logon.colruytgroup.com

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 91.231.109.238, located in Belgium and belongs to INFOCO-COLRUYT-AS, BE. The main domain is logon.colruytgroup.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on September 14th 2022. Valid for: a year.

This is the only time logon.colruytgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:4700::68... 2606:4700::6810:191b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	91.231.109.238 91.231.109.238	25428 (INFOCO-CO...) (INFOCO-COLRUYT-AS)
6	2

4 2606:4700::6810:191b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

colruyt.cadency.trintech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.231.109.238 (Belgium) 1 redirects

ASN25428 (INFOCO-COLRUYT-AS, BE)

logon.colruytgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	colruytgroup.com 1 redirects logon.colruytgroup.com	15 KB
4	trintech.com 1 redirects colruyt.cadency.trintech.com	84 KB
6	2

	Domain	Requested by
4	logon.colruytgroup.com	1 redirects logon.colruytgroup.com
4	colruyt.cadency.trintech.com	1 redirects colruyt.cadency.trintech.com
6	2

This site contains no links.

Subject Issuer	Validity	Valid
*.cadency.trintech.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-26` - `2023-08-23`	a year	crt.sh
*.colruytgroup.com GlobalSign RSA OV SSL CA 2018	`2022-09-14` - `2023-10-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://logon.colruytgroup.com/mga/sps/auth
Frame ID: F13703E41FA2A744A16D4CC3D1ECAC75
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Access Denied

Page URL History Show full URLs

https://colruyt.cadency.trintech.com/ Page URL
https://colruyt.cadency.trintech.com/CadencyOAuth/SSO/Login HTTP 302
https://logon.colruytgroup.com/mga/sps/SAML-default/saml20/login?SAMLRequest=fZLNbuowEIVfJfLecZKmCCxAoqCqSL... HTTP 302
https://logon.colruytgroup.com/mga/sps/auth Page URL

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

97 kB
Transfer

225 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://colruyt.cadency.trintech.com/ Page URL
https://colruyt.cadency.trintech.com/CadencyOAuth/SSO/Login HTTP 302
https://logon.colruytgroup.com/mga/sps/SAML-default/saml20/login?SAMLRequest=fZLNbuowEIVfJfLecZKmCCxAoqCqSL1tVGgX3VTGmYAlx8712O3l7a8T6N%2BiXXo058x3ZjxF0eqOL4I%2FmAf4GwB9sl7NyAuUl40YFzuawfiClqMM6HhyMaG7SZ3X9eiyKScFSZ7AobJmRoo0I8kaMcDaoBfGx1JWFDTPaVFs85KXI57naZaVzyRZxSnKCD8oD953yBnTdm9NKq124ej3zoYuPlrW7gXDDtlm8eeW1tCIoD3roYuslyhDkmvrJAwJZqQRGqEnqQSieoWPSuWst9H9Splamf2MBGe4FaiQG9ECci95P4PHJHx3akJ%2Bs91WtLrfbEmyQATXIy%2BtwdCC24B7VRIeH24%2FQ5zxUylqMPKYeqeMB3kYoixPxfsedcjDfvIkyb9WG%2BTDcX5H7c65yHzad%2FPhBu6L%2Fne5eCcg8zPeppqyL04n247fRel6VVmt5LHfeCv8z855mg8VVdNmaOXBYAdSNQrquEqt7dvSgfDxPt6FmJfNT1O%2Ff8X5fw%3D%3D HTTP 302
https://logon.colruytgroup.com/mga/sps/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
colruyt.cadency.trintech.com/ 650 B
923 B 227ms
107ms Document
text/html 2606:4700::6810:191b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://colruyt.cadency.trintech.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:191b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2c5492896637baa249ae45a766293bbd77a4986c60f55755fcbafb41d6a61e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 76e273fbfcbc5b26-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 22 Nov 2022 14:46:10 GMT
last-modified: Wed, 06 Oct 2021 11:11:00 GMT
server: cloudflare
server-timing: dtSInfo;desc="0", dtRpid;desc="-1265079880"
strict-transport-security: max-age=157680000
x-oneagent-js-injection: true
x-powered-by: ASP.NET
x-ruxit-js-agent: true

GET
H2 200 ruxitagentjs_ICA2NVfgqru_10253221019152312.js Show response
colruyt.cadency.trintech.com/ 213 KB
82 KB 131ms
131ms Script
text/javascript 2606:4700::6810:191b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://colruyt.cadency.trintech.com/ruxitagentjs_ICA2NVfgqru_10253221019152312.js

Requested by

Host: colruyt.cadency.trintech.com
URL: https://colruyt.cadency.trintech.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:191b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

47bcd0ba00c52847a5f08847c4b2fa0bfee63f896d3f62f1f4885c1ea05027ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://colruyt.cadency.trintech.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 14:46:10 GMT
content-encoding: gzip
strict-transport-security: max-age=157680000
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
server: cloudflare
cf-cache-status: MISS
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76e273fcbdf35b26-FRA
content-length: 83809
expires: Wed, 22 Nov 2023 14:46:10 GMT

POST
H2 200 rb_bf31319pin
colruyt.cadency.trintech.com/ 118 B
209 B 106ms
106ms Ping
text/plain 2606:4700::6810:191b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://colruyt.cadency.trintech.com/rb_bf31319pin?type=js3&sn=v_4_srv_9_sn_28CAD75D2BD3B0B314E6928E47ED1C1C_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1&svrid=9&flavor=post&vi=AUFMGMDFFCFTFEFHKPLDNJRVAHSFABIA-0&modifiedSince=1669090708768&rf=https%3A%2F%2Fcolruyt.cadency.trintech.com%2F&bp=3&app=ea7c4b59f27d43eb&crc=4061230731&en=eqsr0v4b&end=1

Requested by

Host: colruyt.cadency.trintech.com
URL: https://colruyt.cadency.trintech.com/ruxitagentjs_ICA2NVfgqru_10253221019152312.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:191b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://colruyt.cadency.trintech.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 22 Nov 2022 14:46:10 GMT
strict-transport-security: max-age=157680000
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
content-type: text/plain; charset=utf-8
cf-ray: 76e273fde80e5b26-FRA

GET
H/1.1

200
OK

Primary Request auth Show response
logon.colruytgroup.com/mga/sps/
Redirect Chain

https://colruyt.cadency.trintech.com/CadencyOAuth/SSO/Login
https://logon.colruytgroup.com/mga/sps/SAML-default/saml20/login?SAMLRequest=fZLNbuowEIVfJfLecZKmCCxAoqCqSL1tVGgX3VTGmYAlx8712O3l7a8T6N%2BiXXo058x3ZjxF0eqOL4I%2FmAf4GwB9sl7NyAuUl40YFzuawfiClqMM6Hhy...
https://logon.colruytgroup.com/mga/sps/auth

965 B
2 KB

38ms
38ms

Document
text/html

91.231.109.238
INFOCO-COLRUYT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://logon.colruytgroup.com/mga/sps/auth

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.231.109.238 , Belgium, ASN25428 (INFOCO-COLRUYT-AS, BE),

Reverse DNS

Software

/

Resource Hash

92d06d20d4a4d51bd8597629be0ad03abfee94768350a6c6b08dd904e9d8f40e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.colruytgroup.com https://.colruyt.int; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://colruyt.cadency.trintech.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Transfer-Encoding: chunked
content-language: en-US
content-security-policy: frame-ancestors 'self' https://*.colruytgroup.com https://*.colruyt.int; upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Tue, 22 Nov 2022 14:46:11 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN

Redirect headers

Transfer-Encoding: chunked
cache-control: no-cache="set-cookie, set-cookie2"
content-language: en-US
content-security-policy: frame-ancestors 'self' https://*.colruytgroup.com https://*.colruyt.int; upgrade-insecure-requests
date: Tue, 22 Nov 2022 14:46:11 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
location: https://logon.colruytgroup.com/mga/sps/auth
p3p: CP="NON CUR OTPi OUR NOR UNI"
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK styles.css
logon.colruytgroup.com/mga/sps/static/ 6 KB
7 KB 37ms
37ms Stylesheet
text/css 91.231.109.238
INFOCO-COLRUYT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://logon.colruytgroup.com/mga/sps/static/styles.css

Requested by

Host: logon.colruytgroup.com
URL: https://logon.colruytgroup.com/mga/sps/auth

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.231.109.238 , Belgium, ASN25428 (INFOCO-COLRUYT-AS, BE),

Reverse DNS

Software

/

Resource Hash

3591d7814633d3863b17348cdf6b7163dbacafe90f3505456c16ef32ed329a3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.colruytgroup.com https://.colruyt.int; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://logon.colruytgroup.com/mga/sps/auth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 14:46:11 GMT
content-security-policy: frame-ancestors 'self' https://*.colruytgroup.com https://*.colruyt.int; upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
Transfer-Encoding: chunked
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-language: en-US
content-type: text/css

GET
H/1.1 200
OK ibm-logo.png
logon.colruytgroup.com/mga/sps/static/ 5 KB
6 KB 79ms
42ms Image
image/png 91.231.109.238
INFOCO-COLRUYT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logon.colruytgroup.com/mga/sps/static/ibm-logo.png

Requested by

Host: logon.colruytgroup.com
URL: https://logon.colruytgroup.com/mga/sps/auth

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.231.109.238 , Belgium, ASN25428 (INFOCO-COLRUYT-AS, BE),

Reverse DNS

Software

/

Resource Hash

dd3f91983d506a83e414ceed2144f6f2ff16df3cae9ebebabb886f951fd014b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://.colruytgroup.com https://.colruyt.int; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://logon.colruytgroup.com/mga/sps/auth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 14:46:11 GMT
content-security-policy: frame-ancestors 'self' https://*.colruytgroup.com https://*.colruyt.int; upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
content-language: en-US
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-type: image/png
content-length: 4861

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.trintech.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_9_sn_28CAD75D2BD3B0B314E6928E47ED1C1C_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1
colruyt.cadency.trintech.com/	1969-12-31 23:59:59	Name: b1pi Value: !DLytyUrlTfP7LA314w0En+lu5m+We3k22ArZqLkgjIClA9v0U6AxaIBOqO4ICWeHLsLvjI41+f1tlQ==
.trintech.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 1669128370810258MQN7O25FKSQI340LEAAHFAVE90J5L
.trintech.com/	1969-12-31 23:59:59	Name: dtLatC Value: 60
.trintech.com/	1969-12-31 23:59:59	Name: rxvt Value: 1669130170826\|1669128370811
.trintech.com/	1969-12-31 23:59:59	Name: dtSa Value: false%7C_load_%7C2%7C_onload_%7C-%7C1669128370826%7C528370807_484%7Chttps%3A%2F%2Fcolruyt.cadency.trintech.com%2F%7C%7C%7C%7C
colruyt.cadency.trintech.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 3kt5fxk4tjgliudtj4obrw21
colruyt.cadency.trintech.com/	1969-12-31 23:59:59	Name: CadencyIdP_IDP Value:
colruyt.cadency.trintech.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken_L0NhZGVuY3lPQXV0aA2 Value: k3vGTXYbJlzJwTjLQdfV7B_yo3skn-vu-EFhouJ2-LLcEVxlbBjLFAOS6kz1gwdYCE0_7Jmv8pO9pM5CCIB9hHIZtUgVm9teCeb3zxFxaDGOyJnTM1zIKfKy8Ji1hEB-KI6XCQ2
logon.colruytgroup.com/	1969-12-31 23:59:59	Name: AMWEBJCT!%2Fmga!JSESSIONID Value: 0000sONAFPgKrQ0wHfgbnDVkbI5:ed4c87ee-816a-4000-a547-0e90081a7490
logon.colruytgroup.com/	1969-12-31 23:59:59	Name: AMWEBJCT!%2Fmga!https%3A%2F%2Flogon.colruytgroup.com%2Fmga%2Fsps%2FSAML-default%2Fsaml20FIMSAML20 Value: uuidd3c5a675-2083-4020-9b7c-21850ab2d6c9
logon.colruytgroup.com/	1969-12-31 23:59:59	Name: PD-S-SESSION-ID Value: 1_2_0_l4-przEbOBYfmhOQnW9bSF4qketC28lsJycpmXkKRMT5H7yz
logon.colruytgroup.com/	1969-12-31 23:59:59	Name: TS01e3c7f0 Value: 016303f955ccb44039362f6d3712cefb72a8a238778a5544364ccb280df0031bde0c8b7a3f39124e00498a6a2b75dd3eba5b0ba29d
.colruytgroup.com/	1969-12-31 23:59:59	Name: TS0168d39b Value: 016303f955ccb44039362f6d3712cefb72a8a238778a5544364ccb280df0031bde0c8b7a3f39124e00498a6a2b75dd3eba5b0ba29d
.trintech.com/	1969-12-31 23:59:59	Name: dtPC Value: 9$528370807_484h-vAUFMGMDFFCFTFEFHKPLDNJRVAHSFABIA-0e0
logon.colruytgroup.com/	1969-12-31 23:59:59	Name: IV_JCT Value: %2Fmga
.colruytgroup.com/	1969-12-31 23:59:59	Name: rp-logon-session-cookie Value: !vUije5stschOduueyvrb34I2eRfAq/+jmAQde0DwQdEf68AodAul+HXwJGuEx38gtzmajm9QD34Zw9Q=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=157680000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

colruyt.cadency.trintech.com
logon.colruytgroup.com
2606:4700::6810:191b
91.231.109.238
2c5492896637baa249ae45a766293bbd77a4986c60f55755fcbafb41d6a61e48
3591d7814633d3863b17348cdf6b7163dbacafe90f3505456c16ef32ed329a3d
47bcd0ba00c52847a5f08847c4b2fa0bfee63f896d3f62f1f4885c1ea05027ce
92d06d20d4a4d51bd8597629be0ad03abfee94768350a6c6b08dd904e9d8f40e
dd3f91983d506a83e414ceed2144f6f2ff16df3cae9ebebabb886f951fd014b0

logon.colruytgroup.com Open in urlscan Pro 91.231.109.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

97 kBTransfer

225 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

17 Cookies

Security Headers

Indicators

logon.colruytgroup.com Open in urlscan Pro
91.231.109.238 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

97 kB
Transfer

225 kB
Size

17
Cookies

6 HTTP transactions
0 data transactions