authentification.primobox.net

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 164.138.245.249, located in Clermont-Ferrand, France and belongs to CHEOPS-AS, FR. The main domain is authentification.primobox.net.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 15th 2023. Valid for: a year.

This is the only time authentification.primobox.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	164.138.245.131 164.138.245.131	58011 (CHEOPS-AS) (CHEOPS-AS)
5	164.138.245.249 164.138.245.249	58011 (CHEOPS-AS) (CHEOPS-AS)
5	1

1 164.138.245.131 (Clermont-Ferrand, France) 1 redirects

ASN58011 (CHEOPS-AS, FR)

dematrh.primobox.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 164.138.245.249 (Clermont-Ferrand, France)

ASN58011 (CHEOPS-AS, FR)

authentification.primobox.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	primobox.net 1 redirects dematrh.primobox.net authentification.primobox.net	165 KB
5	1

	Domain	Requested by
5	authentification.primobox.net	authentification.primobox.net
1	dematrh.primobox.net	1 redirects
5	2

This site contains no links.

Subject Issuer	Validity	Valid
*.primobox.net Sectigo RSA Organization Validation Secure Server CA	`2023-09-15` - `2024-10-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/auth?response_type=code&client_id=rh&scope=openid&state=-bECe48Zsp8Rl6biHmRPYsU12bWqNYM2opgSY5_Yxa8%3D&redirect_uri=https://dematrh.primobox.net/login/oauth2/code/dematrh&nonce=hmBtEuh_1lmP0jDgNsP2oMICLRYH5plNNoyYdaVXbtA&code_challenge=z7mZ1hfKPSviSCs2DIiPwvaB6c1qbU2SBasR8gbZC5g&code_challenge_method=S256
Frame ID: F4DF7D999BFE9F383B99FF627E1E3364
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DEMAT RH : Dématérialisation en ligne

Page URL History Show full URLs

https://dematrh.primobox.net/Espacesalarie_signatures HTTP 302
https://authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/auth?response_type=code&cl... Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

164 kB
Transfer

187 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dematrh.primobox.net/Espacesalarie_signatures HTTP 302
https://authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/auth?response_type=code&client_id=rh&scope=openid&state=-bECe48Zsp8Rl6biHmRPYsU12bWqNYM2opgSY5_Yxa8%3D&redirect_uri=https://dematrh.primobox.net/login/oauth2/code/dematrh&nonce=hmBtEuh_1lmP0jDgNsP2oMICLRYH5plNNoyYdaVXbtA&code_challenge=z7mZ1hfKPSviSCs2DIiPwvaB6c1qbU2SBasR8gbZC5g&code_challenge_method=S256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request auth Show response
authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/
Redirect Chain

https://dematrh.primobox.net/Espacesalarie_signatures
https://authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/auth?response_type=code&client_id=rh&scope=openid&state=-bECe48Zsp8Rl6biHmRPYsU12bWqNYM2opgSY5_Yxa8%3D&redire...

5 KB
3 KB

101ms
33ms

Document
text/html

164.138.245.249
CHEOPS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/auth?response_type=code&client_id=rh&scope=openid&state=-bECe48Zsp8Rl6biHmRPYsU12bWqNYM2opgSY5_Yxa8%3D&redirect_uri=https://dematrh.primobox.net/login/oauth2/code/dematrh&nonce=hmBtEuh_1lmP0jDgNsP2oMICLRYH5plNNoyYdaVXbtA&code_challenge=z7mZ1hfKPSviSCs2DIiPwvaB6c1qbU2SBasR8gbZC5g&code_challenge_method=S256

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

164.138.245.249 Clermont-Ferrand, France, ASN58011 (CHEOPS-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

32198f848a26eb714d414790c2d1228b1c46064dc87b8df2c9471c0b7a9172f5

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-encoding: gzip
content-language: fr
content-length: 1413
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Fri, 05 Jan 2024 09:43:58 GMT
referrer-policy: no-referrer
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 05 Jan 2024 09:43:57 GMT
expires: 0
location: https://authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/auth?response_type=code&client_id=rh&scope=openid&state=-bECe48Zsp8Rl6biHmRPYsU12bWqNYM2opgSY5_Yxa8%3D&redirect_uri=https://dematrh.primobox.net/login/oauth2/code/dematrh&nonce=hmBtEuh_1lmP0jDgNsP2oMICLRYH5plNNoyYdaVXbtA&code_challenge=z7mZ1hfKPSviSCs2DIiPwvaB6c1qbU2SBasR8gbZC5g&code_challenge_method=S256
pragma: no-cache
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 style.css
authentification.primobox.net/auth/resources/32bq0/login/primobox/css/ 10 KB
3 KB 30ms
30ms Stylesheet
text/css 164.138.245.249
CHEOPS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://authentification.primobox.net/auth/resources/32bq0/login/primobox/css/style.css

Requested by

Host: authentification.primobox.net
URL: https://authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/auth?response_type=code&client_id=rh&scope=openid&state=-bECe48Zsp8Rl6biHmRPYsU12bWqNYM2opgSY5_Yxa8%3D&redirect_uri=https://dematrh.primobox.net/login/oauth2/code/dematrh&nonce=hmBtEuh_1lmP0jDgNsP2oMICLRYH5plNNoyYdaVXbtA&code_challenge=z7mZ1hfKPSviSCs2DIiPwvaB6c1qbU2SBasR8gbZC5g&code_challenge_method=S256

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

164.138.245.249 Clermont-Ferrand, France, ASN58011 (CHEOPS-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

558b8d41d187406963c842c942fc13f5483c9b0d6f4cc0539f2586d51255e276

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
referrer-policy: no-referrer
server: Apache
date: Fri, 05 Jan 2024 09:43:58 GMT
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 2947
x-xss-protection: 1; mode=block

GET
H2 404 script.js
authentification.primobox.net/auth/resources/32bq0/login/primobox/js/ 0
0 31ms
31ms Script
application/javascript 164.138.245.249
CHEOPS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://authentification.primobox.net/auth/resources/32bq0/login/primobox/js/script.js

Requested by

Host: authentification.primobox.net
URL: https://authentification.primobox.net/auth/realms/primobox-prod/protocol/openid-connect/auth?response_type=code&client_id=rh&scope=openid&state=-bECe48Zsp8Rl6biHmRPYsU12bWqNYM2opgSY5_Yxa8%3D&redirect_uri=https://dematrh.primobox.net/login/oauth2/code/dematrh&nonce=hmBtEuh_1lmP0jDgNsP2oMICLRYH5plNNoyYdaVXbtA&code_challenge=z7mZ1hfKPSviSCs2DIiPwvaB6c1qbU2SBasR8gbZC5g&code_challenge_method=S256

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

164.138.245.249 Clermont-Ferrand, France, ASN58011 (CHEOPS-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 09:43:58 GMT
x-content-type-options: nosniff, nosniff
referrer-policy: no-referrer
server: Apache
content-type: application/javascript
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 AdobeStock_197019603.jpeg
authentification.primobox.net/auth/resources/32bq0/login/primobox/img/ 168 KB
157 KB 113ms
113ms Image
image/jpeg 164.138.245.249
CHEOPS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentification.primobox.net/auth/resources/32bq0/login/primobox/img/AdobeStock_197019603.jpeg

Requested by

Host: authentification.primobox.net
URL: https://authentification.primobox.net/auth/resources/32bq0/login/primobox/css/style.css

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

164.138.245.249 Clermont-Ferrand, France, ASN58011 (CHEOPS-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

017697e16b3505e5fef708ee2609886b39c764c524d644a2ac23e61b6e9317bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
referrer-policy: no-referrer
server: Apache
date: Fri, 05 Jan 2024 09:43:58 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 logo_dematrh_white.svg
authentification.primobox.net/auth/resources/32bq0/login/primobox/img/ 4 KB
2 KB 76ms
75ms Image
image/svg+xml 164.138.245.249
CHEOPS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentification.primobox.net/auth/resources/32bq0/login/primobox/img/logo_dematrh_white.svg

Requested by

Host: authentification.primobox.net
URL: https://authentification.primobox.net/auth/resources/32bq0/login/primobox/css/style.css

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

164.138.245.249 Clermont-Ferrand, France, ASN58011 (CHEOPS-AS, FR),

Reverse DNS

Software

Apache /

Resource Hash

401c7c46571e034e480f0e0eb61131aff803af25f9828719054d4b15b1853e88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
referrer-policy: no-referrer
server: Apache
date: Fri, 05 Jan 2024 09:43:58 GMT
content-type: image/svg+xml
cache-control: max-age=2592000
content-length: 1914
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
authentification.primobox.net/auth/realms/primobox-prod/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: d0017886-0a8a-48fb-9072-85da0eba79ca.641a58fc6023-35239
authentification.primobox.net/auth/realms/primobox-prod/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: d0017886-0a8a-48fb-9072-85da0eba79ca.641a58fc6023-35239
authentification.primobox.net/auth/realms/primobox-prod/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI3MjMwMTRiYy1jMGZiLTQ5NTItYjFhMi04ZTlmNTc4N2U4OWQifQ.eyJjaWQiOiJyaCIsInB0eSI6Im9wZW5pZC1jb25uZWN0IiwicnVyaSI6Imh0dHBzOi8vZGVtYXRyaC5wcmltb2JveC5uZXQvbG9naW4vb2F1dGgyL2NvZGUvZGVtYXRyaCIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9hdXRoZW50aWZpY2F0aW9uLnByaW1vYm94Lm5ldC9hdXRoL3JlYWxtcy9wcmltb2JveC1wcm9kIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJjb2RlX2NoYWxsZW5nZV9tZXRob2QiOiJTMjU2IiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9kZW1hdHJoLnByaW1vYm94Lm5ldC9sb2dpbi9vYXV0aDIvY29kZS9kZW1hdHJoIiwic3RhdGUiOiItYkVDZTQ4WnNwOFJsNmJpSG1SUFlzVTEyYldxTllNMm9wZ1NZNV9ZeGE4PSIsIm5vbmNlIjoiaG1CdEV1aF8xbG1QMGpEZ05zUDJvTUlDTFJZSDVwbE5Ob3lZZGFWWGJ0QSIsImNvZGVfY2hhbGxlbmdlIjoiejdtWjFoZktQU3ZpU0NzMkRJaVB3dmFCNmMxcWJVMlNCYXNSOGdiWkM1ZyJ9fQ.BRhFRH6WDV92N1h5N-LXuVfpySHgcPyat0BlKUKtbWA
dematrh.primobox.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: A6FCD106C56E3C46FE2BC000803EBD5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://authentification.primobox.net/auth/resources/32bq0/login/primobox/js/script.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

authentification.primobox.net
dematrh.primobox.net
164.138.245.131
164.138.245.249
017697e16b3505e5fef708ee2609886b39c764c524d644a2ac23e61b6e9317bb
32198f848a26eb714d414790c2d1228b1c46064dc87b8df2c9471c0b7a9172f5
401c7c46571e034e480f0e0eb61131aff803af25f9828719054d4b15b1853e88
558b8d41d187406963c842c942fc13f5483c9b0d6f4cc0539f2586d51255e276

authentification.primobox.net Open in urlscan Pro 164.138.245.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

164 kBTransfer

187 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

4 Cookies

1 Console Messages

Security Headers

Indicators

authentification.primobox.net Open in urlscan Pro
164.138.245.249 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

164 kB
Transfer

187 kB
Size

4
Cookies

5 HTTP transactions
0 data transactions