Submitted URL: http://ticket-dashboard.support-mc.i-motion.de/
Effective URL: https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/auth?client_id=ticket-dashboard&redirect_uri...
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 18 via api from IT — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 21 HTTP transactions. The main IP is 213.95.248.60, located in Germany and belongs to NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE. The main domain is i-idp.i-motion.de.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on July 25th 2024. Valid for: a year.
This is the only time i-idp.i-motion.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 149.81.3.255 36351 (SOFTLAYER)
16 213.95.248.60 12337 (NORIS-NET...)
21 2
Apex Domain
Subdomains
Transfer
21 i-motion.de
ticket-dashboard.support-mc.i-motion.de
i-idp.i-motion.de
757 KB
21 1
Domain Requested by
16 i-idp.i-motion.de ticket-dashboard.support-mc.i-motion.de
i-idp.i-motion.de
5 ticket-dashboard.support-mc.i-motion.de ticket-dashboard.support-mc.i-motion.de
21 2

This site contains no links.

Subject Issuer Validity Valid
ticket-dashboard.support-mc.i-motion.de
R10
2024-10-18 -
2025-01-16
3 months crt.sh
*.i-motion.de
GlobalSign GCC R3 DV TLS CA 2020
2024-07-25 -
2025-08-26
a year crt.sh

This page contains 2 frames:

Primary Page: https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/auth?client_id=ticket-dashboard&redirect_uri=https%3A%2F%2Fticket-dashboard.support-mc.i-motion.de%2F&state=a550fa08-d30b-4162-9eaa-fba17f06c043&response_mode=fragment&response_type=code&scope=openid&nonce=eb9160d5-2898-4cd0-8c61-841d55efeb73
Frame ID: F0A978B6FFD07D6C30B46A796EA27599
Requests: 19 HTTP requests in this frame

Frame: https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/3p-cookies/step2.html
Frame ID: 2AB7F13E132BA90F2115AC64E7A47B32
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Sign in to I-Motion Mitarbeiter SSO

Page URL History Show full URLs

  1. http://ticket-dashboard.support-mc.i-motion.de/ HTTP 307
    https://ticket-dashboard.support-mc.i-motion.de/ Page URL
  2. https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/auth?client_id=ticket-da... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

757 kB
Transfer

2563 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ticket-dashboard.support-mc.i-motion.de/ HTTP 307
    https://ticket-dashboard.support-mc.i-motion.de/ Page URL
  2. https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/auth?client_id=ticket-dashboard&redirect_uri=https%3A%2F%2Fticket-dashboard.support-mc.i-motion.de%2F&state=a550fa08-d30b-4162-9eaa-fba17f06c043&response_mode=fragment&response_type=code&scope=openid&nonce=eb9160d5-2898-4cd0-8c61-841d55efeb73 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ticket-dashboard.support-mc.i-motion.de/ HTTP 307
  • https://ticket-dashboard.support-mc.i-motion.de/

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
ticket-dashboard.support-mc.i-motion.de/
Redirect Chain
  • http://ticket-dashboard.support-mc.i-motion.de/
  • https://ticket-dashboard.support-mc.i-motion.de/
699 B
1 KB
Document
General
Full URL
https://ticket-dashboard.support-mc.i-motion.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.81.3.255 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
ff.03.5195.ip4.static.sl-reverse.com
Software
nginx/1.22.1 /
Resource Hash
0b6f8e2645e026900625066f33d0a3df9847d22ff8a458ce85d0375193bd8e3e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
private
content-length
699
content-type
text/html
date
Fri, 18 Oct 2024 23:49:30 GMT
etag
"6682a7cf-2bb"
last-modified
Mon, 01 Jul 2024 12:57:51 GMT
server
nginx/1.22.1

Redirect headers

Location
https://ticket-dashboard.support-mc.i-motion.de/
Non-Authoritative-Reason
HttpsUpgrades
environment.js
ticket-dashboard.support-mc.i-motion.de/
208 B
434 B
Script
General
Full URL
https://ticket-dashboard.support-mc.i-motion.de/environment.js
Requested by
Host: ticket-dashboard.support-mc.i-motion.de
URL: https://ticket-dashboard.support-mc.i-motion.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.81.3.255 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
ff.03.5195.ip4.static.sl-reverse.com
Software
nginx/1.22.1 /
Resource Hash
166afc46cfa5bae53fe5fc9e2e9f6d6dbd52e8374c28c33fd000a997ade5d121

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ticket-dashboard.support-mc.i-motion.de/

Response headers

accept-ranges
bytes
content-length
208
date
Fri, 18 Oct 2024 23:49:30 GMT
etag
"6686a98d-d0"
content-type
application/javascript
last-modified
Thu, 04 Jul 2024 13:54:21 GMT
server
nginx/1.22.1
main.9e20958e.js
ticket-dashboard.support-mc.i-motion.de/static/js/
187 KB
188 KB
Script
General
Full URL
https://ticket-dashboard.support-mc.i-motion.de/static/js/main.9e20958e.js
Requested by
Host: ticket-dashboard.support-mc.i-motion.de
URL: https://ticket-dashboard.support-mc.i-motion.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.81.3.255 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
ff.03.5195.ip4.static.sl-reverse.com
Software
nginx/1.22.1 /
Resource Hash
5ec6728131ddee71adba1c9fce4a156770b2af5f2c514677985d536756a17c4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ticket-dashboard.support-mc.i-motion.de/

Response headers

accept-ranges
bytes
content-length
191923
date
Fri, 18 Oct 2024 23:49:30 GMT
etag
"6682a7cf-2edb3"
content-type
application/javascript
last-modified
Mon, 01 Jul 2024 12:57:51 GMT
server
nginx/1.22.1
main.3ea47ce1.css
ticket-dashboard.support-mc.i-motion.de/static/css/
4 KB
4 KB
Stylesheet
General
Full URL
https://ticket-dashboard.support-mc.i-motion.de/static/css/main.3ea47ce1.css
Requested by
Host: ticket-dashboard.support-mc.i-motion.de
URL: https://ticket-dashboard.support-mc.i-motion.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.81.3.255 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
ff.03.5195.ip4.static.sl-reverse.com
Software
nginx/1.22.1 /
Resource Hash
91aa6182d15bc93914595d5422bd1ec6a31a58e41e30085209ab1ad0bd513fff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ticket-dashboard.support-mc.i-motion.de/

Response headers

accept-ranges
bytes
content-length
3982
date
Fri, 18 Oct 2024 23:49:30 GMT
etag
"6682a7cf-f8e"
content-type
text/css
last-modified
Mon, 01 Jul 2024 12:57:51 GMT
server
nginx/1.22.1
step1.html
i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/3p-cookies/ Frame 2AB7
2 KB
3 KB
Document
General
Full URL
https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/3p-cookies/step1.html
Requested by
Host: ticket-dashboard.support-mc.i-motion.de
URL: https://ticket-dashboard.support-mc.i-motion.de/static/js/main.9e20958e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
4080ffc9ca89666f1492cd9742da52ad6e56bd36191233f9d17f64f1610c22f8
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ticket-dashboard.support-mc.i-motion.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, must-revalidate, no-transform, no-store
Connection
keep-alive
Content-Length
2318
Content-Security-Policy
frame-src 'self'; object-src 'none';
Content-Type
text/html;charset=utf-8
Date
Fri, 18 Oct 2024 23:49:30 GMT
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
step2.html
i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/3p-cookies/ Frame 2AB7
686 B
1 KB
Document
General
Full URL
https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/3p-cookies/step2.html
Requested by
Host: i-idp.i-motion.de
URL: https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/3p-cookies/step1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
27abff3edf4192d73c66f42fe9a773358b54c46a38afaa5f1cfe1753f68415eb
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, must-revalidate, no-transform, no-store
Connection
keep-alive
Content-Length
686
Content-Security-Policy
frame-src 'self'; object-src 'none';
Content-Type
text/html;charset=utf-8
Date
Fri, 18 Oct 2024 23:49:30 GMT
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
Primary Request auth
i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/
5 KB
7 KB
Document
General
Full URL
https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/auth?client_id=ticket-dashboard&redirect_uri=https%3A%2F%2Fticket-dashboard.support-mc.i-motion.de%2F&state=a550fa08-d30b-4162-9eaa-fba17f06c043&response_mode=fragment&response_type=code&scope=openid&nonce=eb9160d5-2898-4cd0-8c61-841d55efeb73
Requested by
Host: ticket-dashboard.support-mc.i-motion.de
URL: https://ticket-dashboard.support-mc.i-motion.de/static/js/main.9e20958e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
2debbb2a153f94bce40ef98e45cfc9770c58ff137f036c8ac956696ae88084e4
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ticket-dashboard.support-mc.i-motion.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Language
en
Content-Length
4894
Content-Security-Policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Content-Type
text/html;charset=utf-8
Date
Fri, 18 Oct 2024 23:49:30 GMT
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
favicon.ico
ticket-dashboard.support-mc.i-motion.de/
67 KB
68 KB
Other
General
Full URL
https://ticket-dashboard.support-mc.i-motion.de/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.81.3.255 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
ff.03.5195.ip4.static.sl-reverse.com
Software
nginx/1.22.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ticket-dashboard.support-mc.i-motion.de/

Response headers

accept-ranges
bytes
content-length
69005
date
Fri, 18 Oct 2024 23:49:30 GMT
etag
"6682a7c4-10d8d"
content-type
image/x-icon
last-modified
Mon, 01 Jul 2024 12:57:40 GMT
server
nginx/1.22.1
patternfly.min.css
i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/@patternfly/patternfly/
1 MB
136 KB
Stylesheet
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/@patternfly/patternfly/patternfly.min.css
Requested by
Host: i-idp.i-motion.de
URL: https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/auth?client_id=ticket-dashboard&redirect_uri=https%3A%2F%2Fticket-dashboard.support-mc.i-motion.de%2F&state=a550fa08-d30b-4162-9eaa-fba17f06c043&response_mode=fragment&response_type=code&scope=openid&nonce=eb9160d5-2898-4cd0-8c61-841d55efeb73
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
fe821fa52ccab3b70d9c1a024bb0cbfcf52c0fcc1ef96200035a4b749e2c3d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Fri, 18 Oct 2024 23:49:30 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css
Server
nginx
patternfly.min.css
i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/css/
178 KB
31 KB
Stylesheet
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Requested by
Host: i-idp.i-motion.de
URL: https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/auth?client_id=ticket-dashboard&redirect_uri=https%3A%2F%2Fticket-dashboard.support-mc.i-motion.de%2F&state=a550fa08-d30b-4162-9eaa-fba17f06c043&response_mode=fragment&response_type=code&scope=openid&nonce=eb9160d5-2898-4cd0-8c61-841d55efeb73
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Fri, 18 Oct 2024 23:49:31 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css
Server
nginx
patternfly-additions.min.css
i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/css/
220 KB
31 KB
Stylesheet
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css
Requested by
Host: i-idp.i-motion.de
URL: https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/auth?client_id=ticket-dashboard&redirect_uri=https%3A%2F%2Fticket-dashboard.support-mc.i-motion.de%2F&state=a550fa08-d30b-4162-9eaa-fba17f06c043&response_mode=fragment&response_type=code&scope=openid&nonce=eb9160d5-2898-4cd0-8c61-841d55efeb73
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Fri, 18 Oct 2024 23:49:31 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css
Server
nginx
pficon.css
i-idp.i-motion.de/resources/hn9h6/common/keycloak/lib/pficon/
540 B
672 B
Stylesheet
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/common/keycloak/lib/pficon/pficon.css
Requested by
Host: i-idp.i-motion.de
URL: https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/auth?client_id=ticket-dashboard&redirect_uri=https%3A%2F%2Fticket-dashboard.support-mc.i-motion.de%2F&state=a550fa08-d30b-4162-9eaa-fba17f06c043&response_mode=fragment&response_type=code&scope=openid&nonce=eb9160d5-2898-4cd0-8c61-841d55efeb73
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
d84235c3a967dfe986e6bee6955bccbe3829feb6a823000385918aa0c312e5c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Length
316
Date
Fri, 18 Oct 2024 23:49:31 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css
Server
nginx
login.css
i-idp.i-motion.de/resources/hn9h6/login/keycloak/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/login/keycloak/css/login.css
Requested by
Host: i-idp.i-motion.de
URL: https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/auth?client_id=ticket-dashboard&redirect_uri=https%3A%2F%2Fticket-dashboard.support-mc.i-motion.de%2F&state=a550fa08-d30b-4162-9eaa-fba17f06c043&response_mode=fragment&response_type=code&scope=openid&nonce=eb9160d5-2898-4cd0-8c61-841d55efeb73
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
8be0044ede416693ce9603d76513d6ebba7c56c791b7ee3e2da856fb9de2ab44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Length
2838
Date
Fri, 18 Oct 2024 23:49:31 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/css
Server
nginx
menu-button-links.js
i-idp.i-motion.de/resources/hn9h6/login/keycloak/js/
7 KB
2 KB
Script
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/login/keycloak/js/menu-button-links.js
Requested by
Host: i-idp.i-motion.de
URL: https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/auth?client_id=ticket-dashboard&redirect_uri=https%3A%2F%2Fticket-dashboard.support-mc.i-motion.de%2F&state=a550fa08-d30b-4162-9eaa-fba17f06c043&response_mode=fragment&response_type=code&scope=openid&nonce=eb9160d5-2898-4cd0-8c61-841d55efeb73
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
05579fc9e75ea0c18ac7e97b3e528031c6e217c323c5fda54b2d69d0075750e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://i-idp.i-motion.de
Referer

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Length
1948
Date
Fri, 18 Oct 2024 23:49:31 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript
Server
nginx
passwordVisibility.js
i-idp.i-motion.de/resources/hn9h6/login/keycloak/js/
698 B
661 B
Script
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/login/keycloak/js/passwordVisibility.js
Requested by
Host: i-idp.i-motion.de
URL: https://i-idp.i-motion.de/realms/i-motion-mitarbeiter/protocol/openid-connect/auth?client_id=ticket-dashboard&redirect_uri=https%3A%2F%2Fticket-dashboard.support-mc.i-motion.de%2F&state=a550fa08-d30b-4162-9eaa-fba17f06c043&response_mode=fragment&response_type=code&scope=openid&nonce=eb9160d5-2898-4cd0-8c61-841d55efeb73
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
6df35fb0b98bfc3b78bb9936fceca7d91bb53dcc0cd3df7399b4fa3537c565ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://i-idp.i-motion.de
Referer

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Length
298
Date
Fri, 18 Oct 2024 23:49:31 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript
Server
nginx
authChecker.js
i-idp.i-motion.de/resources/hn9h6/login/keycloak/js/
2 KB
1 KB
Script
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/login/keycloak/js/authChecker.js
Requested by
Host: ticket-dashboard.support-mc.i-motion.de
URL: https://ticket-dashboard.support-mc.i-motion.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
4c1a78a027cbb0e5a9a123726bac51171acea82d3fa7a3ca9305b24c38d37a29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://i-idp.i-motion.de
Referer

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Length
750
Date
Fri, 18 Oct 2024 23:49:31 GMT
X-XSS-Protection
1; mode=block
Content-Type
text/javascript
Server
nginx
keycloak-bg.png
i-idp.i-motion.de/resources/hn9h6/login/keycloak/img/
80 KB
80 KB
Image
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/login/keycloak/img/keycloak-bg.png
Requested by
Host: i-idp.i-motion.de
URL: https://i-idp.i-motion.de/resources/hn9h6/login/keycloak/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Fri, 18 Oct 2024 23:49:31 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/png
Server
nginx
OpenSans-Regular-webfont.woff2
i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/fonts/
61 KB
59 KB
Font
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Regular-webfont.woff2
Requested by
Host: i-idp.i-motion.de
URL: https://i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://i-idp.i-motion.de
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Fri, 18 Oct 2024 23:49:31 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/octet-stream
Server
nginx
OpenSans-Light-webfont.woff2
i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/fonts/
62 KB
60 KB
Font
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/fonts/OpenSans-Light-webfont.woff2
Requested by
Host: i-idp.i-motion.de
URL: https://i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://i-idp.i-motion.de
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Fri, 18 Oct 2024 23:49:31 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/octet-stream
Server
nginx
fontawesome-webfont.woff2
i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/fonts/
75 KB
76 KB
Font
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: i-idp.i-motion.de
URL: https://i-idp.i-motion.de/resources/hn9h6/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://i-idp.i-motion.de
Referer

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Date
Fri, 18 Oct 2024 23:49:31 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/octet-stream
Server
nginx
favicon.ico
i-idp.i-motion.de/resources/hn9h6/login/keycloak/img/
210 KB
4 KB
Other
General
Full URL
https://i-idp.i-motion.de/resources/hn9h6/login/keycloak/img/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
213.95.248.60 , Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software
nginx /
Resource Hash
ce05c2de22e34b2cb77c6a82e248b90d9a439b7e811ed8d4747f70d1c2a94321
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Cache-Control
max-age=2592000
Content-Encoding
gzip
Connection
keep-alive
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Content-Length
3761
Date
Fri, 18 Oct 2024 23:49:31 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/octet-stream
Server
nginx

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
i-idp.i-motion.de/realms/i-motion-mitarbeiter/ Name: AUTH_SESSION_ID
Value: 6782e33d-a090-417a-83fc-c7e2b3813bb6
i-idp.i-motion.de/realms/i-motion-mitarbeiter/ Name: AUTH_SESSION_ID_LEGACY
Value: 6782e33d-a090-417a-83fc-c7e2b3813bb6
i-idp.i-motion.de/realms/i-motion-mitarbeiter/ Name: KC_RESTART
Value: eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..ORQN7X6B_43G0Q1Wjq7GFw._Loq7yIKdmbrfT_avK_x7rMPNGp7EaTiitfjo3IZ3t4BbRfm3i4v49-2EQLNvF263xjCS_h6KhKsEXRetybfq8XPh4HOou6ET34PY2Uoh20qLglb3KbJHUrqqq8uwZuyxRRScbVTzNFEUxP6rDkYDkbKQkJ9L8h1BAcd3bR91SmscGl3PG0Ne0Lv2gNEU8S0TcMRhhcEv1wzykIbvTnfEybJ9x48H06h9QE6403RxU5nYN2wcPfok1rcHrdZQdbs73Vg7G3vo3jLQwIR-pl-EVmlXZQaTyrlnBsUvsNS826GwCgWBImbNNTp5eTlTef2F40pGMQ0gvEjTbiqMQSM3IXvw47NIJpMvX92kzJYF0LkE2rzW-75Xxbp3JBlBfREhKnRHtMD9iYggetqsilSrBqMIyJcepWBkKhChNrSML1sdKW2P3-HGkmMJ0HQDN92Qbj887bikPfnwKqFEt6hTrbDRAOLNcxq0-Xp2F6jV8Z5uoR0ORR2UflC2osNzOIFEBQXGwbRxWUOJ-35sfbeOGNOfG3dw-NfwegVbIBnRyrx51_2o2i_o9ITzlg2yeFqe3PMv7WinOwuS3w36AyAbc8UVeU0TTXYCySr2CBIbfdrh2SBICRRBPpiKNUlepoHRRd0C0z8i7C4K-fejaLEwJGoZsdJLo_gu2lV7mLakJ7XM-zAJEJqGb6ej66t-w3Zx20bwJLXVBJCEKfiCFyGU1dn2OvNOP2RmrjgRA11b8yjkHv97otswBJB1Znl219ore9PMzx6gwb5xHRrvm3mumI7HXInu8U39l5BMIg7HDrVjMM-YsczucSqvlOwDGdFvAkmSHcE5U23RPJggv-igM63Rqmfetr-3xsTh0D-h-DAQ6f6NkcHQruAWghmVyfuuPsaq05p2_0zNxQm-DtTtBEV7bYRiMGchi2w9sdx_mv7Wudn3dmSnzes8YuVGaZVGEuocZOvt_J35rUKyrzdKAAiZNehP-o6MW02y-CC-ao2PG0ObAzpfS-vq8bvba-6.iayhfqrujPU_jJNuxfbU0Q
ticket-dashboard.support-mc.i-motion.de/ Name: 0e81658c47408a70e187fadd91b67e32
Value: 449fc68455b20827472735628d3e0f72

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i-idp.i-motion.de
ticket-dashboard.support-mc.i-motion.de
149.81.3.255
213.95.248.60
05579fc9e75ea0c18ac7e97b3e528031c6e217c323c5fda54b2d69d0075750e3
0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e
0b6f8e2645e026900625066f33d0a3df9847d22ff8a458ce85d0375193bd8e3e
166afc46cfa5bae53fe5fc9e2e9f6d6dbd52e8374c28c33fd000a997ade5d121
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
27abff3edf4192d73c66f42fe9a773358b54c46a38afaa5f1cfe1753f68415eb
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2debbb2a153f94bce40ef98e45cfc9770c58ff137f036c8ac956696ae88084e4
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
4080ffc9ca89666f1492cd9742da52ad6e56bd36191233f9d17f64f1610c22f8
4c1a78a027cbb0e5a9a123726bac51171acea82d3fa7a3ca9305b24c38d37a29
5ec6728131ddee71adba1c9fce4a156770b2af5f2c514677985d536756a17c4e
6df35fb0b98bfc3b78bb9936fceca7d91bb53dcc0cd3df7399b4fa3537c565ed
8be0044ede416693ce9603d76513d6ebba7c56c791b7ee3e2da856fb9de2ab44
91aa6182d15bc93914595d5422bd1ec6a31a58e41e30085209ab1ad0bd513fff
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
ce05c2de22e34b2cb77c6a82e248b90d9a439b7e811ed8d4747f70d1c2a94321
d84235c3a967dfe986e6bee6955bccbe3829feb6a823000385918aa0c312e5c7
fe821fa52ccab3b70d9c1a024bb0cbfcf52c0fcc1ef96200035a4b749e2c3d13