keycloak.ice.ri.se
Open in
urlscan Pro
213.21.96.180
Public Scan
Effective URL: https://keycloak.ice.ri.se/auth/realms/rise/protocol/openid-connect/auth?client_id=discourse&nonce=474a763737494d1a6d4a017a...
Submission Tags: phishingrod
Submission: On May 03 via api from DE — Scanned from SE
Summary
TLS certificate: Issued by R3 on April 3rd 2023. Valid for: 3 months.
This is the only time keycloak.ice.ri.se was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 11 | 213.21.96.180 213.21.96.180 | 45011 (SE-A3 www...) (SE-A3 www.a3.se) | |
1 | 142.250.186.74 142.250.186.74 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.186.35 142.250.186.35 | 15169 (GOOGLE) (GOOGLE) | |
12 | 3 |
ASN45011 (SE-A3 www.a3.se, SE)
PTR: h213-21-96-180.cust.bredband2.com
discourse.ice.ri.se | |
keycloak.ice.ri.se |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
ri.se
2 redirects
discourse.ice.ri.se keycloak.ice.ri.se |
664 KB |
2 |
gstatic.com
fonts.gstatic.com |
46 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119 |
1002 B |
12 | 3 |
Domain | Requested by | |
---|---|---|
9 | keycloak.ice.ri.se |
keycloak.ice.ri.se
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | discourse.ice.ri.se | 2 redirects |
1 | fonts.googleapis.com |
keycloak.ice.ri.se
|
12 | 4 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
keycloak.ice.ri.se R3 |
2023-04-03 - 2023-07-02 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-04-17 - 2023-07-10 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-04-17 - 2023-07-10 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://keycloak.ice.ri.se/auth/realms/rise/protocol/openid-connect/auth?client_id=discourse&nonce=474a763737494d1a6d4a017af6e2a08b5083e98da3f49b18df03e59378e8a7a4&redirect_uri=https%3A%2F%2Fdiscourse.ice.ri.se%2Fauth%2Foidc%2Fcallback&response_type=code&scope=openid+email&state=4e511ab81e1f95ac55b5bc157b045afad42258a2b6f40196
Frame ID: 052028336483E9950AB8E7DC19F5639A
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
ICE ConnectPage URL History Show full URLs
-
https://discourse.ice.ri.se/
HTTP 302
https://discourse.ice.ri.se/auth/oidc HTTP 302
https://keycloak.ice.ri.se/auth/realms/rise/protocol/openid-connect/auth?client_id=discourse&nonce=474a... Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: ICE Connect
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://discourse.ice.ri.se/
HTTP 302
https://discourse.ice.ri.se/auth/oidc HTTP 302
https://keycloak.ice.ri.se/auth/realms/rise/protocol/openid-connect/auth?client_id=discourse&nonce=474a763737494d1a6d4a017af6e2a08b5083e98da3f49b18df03e59378e8a7a4&redirect_uri=https%3A%2F%2Fdiscourse.ice.ri.se%2Fauth%2Foidc%2Fcallback&response_type=code&scope=openid+email&state=4e511ab81e1f95ac55b5bc157b045afad42258a2b6f40196 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
auth
keycloak.ice.ri.se/auth/realms/rise/protocol/openid-connect/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 1002 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patternfly.min.css
keycloak.ice.ri.se/auth/resources/a2ykz/login/rise/node_modules/patternfly/dist/css/ |
178 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patternfly-additions.min.css
keycloak.ice.ri.se/auth/resources/a2ykz/login/rise/node_modules/patternfly/dist/css/ |
220 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zocial.css
keycloak.ice.ri.se/auth/resources/a2ykz/login/rise/lib/zocial/ |
43 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
keycloak.ice.ri.se/auth/resources/a2ykz/login/rise/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RISE_logo.svg
keycloak.ice.ri.se/auth/resources/a2ykz/login/rise/img/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ICE_logo.png
keycloak.ice.ri.se/auth/resources/a2ykz/login/rise/img/ |
483 KB 484 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-login.jpg
keycloak.ice.ri.se/auth/resources/a2ykz/login/rise/node_modules/patternfly/dist/img/ |
47 KB 47 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Code-Pro-Bold-LC.otf
keycloak.ice.ri.se/auth/resources/a2ykz/login/rise/fonts/ |
66 KB 40 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
keycloak.ice.ri.se/auth/realms/rise/ | Name: AUTH_SESSION_ID Value: da58a3b5-2f16-49c6-a4df-20b3fe6ede7c.keycloak |
|
keycloak.ice.ri.se/auth/realms/rise/ | Name: AUTH_SESSION_ID_LEGACY Value: da58a3b5-2f16-49c6-a4df-20b3fe6ede7c.keycloak |
|
keycloak.ice.ri.se/auth/realms/rise/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIyZGM3MWI5Ny02MjVjLTQ4MWUtYWMwMS1jNzM1ZTliODRiZTgifQ.eyJjaWQiOiJkaXNjb3Vyc2UiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL2Rpc2NvdXJzZS5pY2Uucmkuc2UvYXV0aC9vaWRjL2NhbGxiYWNrIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQgZW1haWwiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLmljZS5yaS5zZS9hdXRoL3JlYWxtcy9yaXNlIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2Rpc2NvdXJzZS5pY2Uucmkuc2UvYXV0aC9vaWRjL2NhbGxiYWNrIiwic3RhdGUiOiI0ZTUxMWFiODFlMWY5NWFjNTViNWJjMTU3YjA0NWFmYWQ0MjI1OGEyYjZmNDAxOTYiLCJub25jZSI6IjQ3NGE3NjM3Mzc0OTRkMWE2ZDRhMDE3YWY2ZTJhMDhiNTA4M2U5OGRhM2Y0OWIxOGRmMDNlNTkzNzhlOGE3YTQifX0.JI08ooY_-D10P2fgBvv7Kl77AkdNcZX0mbw8iW3AGTY |
|
discourse.ice.ri.se/ | Name: destination_url Value: https%3A%2F%2Fdiscourse.ice.ri.se%2F |
|
discourse.ice.ri.se/ | Name: _forum_session Value: bGRrSVZFTVJIRk51ei8zNEh1SUcvc2crZ2dubTFGZzhlL0JTMzhNTXBNRldXUWZEMDFJTHdGbG9LRnZZZytSRFN3OXV4THZRVzBiZU4zMExFcS93SjA1UEZBTHk2UTh0UHNaRTR2bjV6dFNaMDhJY2x3TktYTFlxZnBwVjJuRzVXaWc0QjdQNFh0Vm5RU2RZV0xqNy83OVZqRXdaM1FsMWRJTU5CWFdWQ3FRY0pleWNzUHhYcmlGbHFUZktBTjBWSkpyMlMxamcvMURGSURDK0pPem4wWE84eVp4M1VFQmpmZkVrd0NMVWV3YXFRWWE0U2E1Y1hiZ3VyTm92WVpVY1JuTXVMMWRCMnp0NGJmTUtIZlBnYVUxRlJxUENwVG1xby9IQXZzM1VzeG1lM0xranM1SUNlek9HUzdOOUtzbDh4Z1BzVEZueTNSc1Q2bFZNamY5WUxLN2toMmRsaFhHMlpqUzI3S2NSeE1MSUEvK3pINCtLZ1VwU3ZEbHhSZCs1LS1lK2ZQbHcxVU1PbHlWOHNkM25qaXl3PT0%3D--9c4ce05d7061d3da65296b3cd27a7ed176fb8293 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-src 'self' https://www.google.com; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | ALLOW-FROM https://www.google.com |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
discourse.ice.ri.se
fonts.googleapis.com
fonts.gstatic.com
keycloak.ice.ri.se
142.250.186.35
142.250.186.74
213.21.96.180
0ccfbfeb715ec5990cb233658f966dcde83526c5626c302b67eb18d6984c3ae8
12b7d70a4dac26e5d6af864e9c66304b7d81cde9dc6cd2abf812de8f61c3ce54
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
8431239187ca9c32288b248f106a6df74356ec1283dbde984f02f85db6d3aed9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a5654f85b8a5b3ee555abad84f0ee39485d8d97676ab6e1797eb0ab49824924
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
b6c15ae0abecff252b944e0f436b0d72533962ba57393b74bc5b2384515fa770
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
bf7779c2d29e179b1c66f0487c2b31415daa9d9c9aa056175c08ee5596a8a649
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
e15302a01ad1cbddb3fd77751a26111fb6dfa8d505b96285adffd49113337502