orion.cerema.fr Open in urlscan Pro
192.93.225.46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nova.cerema.fr/
Effective URL:
https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?session_code=B1aKsqpK4ninTc9AUKfVjn4-MTcDRj7Ks...
Submission: On May 27 via api (May 27th 2024, 10:02:57 pm UTC) from US — Scanned from FR

Summary HTTP 25 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 25 HTTP transactions. The main IP is 192.93.225.46, located in France and belongs to CELESTE-AS CELESTE - Internet services provider, FR. The main domain is orion.cerema.fr.
TLS certificate: Issued by Gandi RSA Domain Validation Secure Se... on October 13th 2023. Valid for: a year.

This is the only time orion.cerema.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:4b98:e01... 2001:4b98:e01::38	29169 (GANDI-AS ...) (GANDI-AS Domain name registrar - www.gandi.net)
2 4	185.204.120.141 185.204.120.141	205845 (PLANISWARE) (PLANISWARE)
1 23	192.93.225.46 192.93.225.46	34177 (CELESTE-A...) (CELESTE-AS CELESTE - Internet services provider)
25	3

1 2001:4b98:e01::38 (France) 1 redirects

ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR)

nova.cerema.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.204.120.141 (France) 2 redirects

ASN205845 (PLANISWARE, FR)

cerema.orchestra-ppm.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 192.93.225.46 (France) 1 redirects

ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR)

orion.cerema.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	cerema.fr 2 redirects nova.cerema.fr orion.cerema.fr	1 MB
4	orchestra-ppm.cloud 2 redirects cerema.orchestra-ppm.cloud	5 KB
25	2

	Domain	Requested by
23	orion.cerema.fr	1 redirects orion.cerema.fr
4	cerema.orchestra-ppm.cloud	2 redirects
1	nova.cerema.fr	1 redirects
25	3

This site contains links to these domains. Also see Links.

Domain
agentconnect.gouv.fr
franceconnect.gouv.fr
www.cerema.fr

Subject Issuer	Validity	Valid
*.orchestra-ppm.cloud Gandi RSA Domain Validation Secure Server CA 3	`2023-10-26` - `2024-11-07`	a year	crt.sh
orion.cerema.fr Gandi RSA Domain Validation Secure Server CA 3	`2023-10-13` - `2024-09-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?session_code=B1aKsqpK4ninTc9AUKfVjn4-MTcDRj7Ks7cujvNjZD0&execution=f2489f48-8252-43a2-8c2c-eba48879301b&client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk
Frame ID: B54232F6015F3944CE161B6F9E284BE5
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Se connecter à Orion - Expertises.Territoires

Page URL History Show full URLs

https://nova.cerema.fr/ HTTP 301
https://cerema.orchestra-ppm.cloud/ HTTP 302
https://cerema.orchestra-ppm.cloud/cpms/ HTTP 302
https://cerema.orchestra-ppm.cloud/cpms/public/authentication/saml/v2/authenticate?token=d07a022f-d4f0-4c29-92f... Page URL
https://orion.cerema.fr/auth/realms/CeremaApps/protocol/saml HTTP 302
https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?client_id=https%3A%2F%2Fce... Page URL
https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?session_code=B1aKsqpK4ninT... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

96 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

1285 kB
Transfer

1998 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://agentconnect.gouv.fr/
Title: Qu'est-ce-que AgentConnect ?

Search URL Search Domain Scan URL

URL: https://franceconnect.gouv.fr/
Title: Qu'est-ce-que FranceConnect ?

Search URL Search Domain Scan URL

URL: https://www.cerema.fr/
Title: Cerema.

Search URL Search Domain Scan URL

URL: https://www.cerema.fr/mentions-legales
Title: mentions légales

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nova.cerema.fr/ HTTP 301
https://cerema.orchestra-ppm.cloud/ HTTP 302
https://cerema.orchestra-ppm.cloud/cpms/ HTTP 302
https://cerema.orchestra-ppm.cloud/cpms/public/authentication/saml/v2/authenticate?token=d07a022f-d4f0-4c29-92f9-c231c89502cc Page URL
https://orion.cerema.fr/auth/realms/CeremaApps/protocol/saml HTTP 302
https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk Page URL
https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?session_code=B1aKsqpK4ninTc9AUKfVjn4-MTcDRj7Ks7cujvNjZD0&execution=f2489f48-8252-43a2-8c2c-eba48879301b&client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://nova.cerema.fr/ HTTP 301
https://cerema.orchestra-ppm.cloud/ HTTP 302
https://cerema.orchestra-ppm.cloud/cpms/ HTTP 302
https://cerema.orchestra-ppm.cloud/cpms/public/authentication/saml/v2/authenticate?token=d07a022f-d4f0-4c29-92f9-c231c89502cc

Request Chain 1

https://orion.cerema.fr/auth/realms/CeremaApps/protocol/saml HTTP 302
https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk

25 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

authenticate
cerema.orchestra-ppm.cloud/cpms/public/authentication/saml/v2/
Redirect Chain

https://nova.cerema.fr/
https://cerema.orchestra-ppm.cloud/
https://cerema.orchestra-ppm.cloud/cpms/
https://cerema.orchestra-ppm.cloud/cpms/public/authentication/saml/v2/authenticate?token=d07a022f-d4f0-4c29-92f9-c231c89502cc

5 KB
4 KB

75ms
74ms

Document
text/html

185.204.120.141
PLANISWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://cerema.orchestra-ppm.cloud/cpms/public/authentication/saml/v2/authenticate?token=d07a022f-d4f0-4c29-92f9-c231c89502cc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.204.120.141 , France, ASN205845 (PLANISWARE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 3014
Content-Type: text/html;charset=UTF-8
Date: Mon, 27 May 2024 22:02:51 GMT
Expires: 0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff nosniff
X-Frame-Options: SAMEORIGIN DENY
X-XSS-Protection: 1; mode=block 1; mode=block

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Mon, 27 May 2024 22:02:51 GMT
Expires: 0
Location: https://cerema.orchestra-ppm.cloud/cpms/public/authentication/saml/v2/authenticate?token=d07a022f-d4f0-4c29-92f9-c231c89502cc
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2

401

authenticate
orion.cerema.fr/auth/realms/CeremaApps/login-actions/
Redirect Chain

https://orion.cerema.fr/auth/realms/CeremaApps/protocol/saml
https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk

647 B
993 B

34ms
33ms

Document
text/html

192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: https://cerema.orchestra-ppm.cloud
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-length: 647
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=UTF-8
referrer-policy: no-referrer
strict-transport-security: max-age=31536000
www-authenticate: Negotiate
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
location: https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk
referrer-policy: no-referrer
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H/1.1 404
Not Found favicon.ico
cerema.orchestra-ppm.cloud/ 74 B
402 B 64ms
63ms Other
text/html 185.204.120.141
PLANISWARE

General

Check archive.org

Show headers Download Go to

Full URL

https://cerema.orchestra-ppm.cloud/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.204.120.141 , France, ASN205845 (PLANISWARE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cerema.orchestra-ppm.cloud/cpms/public/authentication/saml/v2/authenticate?token=d07a022f-d4f0-4c29-92f9-c231c89502cc
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 27 May 2024 22:02:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/html
Content-Length: 79
X-XSS-Protection: 1; mode=block

POST
H2 200 Primary Request authenticate Show response
orion.cerema.fr/auth/realms/CeremaApps/login-actions/ 13 KB
14 KB 99ms
98ms Document
text/html 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?session_code=B1aKsqpK4ninTc9AUKfVjn4-MTcDRj7Ks7cujvNjZD0&execution=f2489f48-8252-43a2-8c2c-eba48879301b&client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

d4b77ef6fbb338181f7a2d8eb6405e141cfeea18e2fa91f2b7e981cba114dd33

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-language: fr
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
referrer-policy: no-referrer
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 404 favicon.ico
orion.cerema.fr/ 53 B
120 B 71ms
70ms Other
text/html 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-length: 53
content-type: text/html; charset=utf-8

GET
H2 200 patternfly.css
orion.cerema.fr/auth/resources/n35yp/login/orion/node_modules/patternfly/dist/css/ 217 KB
34 KB 70ms
68ms Stylesheet
text/css 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/node_modules/patternfly/dist/css/patternfly.css

Requested by

Host: orion.cerema.fr
URL: https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?session_code=B1aKsqpK4ninTc9AUKfVjn4-MTcDRj7Ks7cujvNjZD0&execution=f2489f48-8252-43a2-8c2c-eba48879301b&client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

6274e97588ea24e54010c6657bf49ef9f1b40858bcde5e2338afb79a7546e667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8

GET
H2 200 patternfly-additions.css
orion.cerema.fr/auth/resources/n35yp/login/orion/node_modules/patternfly/dist/css/ 257 KB
34 KB 86ms
85ms Stylesheet
text/css 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/node_modules/patternfly/dist/css/patternfly-additions.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

2d1a385e98a7ed423b016472290eed31aca521035a10452de872d5de51841559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8

GET zocial.css
orion.cerema.fr/auth/resources/n35yp/login/orion/lib/zocial/ 0
0

GET
H2 200 font-awesome.min.css
orion.cerema.fr/auth/resources/n35yp/login/orion/fonts/font-awesome-4.7.0/css/ 30 KB
7 KB 85ms
84ms Stylesheet
text/css 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/fonts/font-awesome-4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 7050
x-xss-protection: 1; mode=block

GET
H2 200 util.css
orion.cerema.fr/auth/resources/n35yp/login/orion/css/ 108 KB
14 KB 132ms
131ms Stylesheet
text/css 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/css/util.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

cc802af27d9d3d6a639373198541a871134a5cd14d24dee591bd14ca28cfe64d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: text/css;charset=UTF-8

GET
H2 200 main.css
orion.cerema.fr/auth/resources/n35yp/login/orion/css/ 18 KB
3 KB 92ms
91ms Stylesheet
text/css 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/css/main.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

f21389f6e1a8f478f648597d65d7072a1bbe76c3b08457456e5beec477e06d32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 3096
x-xss-protection: 1; mode=block

GET
H2 200 bamboo.css
orion.cerema.fr/auth/resources/n35yp/login/orion/css/ 4 KB
1 KB 108ms
107ms Stylesheet
text/css 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/css/bamboo.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

89dd81f094261ad44a72741b08478098cfa863fe700f690d3133053a201be407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 1127
x-xss-protection: 1; mode=block

GET
H2 200 bamboo.js Show response
orion.cerema.fr/auth/resources/n35yp/login/orion/js/ 39 KB
5 KB 93ms
92ms Script
text/javascript 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/js/bamboo.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

e0b03320b9cba2207eee13c1aee1230baf85d5f71b8467c2317db077d1f52394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
content-length: 5261
x-xss-protection: 1; mode=block

GET
H2 200 logo.png
orion.cerema.fr/auth/resources/n35yp/login/orion/images/ 46 KB
46 KB 108ms
107ms Image
image/png 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/images/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

9ac45fc9c3aef145b229d92a722e08b846cc04ca8be6b3aa3129e7dba2e7d45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-type: image/png

GET
H2 200 jquery-3.2.1.min.js Show response
orion.cerema.fr/auth/resources/n35yp/login/orion/vendor/jquery/ 85 KB
30 KB 107ms
107ms Script
text/javascript 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/vendor/jquery/jquery-3.2.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: text/javascript;charset=UTF-8

GET
H2 200 main.js Show response
orion.cerema.fr/auth/resources/n35yp/login/orion/js/ 2 KB
768 B 74ms
74ms Script
text/javascript 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

d036e2c78449567d5217a7684285a54919522c71468f014a8662ba32bbde3095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
content-length: 579
x-xss-protection: 1; mode=block

GET
H2 200 bg-login.jpg
orion.cerema.fr/auth/resources/n35yp/login/orion/node_modules/patternfly/dist/img/ 47 KB
47 KB 104ms
101ms Image
image/jpeg 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/node_modules/patternfly/dist/img/bg-login.jpg

Requested by

Host: orion.cerema.fr
URL: https://orion.cerema.fr/auth/resources/n35yp/login/orion/node_modules/patternfly/dist/css/patternfly-additions.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

0ccfbfeb715ec5990cb233658f966dcde83526c5626c302b67eb18d6984c3ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-type: image/jpeg

GET
H2 200 agentconnect-btn-principal.svg
orion.cerema.fr/auth/resources/n35yp/login/orion/images/ 32 KB
12 KB 106ms
103ms Image
image/svg+xml 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/images/agentconnect-btn-principal.svg

Requested by

Host: orion.cerema.fr
URL: https://orion.cerema.fr/auth/resources/n35yp/login/orion/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

03dc9f90db4bde5c6043bdd5669b89d98b7a02699e8fc271a630914bd4a0c664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: image/svg+xml

GET
H2 200 franceconnect-btn.svg
orion.cerema.fr/auth/resources/n35yp/login/orion/images/ 33 KB
13 KB 105ms
102ms Image
image/svg+xml 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/images/franceconnect-btn.svg

Requested by

Host: orion.cerema.fr
URL: https://orion.cerema.fr/auth/resources/n35yp/login/orion/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

eb21e38ca740211d52a25a3a68d0aa0ca66aaf67d01378a9ea32092a62d30931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: image/svg+xml

GET
H2 200 bg-01.jpg
orion.cerema.fr/auth/resources/n35yp/login/orion/images/ 423 KB
424 KB 104ms
101ms Image
image/jpeg 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/images/bg-01.jpg

Requested by

Host: orion.cerema.fr
URL: https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?execution=5cc8148c-16c0-4f26-8083-7d4b22e66916&client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

7a505176b0a4e98311ddee546ab4281784cde718b8437eb28ca90d1d3b8eeafd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?execution=5cc8148c-16c0-4f26-8083-7d4b22e66916&client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-type: image/jpeg

GET
H2 200 bg-02.jpg
orion.cerema.fr/auth/resources/n35yp/login/orion/images/ 448 KB
449 KB 135ms
132ms Image
image/jpeg 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/images/bg-02.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

2f095840e50d4f7fa6f8b2be5991b6485391ac6abbd8de3d4d768bdd12ad7795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?execution=5cc8148c-16c0-4f26-8083-7d4b22e66916&client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-type: image/jpeg

GET
H2 200 Titillium-Regular.otf
orion.cerema.fr/auth/resources/n35yp/login/orion/fonts/Titillium/ 56 KB
35 KB 107ms
106ms Font
application/octet-stream 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/fonts/Titillium/Titillium-Regular.otf

Requested by

Host: orion.cerema.fr
URL: https://orion.cerema.fr/auth/resources/n35yp/login/orion/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

c9f7fbe2d1605f95147de5fa20eae564c1d135688a6c43337f96eaca4a608704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://orion.cerema.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: application/octet-stream

GET
H2 200 Titillium-Semibold.otf
orion.cerema.fr/auth/resources/n35yp/login/orion/fonts/Titillium/ 57 KB
35 KB 107ms
106ms Font
application/octet-stream 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/fonts/Titillium/Titillium-Semibold.otf

Requested by

Host: orion.cerema.fr
URL: https://orion.cerema.fr/auth/resources/n35yp/login/orion/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

730bd7d0a76ba59216aa9e727657210faeaba2ca4dfd0804703e3368b0d49069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://orion.cerema.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: application/octet-stream

GET
H2 200 fontawesome-webfont.woff2
orion.cerema.fr/auth/resources/n35yp/login/orion/fonts/font-awesome-4.7.0/fonts/ 75 KB
76 KB 106ms
106ms Font
application/octet-stream 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/fonts/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: orion.cerema.fr
URL: https://orion.cerema.fr/auth/resources/n35yp/login/orion/fonts/font-awesome-4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://orion.cerema.fr
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: application/octet-stream

GET
DATA 200
OK truncated
/ 166 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdf5a2267c77ab16fc7e6dec2e05420287c14f32ce0e704bab68e51033a5cb30

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d08f6108473d090bb1525159f015239241d90914f9638b5d7e08d0eb1167931

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 favicon.ico
orion.cerema.fr/auth/resources/n35yp/login/orion/images/icons/ 1 KB
1003 B 116ms
115ms Other
application/octet-stream 192.93.225.46
Internet services...

General

Check archive.org

Show headers Download Go to

Full URL

https://orion.cerema.fr/auth/resources/n35yp/login/orion/images/icons/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.93.225.46 , France, ASN34177 (CELESTE-AS CELESTE - Internet services provider, FR),

Reverse DNS

Software

Resource Hash

d2545fe6f6813f7aafb3bb8eaf2f80b5a93f54b2a41316c6d2f3f164afff276e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
content-type: application/octet-stream
cache-control: max-age=2592000
content-length: 819
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: orion.cerema.fr
URL: https://orion.cerema.fr/auth/resources/n35yp/login/orion/lib/zocial/zocial.css

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
orion.cerema.fr/auth/realms/CeremaApps/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 6354138e-678d-4a38-b8bc-0e6200b82c04.dsso04p-22197
orion.cerema.fr/auth/realms/CeremaApps/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 6354138e-678d-4a38-b8bc-0e6200b82c04.dsso04p-22197
orion.cerema.fr/auth/realms/CeremaApps/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI1ODIzODc1Mi01YmQwLTQ0M2QtYWRhZC00M2FmZDZmYjAxYTUifQ.eyJjaWQiOiJodHRwczovL2NlcmVtYS5vcmNoZXN0cmEtcHBtLmNsb3VkL2NwbXMvIiwicHR5Ijoic2FtbCIsInJ1cmkiOiJodHRwczovL2NlcmVtYS5vcmNoZXN0cmEtcHBtLmNsb3VkL2NwbXMvcHVibGljL2F1dGhlbnRpY2F0aW9uL3NhbWwvdjIvY2FsbGJhY2s_Y2xpZW50X25hbWU9TXlTQU1MMkNsaWVudCIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7IlJlbGF5U3RhdGUiOiJodHRwczovL2NlcmVtYS5vcmNoZXN0cmEtcHBtLmNsb3VkL2NwbXMvcHVibGljL2F1dGhlbnRpY2F0aW9uL3NhbWwvdjIvY2FsbGJhY2s_Y2xpZW50X25hbWU9TXlTQU1MMkNsaWVudCIsIlNBTUxfUkVRVUVTVF9JRCI6Il85YTJlMTkzZmFiNWI0OTU2OGI0MjdkOWVhMDk5OGQwMTgxMWFhMjMiLCJzYW1sX2JpbmRpbmciOiJwb3N0In19.mzIWniybC9M22D7vgbeiTURnXJOM63noou_4U5VNWzY
cerema.orchestra-ppm.cloud/cpms	1969-12-31 23:59:59	Name: JSESSIONID Value: xg4oWlRmF_ZHjg6EhSnyGfjbzsR6Gwm0z1dVtASG.nqi
.cerema.orchestra-ppm.cloud/	1969-12-31 23:59:59	Name: pac4jCsrfToken Value: c968f772-45ef-449d-acce-b9f00dd14a9b
orion.cerema.fr/	1969-12-31 23:59:59	Name: SERVERID Value: s2

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cerema.orchestra-ppm.cloud/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://orion.cerema.fr/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://orion.cerema.fr/auth/realms/CeremaApps/login-actions/authenticate?session_code=B1aKsqpK4ninTc9AUKfVjn4-MTcDRj7Ks7cujvNjZD0&execution=f2489f48-8252-43a2-8c2c-eba48879301b&client_id=https%3A%2F%2Fcerema.orchestra-ppm.cloud%2Fcpms%2F&tab_id=lCTxnOEczYk Message: Refused to apply style from 'https://orion.cerema.fr/auth/resources/n35yp/login/orion/lib/zocial/zocial.css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cerema.orchestra-ppm.cloud
nova.cerema.fr
orion.cerema.fr
orion.cerema.fr
185.204.120.141
192.93.225.46
2001:4b98:e01::38
03dc9f90db4bde5c6043bdd5669b89d98b7a02699e8fc271a630914bd4a0c664
0ccfbfeb715ec5990cb233658f966dcde83526c5626c302b67eb18d6984c3ae8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d1a385e98a7ed423b016472290eed31aca521035a10452de872d5de51841559
2f095840e50d4f7fa6f8b2be5991b6485391ac6abbd8de3d4d768bdd12ad7795
5d08f6108473d090bb1525159f015239241d90914f9638b5d7e08d0eb1167931
6274e97588ea24e54010c6657bf49ef9f1b40858bcde5e2338afb79a7546e667
730bd7d0a76ba59216aa9e727657210faeaba2ca4dfd0804703e3368b0d49069
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a505176b0a4e98311ddee546ab4281784cde718b8437eb28ca90d1d3b8eeafd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89dd81f094261ad44a72741b08478098cfa863fe700f690d3133053a201be407
9ac45fc9c3aef145b229d92a722e08b846cc04ca8be6b3aa3129e7dba2e7d45e
bdf5a2267c77ab16fc7e6dec2e05420287c14f32ce0e704bab68e51033a5cb30
c9f7fbe2d1605f95147de5fa20eae564c1d135688a6c43337f96eaca4a608704
cc802af27d9d3d6a639373198541a871134a5cd14d24dee591bd14ca28cfe64d
d036e2c78449567d5217a7684285a54919522c71468f014a8662ba32bbde3095
d2545fe6f6813f7aafb3bb8eaf2f80b5a93f54b2a41316c6d2f3f164afff276e
d4b77ef6fbb338181f7a2d8eb6405e141cfeea18e2fa91f2b7e981cba114dd33
e0b03320b9cba2207eee13c1aee1230baf85d5f71b8467c2317db077d1f52394
eb21e38ca740211d52a25a3a68d0aa0ca66aaf67d01378a9ea32092a62d30931
f21389f6e1a8f478f648597d65d7072a1bbe76c3b08457456e5beec477e06d32

orion.cerema.fr Open in urlscan Pro 192.93.225.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

96 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

3 IPs

1 Countries

1285 kBTransfer

1998 kBSize

6 Cookies

4 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

orion.cerema.fr Open in urlscan Pro
192.93.225.46 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

96 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

1285 kB
Transfer

1998 kB
Size

6
Cookies

25 HTTP transactions
2 data transactions