cas.dydu.ai Open in urlscan Pro
51.159.115.200 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app1.totalenergies.doyoudreamup.com/
Effective URL:
https://cas.dydu.ai/prod-sso/login?servercode=app1.totalenergies.doyoudreamup.com&loginmessage=eyJhcHBXZWxjb21lU2Vud...
Submission Tags: @phishunt_io
Submission: On August 08 via api (August 8th 2023, 11:21:24 pm UTC) from DE — Scanned from FR

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 51.159.115.200, located in Paris, France and belongs to Online SAS, FR. The main domain is cas.dydu.ai.
TLS certificate: Issued by R3 on July 25th 2023. Valid for: 3 months.

This is the only time cas.dydu.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	217.182.192.156 217.182.192.156	16276 (OVH) (OVH)
15	51.159.115.200 51.159.115.200	12876 (Online SAS) (Online SAS)
15	1

2 217.182.192.156 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3073639.ip-217-182-192.eu

app1.totalenergies.doyoudreamup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 51.159.115.200 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-159-115-200.lb.fr-par.scw.cloud

cas.dydu.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	dydu.ai cas.dydu.ai	224 KB
2	doyoudreamup.com 2 redirects app1.totalenergies.doyoudreamup.com	2 KB
15	2

	Domain	Requested by
15	cas.dydu.ai	cas.dydu.ai
2	app1.totalenergies.doyoudreamup.com	2 redirects
15	2

This site contains links to these domains. Also see Links.

Domain
content.dydu.ai
docs.dydu.ai

Subject Issuer	Validity	Valid
cas.dydu.ai R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cas.dydu.ai/prod-sso/login?servercode=app1.totalenergies.doyoudreamup.com&loginmessage=eyJhcHBXZWxjb21lU2VudGVuY2UiOiJjYXMubG9naW4ud2VsY29tZS5ibXMifQ%3D%3D&service=https%3A%2F%2Fapp1.totalenergies.doyoudreamup.com%2Fwebsite%2Fcallback%3Fclient_name%3DCasClient
Frame ID: 9D037536E20835FBDF2304D93EA371DE
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dydu : Se connecter

Page URL History Show full URLs

https://app1.totalenergies.doyoudreamup.com/ HTTP 301
https://app1.totalenergies.doyoudreamup.com/website/ HTTP 302
https://cas.dydu.ai/prod-sso/login?servercode=app1.totalenergies.doyoudreamup.com&loginmessage=e... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

224 kB
Transfer

281 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://content.dydu.ai/dydu-demande-demo
Title: Contactez nous !

Search URL Search Domain Scan URL

URL: https://docs.dydu.ai/fr/docs/Integration/Channels/dydubox/#afficher-un-bandeau-dinformations
Title: En savoir plus

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://app1.totalenergies.doyoudreamup.com/ HTTP 301
https://app1.totalenergies.doyoudreamup.com/website/ HTTP 302
https://cas.dydu.ai/prod-sso/login?servercode=app1.totalenergies.doyoudreamup.com&loginmessage=eyJhcHBXZWxjb21lU2VudGVuY2UiOiJjYXMubG9naW4ud2VsY29tZS5ibXMifQ%3D%3D&service=https%3A%2F%2Fapp1.totalenergies.doyoudreamup.com%2Fwebsite%2Fcallback%3Fclient_name%3DCasClient Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request login Show response
cas.dydu.ai/prod-sso/
Redirect Chain

https://app1.totalenergies.doyoudreamup.com/
https://app1.totalenergies.doyoudreamup.com/website/
https://cas.dydu.ai/prod-sso/login?servercode=app1.totalenergies.doyoudreamup.com&loginmessage=eyJhcHBXZWxjb21lU2VudGVuY2UiOiJjYXMubG9naW4ud2VsY29tZS5ibXMifQ%3D%3D&service=https%3A%2F%2Fapp1.totale...

20 KB
8 KB

284ms
67ms

Document
text/html

51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.dydu.ai/prod-sso/login?servercode=app1.totalenergies.doyoudreamup.com&loginmessage=eyJhcHBXZWxjb21lU2VudGVuY2UiOiJjYXMubG9naW4ud2VsY29tZS5ibXMifQ%3D%3D&service=https%3A%2F%2Fapp1.totalenergies.doyoudreamup.com%2Fwebsite%2Fcallback%3Fclient_name%3DCasClient

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

27e1c676857c8fc4fdeef164ad014952ad38c0bd9138ed26950f2f9464daa016

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Language: fr-FR
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Content-Type: text/html;charset=UTF-8
Date: Tue, 08 Aug 2023 23:21:19 GMT
Expires: 0
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Pragma: no-cache
Referrer-Policy: strict-origin
Server: nginx
Strict-Transport-Security: max-age=2592000; preload
Transfer-Encoding: chunked
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
X-Content-Type-Options: nosniff
X-Frame-Options: allow-from SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src https:; connect-src https: wss:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:;
Date: Tue, 08 Aug 2023 23:21:18 GMT
Expires: 0
Location: https://cas.dydu.ai/prod-sso/login?servercode=app1.totalenergies.doyoudreamup.com&loginmessage=eyJhcHBXZWxjb21lU2VudGVuY2UiOiJjYXMubG9naW4ud2VsY29tZS5ibXMifQ%3D%3D&service=https%3A%2F%2Fapp1.totalenergies.doyoudreamup.com%2Fwebsite%2Fcallback%3Fclient_name%3DCasClient
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=15768000 ; includeSubDomains max-age=31536000;
X-Content-Type-Options: nosniff nosniff
X-XSS-Protection: 1; mode=block 1; mode=block

GET
H/1.1 200 reset.css
cas.dydu.ai/prod-sso/styles/ 3 KB
4 KB 34ms
34ms Stylesheet
text/css 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.dydu.ai/prod-sso/styles/reset.css

Requested by

Host: cas.dydu.ai
URL: https://cas.dydu.ai/prod-sso/login?servercode=app1.totalenergies.doyoudreamup.com&loginmessage=eyJhcHBXZWxjb21lU2VudGVuY2UiOiJjYXMubG9naW4ud2VsY29tZS5ibXMifQ%3D%3D&service=https%3A%2F%2Fapp1.totalenergies.doyoudreamup.com%2Fwebsite%2Fcallback%3Fclient_name%3DCasClient

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

e3afbd581790307d7fa6aede1d623f1b5b63871b87d53bfa4296d52af909f3e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cas.dydu.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: text/css;charset=UTF-8
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3111
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 common.css
cas.dydu.ai/prod-sso/styles/ 26 KB
27 KB 93ms
57ms Stylesheet
text/css 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.dydu.ai/prod-sso/styles/common.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

ca7e44621ec17374bb2c5e0038f5e0edb3212f2fa9d4698266c91a81f271a781

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cas.dydu.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: text/css;charset=UTF-8
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26394
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 authentication.css
cas.dydu.ai/prod-sso/styles/ 6 KB
7 KB 80ms
31ms Stylesheet
text/css 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.dydu.ai/prod-sso/styles/authentication.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

1b7f4eb91a077195e0294d898343cd961eeff0c9a94c43d114e31a20eaa53131

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cas.dydu.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: text/css;charset=UTF-8
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6202
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 jquery.min.js Show response
cas.dydu.ai/prod-sso/webjars/jquery/3.6.0/ 87 KB
31 KB 105ms
56ms Script
application/javascript 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.dydu.ai/prod-sso/webjars/jquery/3.6.0/jquery.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cas.dydu.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2592000; preload
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
X-Frame-Options: allow-from, SAMEORIGIN
Vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
Content-Type: application/javascript;charset=UTF-8
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes

GET
H/1.1 200 dydu-logo.svg
cas.dydu.ai/prod-sso/images/ 2 KB
3 KB 29ms
28ms Image
image/svg+xml 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cas.dydu.ai/prod-sso/images/dydu-logo.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

e64421a33440fafa3c42a843217771eb6752aa257b16a6819e07200c87cc6e94

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cas.dydu.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Connection: keep-alive
Content-Length: 2452
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200 logo-google.svg
cas.dydu.ai/prod-sso/images/ 1 KB
2 KB 54ms
54ms Image
image/svg+xml 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cas.dydu.ai/prod-sso/images/logo-google.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

5722617974160d10a2564c051caf679e6686955012aa626f1dcf163e20ebcedd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cas.dydu.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Connection: keep-alive
Content-Length: 1307
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200 illu-chatbot.png
cas.dydu.ai/prod-sso/images/ 21 KB
22 KB 30ms
30ms Image
image/png 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cas.dydu.ai/prod-sso/images/illu-chatbot.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

ca9c3119a676a6e203eb5aa081178bdfe018f81f8e173ff30ad91531b95d6de6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cas.dydu.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: image/png;charset=UTF-8
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21790
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 subscribe-decoration.svg
cas.dydu.ai/prod-sso/images/ 1 KB
2 KB 29ms
29ms Image
image/svg+xml 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cas.dydu.ai/prod-sso/images/subscribe-decoration.svg

Requested by

Host: cas.dydu.ai
URL: https://cas.dydu.ai/prod-sso/styles/authentication.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

93a3ed27024fe651fa881b1d8dce11bb99935cf5b65b6ad434f79d3233863e3f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cas.dydu.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Connection: keep-alive
Content-Length: 1055
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200 block-hero-bg.svg
cas.dydu.ai/prod-sso/images/ 17 KB
18 KB 95ms
49ms Image
image/svg+xml 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cas.dydu.ai/prod-sso/images/block-hero-bg.svg

Requested by

Host: cas.dydu.ai
URL: https://cas.dydu.ai/prod-sso/styles/common.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

6c643c64727e3005834290865e27970888ec1c1b1e583babaf3e15c70016b25b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cas.dydu.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Connection: keep-alive
Content-Length: 17842
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200 arrow-round-back.svg
cas.dydu.ai/prod-sso/images/ 647 B
2 KB 76ms
30ms Image
image/svg+xml 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cas.dydu.ai/prod-sso/images/arrow-round-back.svg

Requested by

Host: cas.dydu.ai
URL: https://cas.dydu.ai/prod-sso/styles/common.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

eff974e169fa7f58e8e641d0e2dabe2520d0f76827d6c3ca99a2e24b8f7fa007

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://cas.dydu.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Connection: keep-alive
Content-Length: 647
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200 Roboto-Regular.woff2
cas.dydu.ai/prod-sso/fonts/ 62 KB
63 KB 43ms
30ms Font
application/font-woff2 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.dydu.ai/prod-sso/fonts/Roboto-Regular.woff2

Requested by

Host: cas.dydu.ai
URL: https://cas.dydu.ai/prod-sso/styles/common.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

b607af022d270484eb30449885c0a8c59042a32b2a6ed795a17e896ea574bacc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cas.dydu.ai/
Origin: https://cas.dydu.ai
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Connection: keep-alive
Content-Length: 63496
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200 assistant-semi-bold.woff2
cas.dydu.ai/prod-sso/fonts/ 11 KB
12 KB 80ms
50ms Font
application/font-woff2 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.dydu.ai/prod-sso/fonts/assistant-semi-bold.woff2

Requested by

Host: cas.dydu.ai
URL: https://cas.dydu.ai/prod-sso/styles/common.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

399baf7f8f35a08a3208608841f19ab9d923a0f5fd6a0658018a51c251bcafae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cas.dydu.ai/
Origin: https://cas.dydu.ai
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Connection: keep-alive
Content-Length: 11128
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200 assistant-regular.woff2
cas.dydu.ai/prod-sso/fonts/ 11 KB
12 KB 69ms
30ms Font
application/font-woff2 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.dydu.ai/prod-sso/fonts/assistant-regular.woff2

Requested by

Host: cas.dydu.ai
URL: https://cas.dydu.ai/prod-sso/styles/common.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

3300ecb60c602c2cbdb32cfefdf97ee2bc9b6f15a9e00e6815693a4068fe2506

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cas.dydu.ai/
Origin: https://cas.dydu.ai
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Connection: keep-alive
Content-Length: 11188
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200 assistant-bold.woff2
cas.dydu.ai/prod-sso/fonts/ 11 KB
12 KB 90ms
46ms Font
application/font-woff2 51.159.115.200
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.dydu.ai/prod-sso/fonts/assistant-bold.woff2

Requested by

Host: cas.dydu.ai
URL: https://cas.dydu.ai/prod-sso/styles/common.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

51.159.115.200 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

51-159-115-200.lb.fr-par.scw.cloud

Software

nginx /

Resource Hash

04533e17148367c6aa8bc9cf2e0e4b59854a2160adcb60b3454db5399bbfa87f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cas.dydu.ai/
Origin: https://cas.dydu.ai
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 23:21:19 GMT
Strict-Transport-Security: max-age=2592000; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; font-src *;img-src * data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Connection: keep-alive
Content-Length: 11172
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Tue, 25 Jul 2023 16:08:04 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Frame-Options: allow-from, SAMEORIGIN
Content-Type: application/font-woff2;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Accept-Ranges: bytes
Expires: 0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app1.totalenergies.doyoudreamup.com/website	1969-12-31 23:59:59	Name: JSESSIONID Value: 74FAD24E86228A51576608BD30AB71CE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; font-src ;img-src data:; script-src 'self' 'unsafe-inline'; style-src * 'unsafe-inline'
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app1.totalenergies.doyoudreamup.com
cas.dydu.ai
217.182.192.156
51.159.115.200
04533e17148367c6aa8bc9cf2e0e4b59854a2160adcb60b3454db5399bbfa87f
1b7f4eb91a077195e0294d898343cd961eeff0c9a94c43d114e31a20eaa53131
27e1c676857c8fc4fdeef164ad014952ad38c0bd9138ed26950f2f9464daa016
3300ecb60c602c2cbdb32cfefdf97ee2bc9b6f15a9e00e6815693a4068fe2506
399baf7f8f35a08a3208608841f19ab9d923a0f5fd6a0658018a51c251bcafae
5722617974160d10a2564c051caf679e6686955012aa626f1dcf163e20ebcedd
6c643c64727e3005834290865e27970888ec1c1b1e583babaf3e15c70016b25b
93a3ed27024fe651fa881b1d8dce11bb99935cf5b65b6ad434f79d3233863e3f
b607af022d270484eb30449885c0a8c59042a32b2a6ed795a17e896ea574bacc
ca7e44621ec17374bb2c5e0038f5e0edb3212f2fa9d4698266c91a81f271a781
ca9c3119a676a6e203eb5aa081178bdfe018f81f8e173ff30ad91531b95d6de6
e3afbd581790307d7fa6aede1d623f1b5b63871b87d53bfa4296d52af909f3e3
e64421a33440fafa3c42a843217771eb6752aa257b16a6819e07200c87cc6e94
eff974e169fa7f58e8e641d0e2dabe2520d0f76827d6c3ca99a2e24b8f7fa007
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

cas.dydu.ai Open in urlscan Pro 51.159.115.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

224 kBTransfer

281 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

cas.dydu.ai Open in urlscan Pro
51.159.115.200 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

224 kB
Transfer

281 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions