keycloak.google.trafi.com
Open in
urlscan Pro
54.72.236.119
Public Scan
Effective URL: https://keycloak.google.trafi.com/auth/realms/DMP/protocol/openid-connect/auth?client_id=dmp-web-v2&redirect_uri=https%3A%2F%2Fdmp...
Submission Tags: @phishunt_io
Submission: On November 03 via api from ES
Summary
TLS certificate: Issued by Amazon on January 22nd 2020. Valid for: a year.
This is the only time keycloak.google.trafi.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 34.252.147.157 34.252.147.157 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::2003 | 15169 (GOOGLE) (GOOGLE) | |
11 | 54.72.236.119 54.72.236.119 | 16509 (AMAZON-02) (AMAZON-02) | |
22 | 6 |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-147-157.eu-west-1.compute.amazonaws.com
dmp.google.trafi.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-236-119.eu-west-1.compute.amazonaws.com
keycloak.google.trafi.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
trafi.com
dmp.google.trafi.com keycloak.google.trafi.com Failed |
3 MB |
1 |
gstatic.com
fonts.gstatic.com |
11 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
7 KB |
1 |
googleapis.com
fonts.googleapis.com |
831 B |
0 |
datadoghq.com
Failed
rum-http-intake.logs.datadoghq.com Failed |
|
22 | 5 |
Domain | Requested by | |
---|---|---|
11 | keycloak.google.trafi.com |
dmp.google.trafi.com
keycloak.google.trafi.com |
6 | dmp.google.trafi.com |
dmp.google.trafi.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | maxcdn.bootstrapcdn.com |
dmp.google.trafi.com
|
1 | fonts.googleapis.com |
dmp.google.trafi.com
|
0 | rum-http-intake.logs.datadoghq.com Failed |
dmp.google.trafi.com
|
22 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
dmp.google.trafi.com Amazon |
2020-06-19 - 2021-07-19 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.google.trafi.com Amazon |
2020-01-22 - 2021-02-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://keycloak.google.trafi.com/auth/realms/DMP/protocol/openid-connect/auth?client_id=dmp-web-v2&redirect_uri=https%3A%2F%2Fdmp.google.trafi.com%2F&state=fe26d365-3fb6-462d-8255-074cd1261724&response_mode=fragment&response_type=code&scope=openid&nonce=60763dc4-f983-4dda-8f66-8bdda6964b0d
Frame ID: 810337C2DD64E5CFF10074156E4BF9A2
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://dmp.google.trafi.com/ Page URL
- https://keycloak.google.trafi.com/auth/realms/DMP/protocol/openid-connect/auth?client_id=dmp-web-v2&redirect_u... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://dmp.google.trafi.com/ Page URL
- https://keycloak.google.trafi.com/auth/realms/DMP/protocol/openid-connect/auth?client_id=dmp-web-v2&redirect_uri=https%3A%2F%2Fdmp.google.trafi.com%2F&state=fe26d365-3fb6-462d-8255-074cd1261724&response_mode=fragment&response_type=code&scope=openid&nonce=60763dc4-f983-4dda-8f66-8bdda6964b0d Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
dmp.google.trafi.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 831 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors.3d0000b482b5ce79ef0c.css
dmp.google.trafi.com/public/ |
38 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.f0de34902bf87eed7cdd.css
dmp.google.trafi.com/public/ |
127 KB 128 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.911934a72d4080df1c56.js
dmp.google.trafi.com/public/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors.911934a72d4080df1c56.js
dmp.google.trafi.com/public/ |
2 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.911934a72d4080df1c56.js
dmp.google.trafi.com/public/ |
611 KB 613 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
userinfo
keycloak.google.trafi.com/auth/realms/DMP/protocol/openid-connect/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
userinfo
keycloak.google.trafi.com/auth/realms/DMP/protocol/openid-connect/ |
0 0 |
Other
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
pub2516e33940f95a7f1485feb2b715f0c3
rum-http-intake.logs.datadoghq.com/v1/input/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
auth
keycloak.google.trafi.com/auth/realms/DMP/protocol/openid-connect/ |
3 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patternfly.min.css
keycloak.google.trafi.com/auth/resources/3fwue/login/keycloak/node_modules/patternfly/dist/css/ |
178 KB 179 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patternfly-additions.min.css
keycloak.google.trafi.com/auth/resources/3fwue/login/keycloak/node_modules/patternfly/dist/css/ |
220 KB 220 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zocial.css
keycloak.google.trafi.com/auth/resources/3fwue/login/keycloak/lib/zocial/ |
43 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
keycloak.google.trafi.com/auth/resources/3fwue/login/keycloak/css/ |
7 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-login.jpg
keycloak.google.trafi.com/auth/resources/3fwue/login/keycloak/node_modules/patternfly/dist/img/ |
47 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keycloak-bg.png
keycloak.google.trafi.com/auth/resources/3fwue/login/keycloak/img/ |
80 KB 80 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Regular-webfont.woff2
keycloak.google.trafi.com/auth/resources/3fwue/login/keycloak/node_modules/patternfly/dist/fonts/ |
61 KB 61 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Semibold-webfont.woff2
keycloak.google.trafi.com/auth/resources/3fwue/login/keycloak/node_modules/patternfly/dist/fonts/ |
62 KB 63 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Light-webfont.woff2
keycloak.google.trafi.com/auth/resources/3fwue/login/keycloak/node_modules/patternfly/dist/fonts/ |
62 KB 62 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- keycloak.google.trafi.com
- URL
- https://keycloak.google.trafi.com/auth/realms/DMP/protocol/openid-connect/userinfo
- Domain
- rum-http-intake.logs.datadoghq.com
- URL
- https://rum-http-intake.logs.datadoghq.com/v1/input/pub2516e33940f95a7f1485feb2b715f0c3?_dd.application_id=4167443a-fee2-49b3-9ad9-f4e9cc0e2366&ddsource=browser&ddtags=sdk_version:1.12.4&batch_time=1604441466462
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
keycloak.google.trafi.com/ | Name: AWSALBCORS Value: EcutBPhT82raoC9+qpz32QsGBvkLzxk1SOz0NeTOwyGJeNAxllVVO0yF70JoZEWZ+QlAcuZbLoO4D7+DsAu2xd30PwaMVu/fwcPfOSwYjCX7ybZqjuVUZzWxiggh |
|
keycloak.google.trafi.com/ | Name: AWSALB Value: EcutBPhT82raoC9+qpz32QsGBvkLzxk1SOz0NeTOwyGJeNAxllVVO0yF70JoZEWZ+QlAcuZbLoO4D7+DsAu2xd30PwaMVu/fwcPfOSwYjCX7ybZqjuVUZzWxiggh |
|
keycloak.google.trafi.com/auth/realms/DMP/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzMzJmMDIwYy1jYmI3LTQ0M2YtOTEyMi1lNTJkZjJiZjdmMmQifQ.eyJjaWQiOiJkbXAtd2ViLXYyIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9kbXAuZ29vZ2xlLnRyYWZpLmNvbS8iLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCIsImlzcyI6Imh0dHBzOi8va2V5Y2xvYWsuZ29vZ2xlLnRyYWZpLmNvbS9hdXRoL3JlYWxtcy9ETVAiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vZG1wLmdvb2dsZS50cmFmaS5jb20vIiwic3RhdGUiOiJmZTI2ZDM2NS0zZmI2LTQ2MmQtODI1NS0wNzRjZDEyNjE3MjQiLCJub25jZSI6IjYwNzYzZGM0LWY5ODMtNGRkYS04ZjY2LThiZGRhNjk2NGIwZCIsInJlc3BvbnNlX21vZGUiOiJmcmFnbWVudCJ9fQ.npEcfu0jeYH5_bnuG2Q3EnsTYELKU1G1z9Qug--Yllk |
|
keycloak.google.trafi.com/auth/realms/DMP/ | Name: AUTH_SESSION_ID Value: bcc8ff59-458a-44a1-b1c9-ee8115fb86e2.44c24c5d8d6f |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dmp.google.trafi.com
fonts.googleapis.com
fonts.gstatic.com
keycloak.google.trafi.com
maxcdn.bootstrapcdn.com
rum-http-intake.logs.datadoghq.com
keycloak.google.trafi.com
rum-http-intake.logs.datadoghq.com
2001:4de0:ac19::1:b:1a
2a00:1450:4001:818::2003
2a00:1450:4001:820::200a
34.252.147.157
54.72.236.119
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0825175291be11f7689e8718295e422bb6fa4f8fefccc5610292b720c701ac4e
0938d5503cf14d3f9a5e612a52ebcda33e889f4e166a58eb2e59a445b8189bfc
0ccfbfeb715ec5990cb233658f966dcde83526c5626c302b67eb18d6984c3ae8
19edd2b018063320559188548b225aa63914bbc90fb756bc26872db1669e89f0
245e0bd9c5a93f34cc25a5742ea0d0dfe139d9fed4bda9a4ad13e6057da22072
2719bdb704b0b94274bd8e4cb8c89051ec4a5723b7ba5184424a4c8384f6cd9a
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
38bc24c2251203dac1b2b3cdfef983b634e10caecc6aa0cec81911bcbaa5a4c9
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
694a6d01426ae1649bca49df870c7ce4c635d372a0e54b883fbab115706b646c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
ac8a98de9d598d6462d505db9191b9ede87de2d88af015f3dd926faef284ebe2
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
dabab8829a3f91d63ed1f8430d439c5dad1d35aca216e69cd842b58d2dac4f9c
de1e7513381d60fd4d1fc360450747a2b5836ccbf966fa5574692378b0ad8257
ee8cb658c4975bb6ac8b2467dca6a724aca92a57a267a6de8a2f6f8a54614c98
ff67e5c4ecc500b1f76c8fa2b349afc82e98a1cdc07345d18be9cbed5e080d79