HTML
Le corps HTML de la page en données brutes
<html><head>
<meta name="robots" content="noindex">
<title>Don't Panic! (Calendar Update)</title>
<style>
.launch_btn {
-webkit-border-radius: 0;
-moz-border-radius: 0;
border-radius: 0;
color: #FFFFFF;
font-family:'Encode Sans',sans-serif;
font-weight: 400;
font-size: 25px;
font-weight:bold;
letter-spacing:0.3em;
padding-top: 15px;
padding-bottom: 15px;
padding-left:30px;
padding-right:30px;
background-color: #F48221;
text-decoration: none;
display: inline-block;
cursor: pointer;
text-align: center;
}
.launch_btn:hover {
background: #EC964F;
border: solid #337FED 0;
-webkit-border-radius: 0;
-moz-border-radius: 0;
border-radius: 0;
text-decoration: none;
}
</style>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin="">
<link href="https://fonts.googleapis.com/css2?family=Encode+Sans:wght@400;900&display=swap" rel="stylesheet">
<script type="text/javascript">!function(T,l,y){var S=T.location,k="script",D="instrumentationKey",C="ingestionendpoint",I="disableExceptionTracking",E="ai.device.",b="toLowerCase",w="crossOrigin",N="POST",e="appInsightsSDK",t=y.name||"appInsights";(y.name||T[e])&&(T[e]=t);var n=T[t]||function(d){var g=!1,f=!1,m={initialize:!0,queue:[],sv:"5",version:2,config:d};function v(e,t){var n={},a="Browser";return n[E+"id"]=a[b](),n[E+"type"]=a,n["ai.operation.name"]=S&&S.pathname||"_unknown_",n["ai.internal.sdkVersion"]="javascript:snippet_"+(m.sv||m.version),{time:function(){var e=new Date;function t(e){var t=""+e;return 1===t.length&&(t="0"+t),t}return e.getUTCFullYear()+"-"+t(1+e.getUTCMonth())+"-"+t(e.getUTCDate())+"T"+t(e.getUTCHours())+":"+t(e.getUTCMinutes())+":"+t(e.getUTCSeconds())+"."+((e.getUTCMilliseconds()/1e3).toFixed(3)+"").slice(2,5)+"Z"}(),iKey:e,name:"Microsoft.ApplicationInsights."+e.replace(/-/g,"")+"."+t,sampleRate:100,tags:n,data:{baseData:{ver:2}}}}var h=d.url||y.src;if(h){function a(e){var t,n,a,i,r,o,s,c,u,p,l;g=!0,m.queue=[],f||(f=!0,t=h,s=function(){var e={},t=d.connectionString;if(t)for(var n=t.split(";"),a=0;a<n.length;a++){var i=n[a].split("=");2===i.length&&(e[i[0][b]()]=i[1])}if(!e[C]){var r=e.endpointsuffix,o=r?e.location:null;e[C]="https://"+(o?o+".":"")+"dc."+(r||"services.visualstudio.com")}return e}(),c=s[D]||d[D]||"",u=s[C],p=u?u+"/v2/track":d.endpointUrl,(l=[]).push((n="SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details)",a=t,i=p,(o=(r=v(c,"Exception")).data).baseType="ExceptionData",o.baseData.exceptions=[{typeName:"SDKLoadFailed",message:n.replace(/\./g,"-"),hasFullStack:!1,stack:n+"\nSnippet failed to load ["+a+"] -- Telemetry is disabled\nHelp Link: https://go.microsoft.com/fwlink/?linkid=2128109\nHost: "+(S&&S.pathname||"_unknown_")+"\nEndpoint: "+i,parsedStack:[]}],r)),l.push(function(e,t,n,a){var i=v(c,"Message"),r=i.data;r.baseType="MessageData";var o=r.baseData;return o.message='AI (Internal): 99 message:"'+("SDK LOAD Failure: Failed to load Application Insights SDK script (See stack for details) ("+n+")").replace(/\"/g,"")+'"',o.properties={endpoint:a},i}(0,0,t,p)),function(e,t){if(JSON){var n=T.fetch;if(n&&!y.useXhr)n(t,{method:N,body:JSON.stringify(e),mode:"cors"});else if(XMLHttpRequest){var a=new XMLHttpRequest;a.open(N,t),a.setRequestHeader("Content-type","application/json"),a.send(JSON.stringify(e))}}}(l,p))}function i(e,t){f||setTimeout(function(){!t&&m.core||a()},500)}var e=function(){var n=l.createElement(k);n.src=h;var e=y[w];return!e&&""!==e||"undefined"==n[w]||(n[w]=e),n.onload=i,n.onerror=a,n.onreadystatechange=function(e,t){"loaded"!==n.readyState&&"complete"!==n.readyState||i(0,t)},n}();y.ld<0?l.getElementsByTagName("head")[0].appendChild(e):setTimeout(function(){l.getElementsByTagName(k)[0].parentNode.appendChild(e)},y.ld||0)}try{m.cookie=l.cookie}catch(p){}function t(e){for(;e.length;)!function(t){m[t]=function(){var e=arguments;g||m.queue.push(function(){m[t].apply(m,e)})}}(e.pop())}var n="track",r="TrackPage",o="TrackEvent";t([n+"Event",n+"PageView",n+"Exception",n+"Trace",n+"DependencyData",n+"Metric",n+"PageViewPerformance","start"+r,"stop"+r,"start"+o,"stop"+o,"addTelemetryInitializer","setAuthenticatedUserContext","clearAuthenticatedUserContext","flush"]),m.SeverityLevel={Verbose:0,Information:1,Warning:2,Error:3,Critical:4};var s=(d.extensionConfig||{}).ApplicationInsightsAnalytics||{};if(!0!==d[I]&&!0!==s[I]){var c="onerror";t(["_"+c]);var u=T[c];T[c]=function(e,t,n,a,i){var r=u&&u(e,t,n,a,i);return!0!==r&&m["_"+c]({message:e,url:t,lineNumber:n,columnNumber:a,error:i}),r},d.autoExceptionInstrumented=!0}return m}(y.cfg);function a(){y.onInit&&y.onInit(n)}(T[t]=n).queue&&0===n.queue.length?(n.queue.push(a),n.trackPageView({})):a()}(window,document,{
src: "https://js.monitor.azure.com/scripts/b/ai.2.min.js", // The SDK URL Source
crossOrigin: "anonymous",
cfg: { // Application Insights Configuration
connectionString: 'InstrumentationKey=e3533aaa-1710-4348-a3d9-2a7bb45d3609;IngestionEndpoint=https://eastus-8.in.applicationinsights.azure.com/;LiveEndpoint=https://eastus.livediagnostics.monitor.azure.com/'
}});</script><script src="https://js.monitor.azure.com/scripts/b/ai.2.min.js" crossorigin="anonymous"></script></head>
<body style="background-color:#023051;margin:0;padding:0" id="tracker">
<div style="width:1200px;height:700px; ">
<table style="width:1200px;height:700px;background-image:url('https://cdn.arcticwolfsat.com/sessionimages/0.png');" cellpadding="0" cellspacing="0">
<tbody><tr>
<td style="width:110px;height:100px;"></td>
<td></td>
<td style="width:70px;"></td>
</tr>
<tr>
<td style="height:400px;"></td>
<td style="width:1020px;vertical-align:top;text-align:left;color:#ffffff;font-family:'Encode Sans',sans-serif;">
<span style="font-size:70px;">Don't Panic! (Calendar Update)</span>
<br><br><br>
<span style="font-size:32px;">The link you just clicked is part of your company’s security awareness program. The “Calendar Update” email you received is a phishing simulation. Let’s take a closer look at that email. Click the launch button to get started.</span>
</td>
<td></td>
</tr>
<tr>
<td style="height:200px;"></td>
<td>
<a class="launch_btn" href="javascript:handleLaunch(true)">CLICK TO START</a>
</td>
<td></td>
</tr>
</tbody></table>
</div>
<script>
const phishingAttemptGUID = "4b7d69fe-160b-41c2-9456-bb190e4d9343";
function LaunchSession(url) {
'use strict';
window.open(url, '_blank', "height=700,width=1200,status=no,resizable=yes,directories=no,toolbar=no,menubar=no,location=no");
setTimeout(function () {
window.location.reload();
}, 2000);
}
</script>
<script src="/js/click.js"></script>
</body></html>