authentification.primobox.net
Open in
urlscan Pro
164.138.245.249
Public Scan
Effective URL: https://authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/auth?response_type=code&client_id=rh&scope=ope...
Submission: On January 05 via manual from FR — Scanned from FR
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 15th 2023. Valid for: a year.
This is the only time authentification.primobox.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 164.138.245.131 164.138.245.131 | 58011 (CHEOPS-AS) (CHEOPS-AS) | |
5 | 164.138.245.249 164.138.245.249 | 58011 (CHEOPS-AS) (CHEOPS-AS) | |
5 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
primobox.net
1 redirects
dematrh.primobox.net authentification.primobox.net |
165 KB |
5 | 1 |
Domain | Requested by | |
---|---|---|
5 | authentification.primobox.net |
authentification.primobox.net
|
1 | dematrh.primobox.net | 1 redirects |
5 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.primobox.net Sectigo RSA Organization Validation Secure Server CA |
2023-09-15 - 2024-10-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/auth?response_type=code&client_id=rh&scope=openid&state=-bECe48Zsp8Rl6biHmRPYsU12bWqNYM2opgSY5_Yxa8%3D&redirect_uri=https://dematrh.primobox.net/login/oauth2/code/dematrh&nonce=hmBtEuh_1lmP0jDgNsP2oMICLRYH5plNNoyYdaVXbtA&code_challenge=z7mZ1hfKPSviSCs2DIiPwvaB6c1qbU2SBasR8gbZC5g&code_challenge_method=S256
Frame ID: F4DF7D999BFE9F383B99FF627E1E3364
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
DEMAT RH : Dématérialisation en lignePage URL History Show full URLs
-
https://dematrh.primobox.net/Espacesalarie_signatures
HTTP 302
https://authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/auth?response_type=code&cl... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://dematrh.primobox.net/Espacesalarie_signatures
HTTP 302
https://authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/auth?response_type=code&client_id=rh&scope=openid&state=-bECe48Zsp8Rl6biHmRPYsU12bWqNYM2opgSY5_Yxa8%3D&redirect_uri=https://dematrh.primobox.net/login/oauth2/code/dematrh&nonce=hmBtEuh_1lmP0jDgNsP2oMICLRYH5plNNoyYdaVXbtA&code_challenge=z7mZ1hfKPSviSCs2DIiPwvaB6c1qbU2SBasR8gbZC5g&code_challenge_method=S256 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
auth
authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
authentification.primobox.net/auth/resources/32bq0/login/primobox/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
authentification.primobox.net/auth/resources/32bq0/login/primobox/js/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AdobeStock_197019603.jpeg
authentification.primobox.net/auth/resources/32bq0/login/primobox/img/ |
168 KB 157 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_dematrh_white.svg
authentification.primobox.net/auth/resources/32bq0/login/primobox/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
authentification.primobox.net/auth/realms/primobox-prod/ | Name: AUTH_SESSION_ID Value: d0017886-0a8a-48fb-9072-85da0eba79ca.641a58fc6023-35239 |
|
authentification.primobox.net/auth/realms/primobox-prod/ | Name: AUTH_SESSION_ID_LEGACY Value: d0017886-0a8a-48fb-9072-85da0eba79ca.641a58fc6023-35239 |
|
authentification.primobox.net/auth/realms/primobox-prod/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI3MjMwMTRiYy1jMGZiLTQ5NTItYjFhMi04ZTlmNTc4N2U4OWQifQ.eyJjaWQiOiJyaCIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vZGVtYXRyaC5wcmltb2JveC5uZXQvbG9naW4vb2F1dGgyL2NvZGUvZGVtYXRyaCIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9hdXRoZW50aWZpY2F0aW9uLnByaW1vYm94Lm5ldC9hdXRoL3JlYWxtcy9wcmltb2JveC1wcm9kIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9kZW1hdHJoLnByaW1vYm94Lm5ldC9sb2dpbi9vYXV0aDIvY29kZS9kZW1hdHJoIiwic3RhdGUiOiItYkVDZTQ4WnNwOFJsNmJpSG1SUFlzVTEyYldxTllNMm9wZ1NZNV9ZeGE4PSIsIm5vbmNlIjoiaG1CdEV1aF8xbG1QMGpEZ05zUDJvTUlDTFJZSDVwbE5Ob3lZZGFWWGJ0QSIsImNvZGVfY2hhbGxlbmdlIjoiejdtWjFoZktQU3ZpU0NzMkRJaVB3dmFCNmMxcWJVMlNCYXNSOGdiWkM1ZyJ9fQ.BRhFRH6WDV92N1h5N-LXuVfpySHgcPyat0BlKUKtbWA |
|
dematrh.primobox.net/ | Name: JSESSIONID Value: A6FCD106C56E3C46FE2BC000803EBD5D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-src 'self'; frame-ancestors 'self'; object-src 'none'; |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
authentification.primobox.net
dematrh.primobox.net
164.138.245.131
164.138.245.249
017697e16b3505e5fef708ee2609886b39c764c524d644a2ac23e61b6e9317bb
32198f848a26eb714d414790c2d1228b1c46064dc87b8df2c9471c0b7a9172f5
401c7c46571e034e480f0e0eb61131aff803af25f9828719054d4b15b1853e88
558b8d41d187406963c842c942fc13f5483c9b0d6f4cc0539f2586d51255e276