urlscan.io logo urlscan.io
SecurityTrails logo

auth-demarches.culture.gouv.fr Open in urlscan Pro
217.182.21.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://auth-hermes.culture.gouv.fr/
Effective URL: https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-fa...
Submission: On May 07 via automatic, source certstream-suspicious — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 217.182.21.231, located in France and belongs to OVH, FR. The main domain is auth-demarches.culture.gouv.fr.
TLS certificate: Issued by Certigna Services CA on June 28th 2023. Valid for: a year.
This is the only time auth-demarches.culture.gouv.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 217.182.21.231 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
17 3
Apex Domain
Subdomains		 Transfer
15 culture.gouv.fr
auth-hermes.culture.gouv.fr
auth-demarches.culture.gouv.fr
179 KB
2 gstatic.com
fonts.gstatic.com
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
900 B
17 3
Domain Requested by
12 auth-demarches.culture.gouv.fr auth-demarches.culture.gouv.fr
3 auth-hermes.culture.gouv.fr 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com auth-demarches.culture.gouv.fr
17 4

This site contains no links.

Subject Issuer Validity Valid
auth-demarches.culture.gouv.fr
Certigna Services CA		 2023-06-28 -
2024-07-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Frame ID: 61DE63E263FEA7EAC13DB6F89D29A030
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Votre plateforme pour gérer toutes vos démarches administratives.

Page URL History Show full URLs

  1. https://auth-hermes.culture.gouv.fr/ Page URL
  2. https://auth-hermes.culture.gouv.fr/BluewayFaces/portal/forum HTTP 302
    https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_i... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

17
Requests

88 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

225 kB
Transfer

778 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth-hermes.culture.gouv.fr/ Page URL
  2. https://auth-hermes.culture.gouv.fr/BluewayFaces/portal/forum HTTP 302
    https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
auth-hermes.culture.gouv.fr/ 		193 B
582 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-hermes.culture.gouv.fr/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
4ce56fedbd96e60ef93eb1d5cfa981e41345b249ea04b50c28afbb670f508a8f

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=0, no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
157
Content-Type
text/html
Date
Tue, 07 May 2024 07:13:20 GMT
Expires
Thu, 1 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Wed, 15 Feb 2023 23:51:22 GMT
Pragma
no-cache
Server
Apache/2.4.53 (Debian)
Vary
Accept-Encoding
Primary Request auth
auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/
Redirect Chain
  • https://auth-hermes.culture.gouv.fr/BluewayFaces/portal/forum
  • https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FB...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
a3cd98f6d0fa9b6b8e1c558312e7d62a48e43ef0f3676584b586c895baa44825
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://auth-hermes.culture.gouv.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
fr
Content-Length
1597
Content-Security-Policy
frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Content-Type
text/html;charset=utf-8
Date
Tue, 07 May 2024 07:13:21 GMT
Keep-Alive
timeout=5, max=100
Referrer-Policy
no-referrer
Server
Apache/2.4.53 (Debian)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
none
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Tue, 07 May 2024 07:13:20 GMT
Keep-Alive
timeout=5, max=98
Location
https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Server
Apache/2.4.53 (Debian)
favicon.ico
auth-hermes.culture.gouv.fr/ 		289 B
505 B 		Other
General
Check archive.org
Download Go to
Full URL
https://auth-hermes.culture.gouv.fr/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://auth-hermes.culture.gouv.fr/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 07:13:20 GMT
Server
Apache/2.4.53 (Debian)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
289
Content-Type
text/html; charset=iso-8859-1
patternfly.min.css
auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/node_modules/patternfly/dist/css/ 		178 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/node_modules/patternfly/dist/css/patternfly.min.css
Requested by
Host: auth-demarches.culture.gouv.fr
URL: https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 07:13:21 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache/2.4.53 (Debian)
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
X-XSS-Protection
1; mode=block
patternfly-additions.min.css
auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/node_modules/patternfly/dist/css/ 		220 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/node_modules/patternfly/dist/css/patternfly-additions.min.css
Requested by
Host: auth-demarches.culture.gouv.fr
URL: https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 07:13:21 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache/2.4.53 (Debian)
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
X-XSS-Protection
1; mode=block
zocial.css
auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/lib/zocial/ 		43 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/lib/zocial/zocial.css
Requested by
Host: auth-demarches.culture.gouv.fr
URL: https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 07:13:21 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache/2.4.53 (Debian)
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
X-XSS-Protection
1; mode=block
ui.css
auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/css/ui.css
Requested by
Host: auth-demarches.culture.gouv.fr
URL: https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
923823507605422adfd873d2b7e37ce426e5d570cd0b0483828292cc60b1a0f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 07:13:21 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache/2.4.53 (Debian)
X-Content-Type-Options
nosniff
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
2228
X-XSS-Protection
1; mode=block
login.css
auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/css/login.css
Requested by
Host: auth-demarches.culture.gouv.fr
URL: https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
b07ae4b05c3154bb30025e1b7d281c67f90e387d2dd35b0d96dec956f43277ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 07:13:21 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache/2.4.53 (Debian)
X-Content-Type-Options
nosniff
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
3282
X-XSS-Protection
1; mode=block
blueway.css
auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/css/blueway.css
Requested by
Host: auth-demarches.culture.gouv.fr
URL: https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
395eceed70c9fae022d6507c7ee5588b04f99c48f5ccb154e9d5be9d2287fc1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 07:13:21 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache/2.4.53 (Debian)
X-Content-Type-Options
nosniff
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
5648
X-XSS-Protection
1; mode=block
jquery.min.js
auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/js/libs/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/js/libs/jquery.min.js
Requested by
Host: auth-demarches.culture.gouv.fr
URL: https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 07:13:21 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache/2.4.53 (Debian)
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
X-XSS-Protection
1; mode=block
jquery-ui.min.js
auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/js/libs/ 		90 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/js/libs/jquery-ui.min.js
Requested by
Host: auth-demarches.culture.gouv.fr
URL: https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
3a367dc34ac753aaf4cd40f4f1c75040f1c763ced34b63b85b4bc47a481c7e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 07:13:21 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache/2.4.53 (Debian)
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
X-XSS-Protection
1; mode=block
script.js
auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/js/ 		30 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/js/script.js
Requested by
Host: auth-demarches.culture.gouv.fr
URL: https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
76e1cc29571abc3b9ade1d30cc0730b747b309acfef819209ed323c683861649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 07:13:21 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache/2.4.53 (Debian)
X-Content-Type-Options
nosniff
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
6078
X-XSS-Protection
1; mode=block
LogoMCHP.png
auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/img/LogoMCHP.png
Requested by
Host: auth-demarches.culture.gouv.fr
URL: https://auth-demarches.culture.gouv.fr/auth/realms/usagers/protocol/openid-connect/auth?response_type=code&client_id=usagers_blueway-faces&redirect_uri=https%3A%2F%2Fauth-hermes.culture.gouv.fr%2FBluewayFaces%2Fportal%2Fforum&state=e83aab65-aed4-4c73-a239-8136ab8c9ebb&login=true&scope=openid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
a1a66c346e3af1e4ecb89159bad538c228c56414d8094daa0a6529cad8bf80c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 07:13:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
Server
Apache/2.4.53 (Debian)
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
7028
X-XSS-Protection
1; mode=block
css2
fonts.googleapis.com/ 		3 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: auth-demarches.culture.gouv.fr
URL: https://auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/css/blueway.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4357c93ecfd38fb8a8082a4f41c429be60b3e0f5ab2d3e47d3d9308f0b117a5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 May 2024 07:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 May 2024 06:12:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 May 2024 07:13:21 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://auth-demarches.culture.gouv.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:00:23 GMT
x-content-type-options
nosniff
age
601978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 08:00:23 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://auth-demarches.culture.gouv.fr
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 07:44:48 GMT
x-content-type-options
nosniff
age
602913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 07:44:48 GMT
favicon.ico
auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/img/ 		15 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://auth-demarches.culture.gouv.fr/auth/resources/xfg9l/login/culture-mc/img/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
217.182.21.231 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache/2.4.53 (Debian) /
Resource Hash
27601ae92266f1b53872d126529b9a755c30398ccbcd53845f491998cccd1a81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 07 May 2024 07:13:21 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache/2.4.53 (Debian)
X-Content-Type-Options
nosniff
Content-Type
application/octet-stream
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
5746
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| getQueryStringValue object| label_nic function| removeAllByClassName function| affichageConditionnel function| addAutoCompletSirene function| addAutoCompletForNIC function| autoFillRaisonSociale function| autoFillRaisonSocialewithSiret function| checkSiretSyncro function| addAutoCompletCommune function| autoFillCodePostal function| fillCommuneOnly function| getDynamicOptions object| password_field_original_new

5 Cookies

Domain/Path Name / Value
auth-demarches.culture.gouv.fr/auth/realms/usagers/ Name: AUTH_SESSION_ID
Value: d4b413e6-d177-48cc-99ab-37e74692757d.srv-bw-deb11-culture-prod2
auth-demarches.culture.gouv.fr/auth/realms/usagers/ Name: AUTH_SESSION_ID_LEGACY
Value: d4b413e6-d177-48cc-99ab-37e74692757d.srv-bw-deb11-culture-prod2
auth-demarches.culture.gouv.fr/auth/realms/usagers/ Name: KC_RESTART
Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI4NDQ4ZWUxNi03ZjUxLTQ1ZjQtYjExYy0wYjlmZTYwYWE5OGMifQ.eyJjaWQiOiJ1c2FnZXJzX2JsdWV3YXktZmFjZXMiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL2F1dGgtaGVybWVzLmN1bHR1cmUuZ291di5mci9CbHVld2F5RmFjZXMvcG9ydGFsL2ZvcnVtIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQiLCJpc3MiOiJodHRwczovL2F1dGgtZGVtYXJjaGVzLmN1bHR1cmUuZ291di5mci9hdXRoL3JlYWxtcy91c2FnZXJzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2F1dGgtaGVybWVzLmN1bHR1cmUuZ291di5mci9CbHVld2F5RmFjZXMvcG9ydGFsL2ZvcnVtIiwic3RhdGUiOiJlODNhYWI2NS1hZWQ0LTRjNzMtYTIzOS04MTM2YWI4YzllYmIiLCJjbGllbnRfcmVxdWVzdF9wYXJhbV9sb2dpbiI6InRydWUifX0.OMizVUNPhm_4xnyyIXk4FRM02jiiAGGKWpg2mO89xE0
auth-hermes.culture.gouv.fr/BluewayFaces Name: JSESSIONID
Value: C313F5218DE4F3ABFDBA0BB2D962BE59.prod4
auth-hermes.culture.gouv.fr/ Name: OAuth_Token_Request_State
Value: e83aab65-aed4-4c73-a239-8136ab8c9ebb

1 Console Messages

Source Level URL
Text
network error URL: https://auth-hermes.culture.gouv.fr/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)