auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com Open in urlscan Pro
185.172.100.59 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/log-in?service=https%3A%2F%2Fidembox-prod-copie.jcloud-ver-jpc.ik-server.com%2F
Submission Tags: @phishunt_io
Submission: On March 01 via api (March 1st 2022, 6:39:33 pm UTC) from DE — Scanned from DE

Summary HTTP 9 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 185.172.100.59, located in Geneva, Switzerland and belongs to INFOMANIAK-AS, CH. The main domain is auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com.
TLS certificate: Issued by R3 on February 21st 2022. Valid for: 3 months.

This is the only time auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	185.172.100.59 185.172.100.59		29222 (INFOMANIA...) (INFOMANIAK-AS)
9	1

9 185.172.100.59 (Geneva, Switzerland)

ASN29222 (INFOMANIAK-AS, CH)

auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ik-server.com auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com	227 KB
9	1

	Domain	Requested by
9	auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com	auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com
9	1

This site contains links to these domains. Also see Links.

Domain
idembox-prod-copie.jcloud-ver-jpc.ik-server.com
www.infomed.biz

Subject Issuer	Validity	Valid
*.jcloud-ver-jpc.ik-server.com R3	`2022-02-21` - `2022-05-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/log-in?service=https%3A%2F%2Fidembox-prod-copie.jcloud-ver-jpc.ik-server.com%2F
Frame ID: 5042B4CC8802E4694CF22EFFF0E65C34
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Idembox - Log in

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

227 kB
Transfer

620 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://idembox-prod-copie.jcloud-ver-jpc.ik-server.com/
Title: COPIE-PROD

Search URL Search Domain Scan URL

URL: https://www.infomed.biz/
Title: www.infomed.biz

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request log-in Show response
auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/ 5 KB
2 KB 135ms
72ms Document
text/html 185.172.100.59
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/log-in?service=https%3A%2F%2Fidembox-prod-copie.jcloud-ver-jpc.ik-server.com%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.172.100.59 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

openresty /

Resource Hash

7d975bb6a27c197d9f8cfa5bece38726e7559fe014173ec1481527e08c2ec3b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15811200

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: openresty
date: Tue, 01 Mar 2022 18:39:28 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
monitoring-file: 2022-03-01.19-39-28.504110.540ad737eaa70da150f18ea2a5668c21efa66a8f.json
content-encoding: gzip
x-resolver-ip: 185.172.100.59
strict-transport-security: max-age=15811200

GET
H2 200 all.min.css
auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/css/ 58 KB
15 KB 41ms
40ms Stylesheet
text/css 185.172.100.59
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/css/all.min.css

Requested by

Host: auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com
URL: https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/log-in?service=https%3A%2F%2Fidembox-prod-copie.jcloud-ver-jpc.ik-server.com%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.172.100.59 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

openresty /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15811200

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/log-in?service=https%3A%2F%2Fidembox-prod-copie.jcloud-ver-jpc.ik-server.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:39:28 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 09:20:21 GMT
server: openresty
etag: W/"621de555-e7a9"
strict-transport-security: max-age=15811200
content-type: text/css
x-resolver-ip: 185.172.100.59

GET
H2 200 infomed.min.css
auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/css/lib/ 208 KB
41 KB 41ms
41ms Stylesheet
text/css 185.172.100.59
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/css/lib/infomed.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.172.100.59 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

openresty /

Resource Hash

46e0734835f58a1b6747cb3985a011ace3190e422c10b0687216f182b3cf4724

Security Headers

Name	Value
Strict-Transport-Security	max-age=15811200

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/log-in?service=https%3A%2F%2Fidembox-prod-copie.jcloud-ver-jpc.ik-server.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:39:28 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 09:43:21 GMT
server: openresty
etag: W/"621deab9-341b7"
strict-transport-security: max-age=15811200
content-type: text/css
x-resolver-ip: 185.172.100.59

GET
H2 200 logo.png
auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/images/ 43 KB
43 KB 58ms
57ms Image
image/png 185.172.100.59
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/images/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.172.100.59 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

openresty /

Resource Hash

313c5b7b58854352a6ba8ff1fabf8d719568ba80c7179c14191b2be34f55fc6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15811200

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/log-in?service=https%3A%2F%2Fidembox-prod-copie.jcloud-ver-jpc.ik-server.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:39:28 GMT
last-modified: Tue, 01 Mar 2022 09:20:21 GMT
server: openresty
etag: "621de555-aa4d"
strict-transport-security: max-age=15811200
content-type: image/png
accept-ranges: bytes
content-length: 43597
x-resolver-ip: 185.172.100.59

GET
H2 200 idembox.png
auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/images/ 8 KB
8 KB 59ms
58ms Image
image/png 185.172.100.59
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/images/idembox.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.172.100.59 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

openresty /

Resource Hash

c1aeb2dfea1274ab8f1a1120bb31f9e764ce4df8b0fbdf0ea036838031f1dec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15811200

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/log-in?service=https%3A%2F%2Fidembox-prod-copie.jcloud-ver-jpc.ik-server.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:39:28 GMT
last-modified: Tue, 01 Mar 2022 09:20:21 GMT
server: openresty
etag: "621de555-20d2"
strict-transport-security: max-age=15811200
content-type: image/png
accept-ranges: bytes
content-length: 8402
x-resolver-ip: 185.172.100.59

GET
H2 200 infomed-logo.svg
auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/images/ 16 KB
16 KB 58ms
58ms Image
image/svg+xml 185.172.100.59
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/images/infomed-logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.172.100.59 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

openresty /

Resource Hash

c5fd47f321a2d34081ff2b11e4ff9c2d39dd7e07ad03347a78e2bc73a43b5203

Security Headers

Name	Value
Strict-Transport-Security	max-age=15811200

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/log-in?service=https%3A%2F%2Fidembox-prod-copie.jcloud-ver-jpc.ik-server.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:39:28 GMT
last-modified: Tue, 01 Mar 2022 09:20:21 GMT
server: openresty
etag: "621de555-3f01"
strict-transport-security: max-age=15811200
content-type: image/svg+xml
accept-ranges: bytes
content-length: 16129
x-resolver-ip: 185.172.100.59

GET
H2 200 browser-support.js Show response
auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/js/ 319 B
425 B 40ms
40ms Script
application/javascript 185.172.100.59
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/js/browser-support.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.172.100.59 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

openresty /

Resource Hash

6ac76c77be75fa321ff70d1068054dbf53fcb6448eb3231308ddb36d2b6d2859

Security Headers

Name	Value
Strict-Transport-Security	max-age=15811200

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/log-in?service=https%3A%2F%2Fidembox-prod-copie.jcloud-ver-jpc.ik-server.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:39:28 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 09:20:21 GMT
server: openresty
etag: W/"621de555-13f"
strict-transport-security: max-age=15811200
content-type: application/javascript
x-resolver-ip: 185.172.100.59

GET
H2 200 jquery.js Show response
auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/assets/e21ba522/ 282 KB
102 KB 59ms
58ms Script
application/javascript 185.172.100.59
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/assets/e21ba522/jquery.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.172.100.59 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

openresty /

Resource Hash

1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Security Headers

Name	Value
Strict-Transport-Security	max-age=15811200

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/log-in?service=https%3A%2F%2Fidembox-prod-copie.jcloud-ver-jpc.ik-server.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:39:28 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 12:26:48 GMT
server: openresty
etag: W/"621e1108-46744"
strict-transport-security: max-age=15811200
content-type: application/javascript
x-resolver-ip: 185.172.100.59

GET
H2 200 spinner.js Show response
auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/js/ 172 B
363 B 59ms
58ms Script
application/javascript 185.172.100.59
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/js/spinner.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.172.100.59 Geneva, Switzerland, ASN29222 (INFOMANIAK-AS, CH),

Reverse DNS

Software

openresty /

Resource Hash

66e41a4133fb4b994a81124e74fb92195d09ac1eb3542648b4ebc38d2e5ee94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15811200

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/site/log-in?service=https%3A%2F%2Fidembox-prod-copie.jcloud-ver-jpc.ik-server.com%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:39:28 GMT
content-encoding: gzip
last-modified: Tue, 01 Mar 2022 09:20:21 GMT
server: openresty
etag: W/"621de555-ac"
strict-transport-security: max-age=15811200
content-type: application/javascript
x-resolver-ip: 185.172.100.59

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6e6c0c5c1b63837c0dea875edffed0b9
			auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com/	1969-12-31 23:59:59	Name: SRVGROUP Value: common

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15811200

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com
185.172.100.59
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
313c5b7b58854352a6ba8ff1fabf8d719568ba80c7179c14191b2be34f55fc6b
46e0734835f58a1b6747cb3985a011ace3190e422c10b0687216f182b3cf4724
66e41a4133fb4b994a81124e74fb92195d09ac1eb3542648b4ebc38d2e5ee94c
6ac76c77be75fa321ff70d1068054dbf53fcb6448eb3231308ddb36d2b6d2859
7d975bb6a27c197d9f8cfa5bece38726e7559fe014173ec1481527e08c2ec3b8
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
c1aeb2dfea1274ab8f1a1120bb31f9e764ce4df8b0fbdf0ea036838031f1dec1
c5fd47f321a2d34081ff2b11e4ff9c2d39dd7e07ad03347a78e2bc73a43b5203

auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com Open in urlscan Pro 185.172.100.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

227 kBTransfer

620 kBSize

2 Cookies

2 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

auth-cas-prod-copie.jcloud-ver-jpc.ik-server.com Open in urlscan Pro
185.172.100.59 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

227 kB
Transfer

620 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions