auth-cg5l.prometheusgroup.app
Open in
urlscan Pro
18.211.213.204
Public Scan
Effective URL: https://auth-cg5l.prometheusgroup.app/auth/realms/customer/protocol/openid-connect/auth?response_type=code&client_id=%5BPG%5D-olympus-...
Submission: On September 28 via manual from US — Scanned from US
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on May 11th 2023. Valid for: a year.
This is the only time auth-cg5l.prometheusgroup.app was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 3.230.207.21 3.230.207.21 | 14618 (AMAZON-AES) (AMAZON-AES) | |
10 | 18.211.213.204 18.211.213.204 | 14618 (AMAZON-AES) (AMAZON-AES) | |
10 | 1 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-207-21.compute-1.amazonaws.com
e5-cg5l.prometheusgroup.app |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-213-204.compute-1.amazonaws.com
auth-cg5l.prometheusgroup.app |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
prometheusgroup.app
2 redirects
e5-cg5l.prometheusgroup.app auth-cg5l.prometheusgroup.app |
534 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | auth-cg5l.prometheusgroup.app |
auth-cg5l.prometheusgroup.app
|
2 | e5-cg5l.prometheusgroup.app | 2 redirects |
10 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.prometheusgroup.app Amazon RSA 2048 M02 |
2023-05-11 - 2024-06-08 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth-cg5l.prometheusgroup.app/auth/realms/customer/protocol/openid-connect/auth?response_type=code&client_id=%5BPG%5D-olympus-IAM&state=w5Hzf92OzAfTrPwUIRGySGGwSP0kRXiojVi0Bn0nGw4%3D&redirect_uri=https://e5-cg5l.prometheusgroup.app/login/oauth2/code/keycloak
Frame ID: 6E6AA1EAB4E83AE87F860F8D0EF213F6
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Log in to PrometheusPage URL History Show full URLs
-
https://e5-cg5l.prometheusgroup.app/
HTTP 302
https://e5-cg5l.prometheusgroup.app/oauth2/authorization/keycloak HTTP 302
https://auth-cg5l.prometheusgroup.app/auth/realms/customer/protocol/openid-connect/auth?response_type=code&client_... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://e5-cg5l.prometheusgroup.app/
HTTP 302
https://e5-cg5l.prometheusgroup.app/oauth2/authorization/keycloak HTTP 302
https://auth-cg5l.prometheusgroup.app/auth/realms/customer/protocol/openid-connect/auth?response_type=code&client_id=%5BPG%5D-olympus-IAM&state=w5Hzf92OzAfTrPwUIRGySGGwSP0kRXiojVi0Bn0nGw4%3D&redirect_uri=https://e5-cg5l.prometheusgroup.app/login/oauth2/code/keycloak Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
auth
auth-cg5l.prometheusgroup.app/auth/realms/customer/protocol/openid-connect/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_ICA27NVfqrux_10273230920145353.js
auth-cg5l.prometheusgroup.app/auth/ |
208 KB 80 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
auth-cg5l.prometheusgroup.app/auth/resources/daauk/login/prometheus/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pgred300square.png
auth-cg5l.prometheusgroup.app/auth/resources/daauk/login/prometheus/img/ |
51 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pgred600wide.png
auth-cg5l.prometheusgroup.app/auth/resources/daauk/login/prometheus/img/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NotoSans-Regular.ttf
auth-cg5l.prometheusgroup.app/auth/resources/daauk/login/prometheus/css/font/ |
389 KB 210 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Trajan%20Pro%20Regular.ttf
auth-cg5l.prometheusgroup.app/auth/resources/daauk/login/prometheus/css/font/ |
65 KB 43 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Montserrat-Regular.otf
auth-cg5l.prometheusgroup.app/auth/resources/daauk/login/prometheus/css/font/ |
223 KB 124 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rb_bf57048gun
auth-cg5l.prometheusgroup.app/auth/ |
110 B 511 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rb_bf57048gun
auth-cg5l.prometheusgroup.app/auth/ |
110 B 513 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| dT_ object| dtrum object| dynatrace function| openUrl11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
auth-cg5l.prometheusgroup.app/auth/realms/customer/ | Name: AUTH_SESSION_ID Value: 33b82924-0934-42ed-be0a-20b51a95650a.keycloak-1 |
|
auth-cg5l.prometheusgroup.app/auth/realms/customer/ | Name: AUTH_SESSION_ID_LEGACY Value: 33b82924-0934-42ed-be0a-20b51a95650a.keycloak-1 |
|
auth-cg5l.prometheusgroup.app/auth/realms/customer/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI4ZTUzYjc2OC00NjdiLTRiYTQtODA5ZS1lZDYwYzcxNWVjYTcifQ.eyJjaWQiOiJbUEddLW9seW1wdXMtSUFNIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9lNS1jZzVsLnByb21ldGhldXNncm91cC5hcHAvbG9naW4vb2F1dGgyL2NvZGUva2V5Y2xvYWsiLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJpc3MiOiJodHRwczovL2F1dGgtY2c1bC5wcm9tZXRoZXVzZ3JvdXAuYXBwL2F1dGgvcmVhbG1zL2N1c3RvbWVyIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2U1LWNnNWwucHJvbWV0aGV1c2dyb3VwLmFwcC9sb2dpbi9vYXV0aDIvY29kZS9rZXljbG9hayIsInN0YXRlIjoidzVIemY5Mk96QWZUclB3VUlSR3lTR0d3U1Awa1JYaW9qVmkwQm4wbkd3ND0ifX0.5mNP3aA7uxzh7z9pugARjme4rgqOBc0hvv6T8vpx5Ig |
|
e5-cg5l.prometheusgroup.app/ | Name: GW_SESSION Value: f4c92873-7409-4878-b3bd-15d82c949e0f |
|
.prometheusgroup.app/ | Name: dtCookie Value: v_4_srv_6_sn_287B5BCCAC85154930385DA19BBC4984_perc_100000_ol_0_mul_1_app-3A352074dffbdcf924_1 |
|
.prometheusgroup.app/ | Name: rxVisitor Value: 16959336078043OMDTS869JMMI9SFQ1QTP21SHP6A5H2I |
|
.prometheusgroup.app/ | Name: dtSa Value: - |
|
.prometheusgroup.app/ | Name: rxvt Value: 1695935408054|1695933607808 |
|
.prometheusgroup.app/ | Name: dtPC Value: 6$333607800_44h-vRACUICFRTJCAFKOQKVLSBRHGRJRULUNR-0e0 |
|
auth-cg5l.prometheusgroup.app/ | Name: AWSALB Value: O0U6OoC59z9zj+T/ljfoieSsOIL1Lq64bnoMp9rRPqYs3ZaoFcFXTJ+q9w0vfD7MVMgSXFctyqbb0tp5buG3fMgLzJHGxix6HOs7W55K3GfEEyMwKQQmVQR9Zy9Z |
|
auth-cg5l.prometheusgroup.app/ | Name: AWSALBCORS Value: O0U6OoC59z9zj+T/ljfoieSsOIL1Lq64bnoMp9rRPqYs3ZaoFcFXTJ+q9w0vfD7MVMgSXFctyqbb0tp5buG3fMgLzJHGxix6HOs7W55K3GfEEyMwKQQmVQR9Zy9Z |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-src 'self'; frame-ancestors 'self'; object-src 'none'; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth-cg5l.prometheusgroup.app
e5-cg5l.prometheusgroup.app
18.211.213.204
3.230.207.21
05020163a5c4219d3b3857758c608a2efaa949a883051fdf84e3d44650da1d92
4d4e699f66cc8d71dae25a3fd0ae17b4eb13545ece9f1ea7e5ca58b139226df3
6e99246753b94499f6bb5f7432f4d97073db35d8ffb28c795dc0df2a88baeaec
c30c4f0c2efbfaf4c06363c3421ae7991f83c6df3c2bba443d69b7d98ba07780
cc699fa3698621797b243ed70ecee9b3cc7309283eb37bc38e20b55617e69e2e
d9ac39b53dca5c2f1fb25e97835c211e65490c87c9b492bf2fb6af512e665869
f1a36facb3b50b55ede16660a0930c09181f372f42007510ee9c24bb9b301ce0
f95fc61d04cc4c373fa58adb0e1ccd94f3607336d5e50f16363c6d823c84bba0
ff0c29b981063b350ca20b12b27a47183f45973f98e0a2854757b9eb60210956