espace.agir.orange.com
Open in
urlscan Pro
90.84.185.128
Public Scan
Effective URL: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BK...
Submission: On October 18 via api from FR — Scanned from FR
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 10th 2024. Valid for: a year.
This is the only time espace.agir.orange.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 23 | 90.84.185.128 90.84.185.128 | 2280 (OCBHONEY ...) (OCBHONEY OCB public cloud network) | |
22 | 1 |
ASN2280 (OCBHONEY OCB public cloud network, FR)
PTR: ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
espace.agir.orange.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
orange.com
1 redirects
espace.agir.orange.com |
2 MB |
22 | 1 |
Domain | Requested by | |
---|---|---|
23 | espace.agir.orange.com |
1 redirects
espace.agir.orange.com
|
22 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
docs.atlassian.com |
confluence.atlassian.com |
connect.agir.orange.com |
www.atlassian.com |
support.atlassian.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.agir.orange.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-09-10 - 2025-10-07 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Frame ID: 3CAA672602A3DD6837EF7CBC91D661EA
Requests: 20 HTTP requests in this frame
Frame:
https://espace.agir.orange.com/rest/scriptrunner/latest/sr-analytics?origReferrer=&parentLocation=https%3A%2F%2Fespace.agir.orange.com%2Flogin.action%3Fos_destination%3D%252Fpages%252Fviewpage.action%253FspaceKey%253DXSD%2526title%253DSuspicious%252BKerberoasting%252BActivity%252527%26permissionViolation%3Dtrue
Frame ID: 21D958E9F319BE9440B06A9D34F4525B
Requests: 1 HTTP requests in this frame
Frame:
https://espace.agir.orange.com/rest/scriptrunner/latest/sr-analytics?origReferrer=&parentLocation=https%3A%2F%2Fespace.agir.orange.com%2Flogin.action%3Fos_destination%3D%252Fpages%252Fviewpage.action%253FspaceKey%253DXSD%2526title%253DSuspicious%252BKerberoasting%252BActivity%252527%26permissionViolation%3Dtrue
Frame ID: 250B790E3A46B91063016B903471E5D5
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Connexion - Confluence for OrangePage URL History Show full URLs
-
https://espace.agir.orange.com/display/XSD/Suspicious+Kerberoasting+Activity'
HTTP 302
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26ti... Page URL
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Aide en ligne
Search URL Search Domain Scan URL
Title: Nouveautés
Search URL Search Domain Scan URL
Title: SSO Login
Search URL Search Domain Scan URL
Title: Réinitialiser votre mot de passe - Reset your password
Search URL Search Domain Scan URL
Title: Atlassian Confluence
Search URL Search Domain Scan URL
Title: Requête concernant un bogue/une fonctionnalité
Search URL Search Domain Scan URL
Title: News Atlassian
Search URL Search Domain Scan URL
Title: Atlassian
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://espace.agir.orange.com/display/XSD/Suspicious+Kerberoasting+Activity'
HTTP 302
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.action
espace.agir.orange.com/ Redirect Chain
|
56 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
batch.css
espace.agir.orange.com/s/44499b73512454301a9bcefda1d9b612-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/css/_super,-com.atlassian.plugins.atlassian-plugins-webres... |
330 KB 79 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
batch.css
espace.agir.orange.com/s/d41d8cd98f00b204e9800998ecf8427e-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/css/main,atl.general,-_super/ |
156 KB 42 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
batch.css
espace.agir.orange.com/s/b231626b51908bf88558efc0a58d67d0-CDN/a7ge13/9012/1d0vx1s/42678a67312c52f2266e40b5577caf56/_/download/contextbatch/css/login,-_super/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
colors.css
espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/10/_/styles/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/10/_/styles/ |
43 B 692 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
batch.js
espace.agir.orange.com/s/80d2b9e1721096b6ab007dd2311c2c79-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/js/_super,-com.atlassian.plugins.atlassian-plugins-webreso... |
988 KB 281 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
batch.js
espace.agir.orange.com/s/2bf46150fd33a6e5dd28a3907262f012-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/js/main,atl.general,-_super/ |
7 MB 2 MB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
confluence.web.resources:captcha-handler.js
espace.agir.orange.com/s/dec65ca990515b6a056bd99463638841-CDN/a7ge13/9012/1d0vx1s/1.0/_/download/batch/confluence.web.resources:captcha-handler/ |
716 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
confluence.web.resources:login.js
espace.agir.orange.com/s/dec65ca990515b6a056bd99463638841-CDN/a7ge13/9012/1d0vx1s/1.0/_/download/batch/confluence.web.resources:login/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
confluence-white.svg
espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/1.0/_/download/resources/confluence.web.resources:ajs/images/brand-images/products/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
atlassian-horizontal-neutral.svg
espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/1.0/_/download/resources/confluence.web.resources:ajs/images/brand-images/atlassian/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adgs-icons.woff
espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/9.2.2-patch-2/_/download/resources/com.atlassian.auiplugin:split_aui.splitchunk.56dfb54d0c/assets/ |
25 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
resources
espace.agir.orange.com/rest/wrm/2.0/ |
515 B 683 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getconfig
espace.agir.orange.com/plugins/servlet/samlsso/ |
9 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appswitcher
espace.agir.orange.com/rest/menu/latest/ |
85 B 624 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sr-analytics
espace.agir.orange.com/rest/scriptrunner/latest/ Frame 21D9 |
0 434 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sr-analytics
espace.agir.orange.com/rest/scriptrunner/latest/ Frame 250B |
0 434 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3984f9143c3cb0aba26a02c953d5cd4f
espace.agir.orange.com/rest/shortcuts/latest/shortcuts/9012/ |
85 B 624 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-async.js
espace.agir.orange.com/s/d41d8cd98f00b204e9800998ecf8427e-CDN/a7ge13/9012/1d0vx1s/6.1.0/_/download/batch/com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-async/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/10/_/ |
4 KB 4 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
bulk
espace.agir.orange.com/rest/analytics/1.0/publish/ |
174 B 644 B |
Fetch
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
95 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| WRM object| __observedResources object| goog object| soy object| soydata object| soyshim object| aui object| Raphael object| Confluence function| WRMCB object| AJS object| atlassianWebpackJsonpe19a4f58490c3d96a3072d1e47cd0e73 function| clearImmediate function| setImmediate object| regeneratorRuntime function| applyFocusVisiblePolyfill function| $ function| jQuery function| define function| require object| __auiJsonp function| _ object| Backbone boolean| COMPILED object| atl_soy object| __skate_0_13_17 function| JsMutationObserver object| jQBrowser function| skateTemplateHtml function| setCookie function| getCookie function| highlight function| KeyGenerator object| $jscomp object| NavLinks object| navlinks object| appLinksI18n object| RY string| APPSWITCHER_TRIGGER_CLICK string| APPSWITCHER_DROPDOWN_SHOW string| APPSWITCHER_DROPDOWN_DISPLAY_ERROR string| APPSWITCHER_APP_LINK_CLICK string| APPSWITCHER_CONFIGURE_LINK_CLICK object| plantuml object| MyWork object| MW string| originTarget function| registerNewSystemAuthenticator function| registerAdditionalAuthenticator function| registerNewSystemAuthenticatorByInlineRegistration function| authenticateWebAuthn function| removeWebAuthnCred function| removeHardwareCred function| registerYubikeyToken function| confirm_remove_cred function| confirmEnableOrDisableResetYubikeyHardware function| confirmEnableOrDisableResetWebAuthn function| confirmBulkResetCredForYubikeyToken function| confirmBulkResetCredForWebAUthn function| confirm_clear function| register function| register1 function| registerPlatformAuthenticator function| binToStr function| strToBin function| authenticate1 function| success function| authenticate function| getContextPath function| credentialListConversion function| getCableData function| _fetch function| serializeUvm function| checkUserRegistration function| clear12 function| printMap function| yubikeyU2FRegisterActionSubmit function| isNumberKey function| displayFlag object| webpackJsonpScriptRunner object| store object| NL object| AppLinks object| ScriptRunner object| __PLATFORM_FEATURE_FLAGS__ object| Base64 object| divToEditorMap object| BrowserMetrics object| ATL_PERF object| Select2 object| u2f object| CBOR number| verOffset5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
espace.agir.orange.com/ | Name: JSESSIONID Value: 7E7BD661B07B464CFBD382FCD8D669D8 |
|
.espace.agir.orange.com/ | Name: d2680c7065a649e0a1410cdd8a5eb211 Value: WyI1MzQ2NDQ4NjMiXQ |
|
espace.agir.orange.com/ | Name: CONFLUENCE_RETURNTOCOOKIE Value: https://espace.agir.orange.com/pages/viewpage.action?spaceKey=XSD&title=Suspicious+Kerberoasting+Activity%27 |
|
espace.agir.orange.com/ | Name: DEVICEDETAILS Value: Mozilla/5.0 (X11: Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36||Chrome||Linux OS||PDF Viewer, Chrome PDF Viewer, Chromium PDF Viewer, Microsoft Edge PDF Viewer, WebKit built-in PDF||false||Mozilla||en-US, en||true||heure dt dEurope centrale||fr-FR||true |
|
espace.agir.orange.com/ | Name: samlsso_idp.key Value: default_idp_id |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
espace.agir.orange.com
90.84.185.128
28210b1f18da9c235742b71466dffd02fddcbbdf4bcf198a0cea3e9ea00b2055
3139352ad7b6259bc2f55d7fb2f7ee9f282946aedf3407e45560a9605a1becf1
3551c04086fc222524cb5f249cbce074746dc7220f3ccc2163e0ab202921160a
35998ea6b404f48cdaea65529793d93c19135974f6324bf1aabebce850e469bb
3ce22b824b829a8002798237e07ac96ea4fa1fa01b2195362b39397f6c71fd0e
443985c938acc7b8b2e1114a2e515335e2d085c1fb39ba94b47bcb3f67a22782
5f33a84a9603d59028b6a9247315803189142b3b80bad4445dd93c50056554c5
627ef30f48726352d36fde01043a9bc5368cb08bb25f422a261ee47fce8d2a17
93b735b28fd87f05b92a8d77b33e192936d77a6c3f0b37bf0eb41ba298bef9da
a1132c649f1a95dff99cb9eace7edf9ee678f576925b3b779f8cf36e018757de
bf785f43ae362f027d202723272f56e439203ad4500ff84aeb2f03502259e2e2
c0e5fa5c306fea425c23c3907ee5c3aaad5062c0da8e5b18ebd0b5eeee0f6749
d8598b3dbee1680a52c315450d1edc80f467fd45af67cd87362902d3375b179a
d96e135eef02ae8baa53ec80c5b39742fefe7260b00714c0f10bb8b371623daa
e2377a77dc61b317f7882d296ca3cd0ed5d3b9b4ee3098ba2f3929bc8e942ecc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edcd1deed793316e4aeb87adabe0340ac3a8ba824e1a2619f7a43dc79a56c65b
ede3e77dbf67d05d17745e224e981e3c0d6d9988e6e1a278ea723380bded72d7
f2e6bd025f7b86565ba4a2a92e7cb506730eabdc8c429d98fe275920db8f322b
f6b2880567d7ba9690e8e724a4c72eb15e169f97d01e92aca3db9a57ac4eda00