app1.salesgroup.ch Open in urlscan Pro
194.56.74.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app1.salesgroup.ch/
Submission Tags: @phishunt_io
Submission: On October 24 via api (October 24th 2020, 12:10:24 pm UTC) from ES

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 194.56.74.50, located in Croatia and belongs to CRATIS-AS CRATIS Ltd., HR. The main domain is app1.salesgroup.ch.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 24th 2020. Valid for: 3 months.

This is the only time app1.salesgroup.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
12	194.56.74.50 194.56.74.50		61094 (CRATIS-AS...) (CRATIS-AS CRATIS Ltd.)
12	1

12 194.56.74.50 (Croatia)

ASN61094 (CRATIS-AS CRATIS Ltd., HR)
PTR: corp.dimedia.hr

app1.salesgroup.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	salesgroup.ch app1.salesgroup.ch	208 KB
12	1

	Domain	Requested by
12	app1.salesgroup.ch	app1.salesgroup.ch
12	1

This site contains links to these domains. Also see Links.

Domain
www.dimedia.hr

Subject Issuer	Validity	Valid
app1.salesgroup.ch cPanel, Inc. Certification Authority	`2020-10-24` - `2021-01-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://app1.salesgroup.ch/
Frame ID: CCF5791F359D0D234BCE1425EC308A1A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

208 kB
Transfer

206 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.dimedia.hr/
Title: developed by dimedia.hr

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response app1.salesgroup.ch/	2 KB 1 KB	198ms 60ms	Document text/html	194.56.74.50 CRATIS-AS CRATIS ...
General Check archive.org Show headers Download Go to Full URL https://app1.salesgroup.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.56.74.50 , Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR), Reverse DNS corp.dimedia.hr Software Apache / PHP/5.3.29 Resource Hash `bc17bb461395d6ca961bdd8e60927d00f1688b52b7d67394e8910493937b0c5c` Request headers Host app1.salesgroup.ch Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 24 Oct 2020 12:10:06 GMT Server Apache X-Powered-By PHP/5.3.29 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Content-Encoding gzip Vary Accept-Encoding Set-Cookie PHPSESSID=jjskcbs8vujij15plmn09bck94; path=/ admin_ui_language=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT admin_ui_language=en; expires=Mon, 23-Nov-2020 12:10:06 GMT Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	sag_amex.css app1.salesgroup.ch/css/	30 KB 30 KB	46ms 45ms	Stylesheet text/css	194.56.74.50 CRATIS-AS CRATIS ...
General Check archive.org Show headers Download Go to Full URL https://app1.salesgroup.ch/css/sag_amex.css Requested by Host: app1.salesgroup.ch URL: https://app1.salesgroup.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.56.74.50 , Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR), Reverse DNS corp.dimedia.hr Software Apache / Resource Hash `3afffec7b65e64caae00449e8dc9d347d218050a9e0123887400d87d0511e291` Request headers Referer https://app1.salesgroup.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 24 Oct 2020 12:10:06 GMT Last-Modified Mon, 09 Jan 2012 08:09:46 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 30808
GET H/1.1	200 OK	phrasebook.js.php Show response app1.salesgroup.ch/	568 B 721 B	129ms 51ms	Script text/javascript	194.56.74.50 CRATIS-AS CRATIS ...
General Check archive.org Show headers Download Go to Full URL https://app1.salesgroup.ch/phrasebook.js.php Requested by Host: app1.salesgroup.ch URL: https://app1.salesgroup.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.56.74.50 , Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR), Reverse DNS corp.dimedia.hr Software Apache / PHP/5.3.29 Resource Hash `99269a78da90b14f112c9c3d95e58c2555fac76db142a4769eb90cbf3b98141e` Request headers Referer https://app1.salesgroup.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Oct 2020 12:10:06 GMT Content-Encoding gzip Server Apache X-Powered-By PHP/5.3.29 Vary Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Transfer-Encoding chunked Connection Keep-Alive Keep-Alive timeout=5, max=98 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	jquery.js Show response app1.salesgroup.ch/javascript/	70 KB 71 KB	138ms 47ms	Script application/javascript	194.56.74.50 CRATIS-AS CRATIS ...
General Check archive.org Show headers Download Go to Full URL https://app1.salesgroup.ch/javascript/jquery.js Requested by Host: app1.salesgroup.ch URL: https://app1.salesgroup.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.56.74.50 , Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR), Reverse DNS corp.dimedia.hr Software Apache / Resource Hash `e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59` Request headers Referer https://app1.salesgroup.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 24 Oct 2020 12:10:06 GMT Last-Modified Mon, 09 Jan 2012 08:09:56 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 72174
GET H/1.1	200 OK	mightySelect.js Show response app1.salesgroup.ch/javascript/	14 KB 15 KB	139ms 46ms	Script application/javascript	194.56.74.50 CRATIS-AS CRATIS ...
General Check archive.org Show headers Download Go to Full URL https://app1.salesgroup.ch/javascript/mightySelect.js Requested by Host: app1.salesgroup.ch URL: https://app1.salesgroup.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.56.74.50 , Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR), Reverse DNS corp.dimedia.hr Software Apache / Resource Hash `9dd1dd9b69e8cf84b6a7b9612404697200457a85360cfab6dbe39ea24e75fd98` Request headers Referer https://app1.salesgroup.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 24 Oct 2020 12:10:06 GMT Last-Modified Mon, 09 Jan 2012 08:09:57 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 14603
GET H/1.1	200 OK	calendar.js Show response app1.salesgroup.ch/javascript/	60 KB 61 KB	140ms 47ms	Script application/javascript	194.56.74.50 CRATIS-AS CRATIS ...
General Check archive.org Show headers Download Go to Full URL https://app1.salesgroup.ch/javascript/calendar.js Requested by Host: app1.salesgroup.ch URL: https://app1.salesgroup.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.56.74.50 , Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR), Reverse DNS corp.dimedia.hr Software Apache / Resource Hash `dd5f8b3610f56395c32214102ab58ff3dd71431c6d4f46fba21d3a1b08ec8405` Request headers Referer https://app1.salesgroup.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 24 Oct 2020 12:10:06 GMT Last-Modified Mon, 09 Jan 2012 08:09:56 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 61873
GET H/1.1	200 OK	general.js Show response app1.salesgroup.ch/javascript/	11 KB 11 KB	141ms 48ms	Script application/javascript	194.56.74.50 CRATIS-AS CRATIS ...
General Check archive.org Show headers Download Go to Full URL https://app1.salesgroup.ch/javascript/general.js Requested by Host: app1.salesgroup.ch URL: https://app1.salesgroup.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.56.74.50 , Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR), Reverse DNS corp.dimedia.hr Software Apache / Resource Hash `961b8d58cabe2b6be99769f6226aa073472455e85c12b732f4613bcc57e5723d` Request headers Referer https://app1.salesgroup.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 24 Oct 2020 12:10:06 GMT Last-Modified Mon, 09 Jan 2012 08:09:56 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 11316
GET H/1.1	200 OK	sag_amex-print.css app1.salesgroup.ch/css/	461 B 701 B	45ms 45ms	Stylesheet text/css	194.56.74.50 CRATIS-AS CRATIS ...
General Check archive.org Show headers Download Go to Full URL https://app1.salesgroup.ch/css/sag_amex-print.css Requested by Host: app1.salesgroup.ch URL: https://app1.salesgroup.ch/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.56.74.50 , Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR), Reverse DNS corp.dimedia.hr Software Apache / Resource Hash `17f01dd67a485bf5572af47a2085616cf5ab777f9738e817b9912bb77292ac13` Request headers Referer https://app1.salesgroup.ch/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 24 Oct 2020 12:10:06 GMT Last-Modified Mon, 09 Jan 2012 08:09:46 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 461
GET H/1.1	200 OK	reset.css app1.salesgroup.ch/css/	1 KB 1 KB	58ms 46ms	Stylesheet text/css	194.56.74.50 CRATIS-AS CRATIS ...
General Check archive.org Show headers Download Go to Full URL https://app1.salesgroup.ch/css/reset.css Requested by Host: app1.salesgroup.ch URL: https://app1.salesgroup.ch/css/sag_amex.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.56.74.50 , Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR), Reverse DNS corp.dimedia.hr Software Apache / Resource Hash `6615130c3dd0b6cb556ae8361a42000ca0f6fee25f433b4a2911c6ad5550fece` Request headers Referer https://app1.salesgroup.ch/css/sag_amex.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 24 Oct 2020 12:10:06 GMT Last-Modified Mon, 09 Jan 2012 08:09:46 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1070
GET H/1.1	200 OK	logo_amex.png app1.salesgroup.ch/images/	10 KB 10 KB	45ms 45ms	Image image/png	194.56.74.50 CRATIS-AS CRATIS ...
General Check archive.org Show headers Download Go to Show image Full URL https://app1.salesgroup.ch/images/logo_amex.png Requested by Host: app1.salesgroup.ch URL: https://app1.salesgroup.ch/css/sag_amex.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.56.74.50 , Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR), Reverse DNS corp.dimedia.hr Software Apache / Resource Hash `105791c4ad83b630349ab6ef348c509d6ac3aa767f7d12989efa18aaabcab8bd` Request headers Referer https://app1.salesgroup.ch/css/sag_amex.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 24 Oct 2020 12:10:06 GMT Last-Modified Mon, 09 Jan 2012 08:09:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 9843
GET H/1.1	200 OK	bg_input_rpl_3.png app1.salesgroup.ch/images/	1 KB 2 KB	45ms 45ms	Image image/png	194.56.74.50 CRATIS-AS CRATIS ...
General Check archive.org Show headers Download Go to Show image Full URL https://app1.salesgroup.ch/images/bg_input_rpl_3.png Requested by Host: app1.salesgroup.ch URL: https://app1.salesgroup.ch/css/sag_amex.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.56.74.50 , Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR), Reverse DNS corp.dimedia.hr Software Apache / Resource Hash `f5657aaaf8e5133ab24d93de171f2af533c9ad5cff252c1b3e7f816d09cd264d` Request headers Referer https://app1.salesgroup.ch/css/sag_amex.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 24 Oct 2020 12:10:06 GMT Last-Modified Mon, 09 Jan 2012 08:09:51 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1449
GET H/1.1	200 OK	button_sprite.png app1.salesgroup.ch/images/	5 KB 5 KB	45ms 45ms	Image image/png	194.56.74.50 CRATIS-AS CRATIS ...
General Check archive.org Show headers Download Go to Show image Full URL https://app1.salesgroup.ch/images/button_sprite.png Requested by Host: app1.salesgroup.ch URL: https://app1.salesgroup.ch/css/sag_amex.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 194.56.74.50 , Croatia, ASN61094 (CRATIS-AS CRATIS Ltd., HR), Reverse DNS corp.dimedia.hr Software Apache / Resource Hash `cba551f68fe3832613c34c4b2b259308f89ae482f8ea28f3c948bd6cd5d70bcf` Request headers Referer https://app1.salesgroup.ch/css/sag_amex.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 24 Oct 2020 12:10:06 GMT Last-Modified Mon, 09 Jan 2012 08:09:49 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 5140

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app1.salesgroup.ch/	1970-01-19 14:08:53	Name: admin_ui_language Value: en
			app1.salesgroup.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: jjskcbs8vujij15plmn09bck94

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app1.salesgroup.ch
194.56.74.50
105791c4ad83b630349ab6ef348c509d6ac3aa767f7d12989efa18aaabcab8bd
17f01dd67a485bf5572af47a2085616cf5ab777f9738e817b9912bb77292ac13
3afffec7b65e64caae00449e8dc9d347d218050a9e0123887400d87d0511e291
6615130c3dd0b6cb556ae8361a42000ca0f6fee25f433b4a2911c6ad5550fece
961b8d58cabe2b6be99769f6226aa073472455e85c12b732f4613bcc57e5723d
99269a78da90b14f112c9c3d95e58c2555fac76db142a4769eb90cbf3b98141e
9dd1dd9b69e8cf84b6a7b9612404697200457a85360cfab6dbe39ea24e75fd98
bc17bb461395d6ca961bdd8e60927d00f1688b52b7d67394e8910493937b0c5c
cba551f68fe3832613c34c4b2b259308f89ae482f8ea28f3c948bd6cd5d70bcf
dd5f8b3610f56395c32214102ab58ff3dd71431c6d4f46fba21d3a1b08ec8405
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
f5657aaaf8e5133ab24d93de171f2af533c9ad5cff252c1b3e7f816d09cd264d

app1.salesgroup.ch Open in urlscan Pro 194.56.74.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

208 kBTransfer

206 kBSize

2 Cookies

1 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

2 Cookies

Indicators

app1.salesgroup.ch Open in urlscan Pro
194.56.74.50 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

208 kB
Transfer

206 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions