auth.openfla.me
Open in
urlscan Pro
135.148.102.12
Public Scan
Effective URL: https://auth.openfla.me/realms/openflame/protocol/openid-connect/auth?approval_prompt=force&client_id=poeticdata-onramp-...
Submission Tags: https://phish.report @phish_report Search All
Submission: On July 19 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 5th 2023. Valid for: 3 months.
This is the only time auth.openfla.me was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 178.128.134.17 178.128.134.17 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
17 | 135.148.102.12 135.148.102.12 | 16276 (OVH) (OVH) | |
18 | 2 |
ASN14061 (DIGITALOCEAN-ASN, US)
acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud | |
admin.dev-0pq28.onramp.poeticdata.openflame.cloud |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
openfla.me
auth.openfla.me |
504 KB |
3 |
openflame.cloud
2 redirects
acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud admin.dev-0pq28.onramp.poeticdata.openflame.cloud |
3 KB |
18 | 2 |
Domain | Requested by | |
---|---|---|
17 | auth.openfla.me |
acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud
auth.openfla.me |
2 | acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud | 1 redirects |
1 | admin.dev-0pq28.onramp.poeticdata.openflame.cloud | 1 redirects |
18 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ZeroSSL RSA Domain Secure Site CA |
2023-07-19 - 2023-10-17 |
3 months | crt.sh |
auth.openfla.me ZeroSSL RSA Domain Secure Site CA |
2023-06-05 - 2023-09-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth.openfla.me/realms/openflame/protocol/openid-connect/auth?approval_prompt=force&client_id=poeticdata-onramp-dev-0pq28&nonce=gtO7YljZbrOxOSR3Gj8QZQC_du5QOTXeiHr9RfBmYRk&redirect_uri=https%3A%2F%2Fadmin.dev-0pq28.onramp.poeticdata.openflame.cloud%2Foauth2%2Fcallback&response_type=code&scope=openid+email+profile&state=zuGAWwxtYQjlB_n3sH_G7y4tS_3E2sLEfdGvnnQNIlA%3Ahttps%3A%2F%2Facmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud%2F
Frame ID: 54053A66EA9C824166FAA02D8C2D5BBF
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
React AppPage URL History Show full URLs
-
http://acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud/
HTTP 301
https://acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud/ Page URL
-
https://admin.dev-0pq28.onramp.poeticdata.openflame.cloud/oauth2/start?rd=https://acmayberry.workspace.admin.dev-0pq28.onramp.poeticda...
HTTP 302
https://auth.openfla.me/realms/openflame/protocol/openid-connect/auth?approval_prompt=force&client_i... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud/
HTTP 301
https://acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud/ Page URL
-
https://admin.dev-0pq28.onramp.poeticdata.openflame.cloud/oauth2/start?rd=https://acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud/
HTTP 302
https://auth.openfla.me/realms/openflame/protocol/openid-connect/auth?approval_prompt=force&client_id=poeticdata-onramp-dev-0pq28&nonce=gtO7YljZbrOxOSR3Gj8QZQC_du5QOTXeiHr9RfBmYRk&redirect_uri=https%3A%2F%2Fadmin.dev-0pq28.onramp.poeticdata.openflame.cloud%2Foauth2%2Fcallback&response_type=code&scope=openid+email+profile&state=zuGAWwxtYQjlB_n3sH_G7y4tS_3E2sLEfdGvnnQNIlA%3Ahttps%3A%2F%2Facmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud/ HTTP 301
- https://acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud/
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
auth
auth.openfla.me/realms/openflame/protocol/openid-connect/ Redirect Chain
|
30 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
worksans-bold-webfont.woff2
auth.openfla.me/resources/40ntc/login/openflame-auth/build/fonts/WorkSans/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
worksans-medium-webfont.woff2
auth.openfla.me/resources/40ntc/login/openflame-auth/build/fonts/WorkSans/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
worksans-regular-webfont.woff2
auth.openfla.me/resources/40ntc/login/openflame-auth/build/fonts/WorkSans/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
worksans-semibold-webfont.woff2
auth.openfla.me/resources/40ntc/login/openflame-auth/build/fonts/WorkSans/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.0b7a4ef0.js
auth.openfla.me/resources/40ntc/login/openflame-auth/build/static/js/ |
341 KB 100 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5973.d95a7999.chunk.css
auth.openfla.me/resources/40ntc/login/openflame-auth/build/static/css/ |
191 B 217 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5973.24e1b218.chunk.js
auth.openfla.me/resources/40ntc/login/openflame-auth/build/static/js/ |
1 KB 683 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
273.cdcebf01.chunk.js
auth.openfla.me/resources/40ntc/login/openflame-auth/build/static/js/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
575.7196882e.chunk.js
auth.openfla.me/resources/40ntc/login/openflame-auth/build/static/js/ |
1 KB 725 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2892.d4612f92.chunk.js
auth.openfla.me/resources/40ntc/login/openflame-auth/build/static/js/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
auth.openfla.me/resources/40ntc/login/openflame-auth/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zocial.css
auth.openfla.me/resources/40ntc/login/openflame-auth/resources_common/lib/zocial/ |
43 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patternfly-additions.min.css
auth.openfla.me/resources/40ntc/login/openflame-auth/resources_common/node_modules/patternfly/dist/css/ |
220 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
patternfly.min.css
auth.openfla.me/resources/40ntc/login/openflame-auth/resources_common/node_modules/patternfly/dist/css/ |
178 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openflame-logo-gitlab.91df03082240cbab1d57.png
auth.openfla.me/resources/40ntc/login/openflame-auth/build/static/media/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans-Regular-webfont.woff2
auth.openfla.me/resources/40ntc/login/openflame-auth/resources_common/node_modules/patternfly/dist/fonts/ |
61 KB 59 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| kcContext object| webpackChunkopenflame_auth4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
auth.openfla.me/realms/openflame/ | Name: AUTH_SESSION_ID Value: 2d6accae-75fa-4188-a7ad-269a1870ecb0.keycloak-0-24511 |
|
auth.openfla.me/realms/openflame/ | Name: AUTH_SESSION_ID_LEGACY Value: 2d6accae-75fa-4188-a7ad-269a1870ecb0.keycloak-0-24511 |
|
auth.openfla.me/realms/openflame/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJkNjk4ZDFhZS1kYTEyLTQ5YWEtYjA5My0zMzI2MmFjOWZhNTAifQ.eyJjaWQiOiJwb2V0aWNkYXRhLW9ucmFtcC1kZXYtMHBxMjgiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL2FkbWluLmRldi0wcHEyOC5vbnJhbXAucG9ldGljZGF0YS5vcGVuZmxhbWUuY2xvdWQvb2F1dGgyL2NhbGxiYWNrIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQgZW1haWwgcHJvZmlsZSIsImlzcyI6Imh0dHBzOi8vYXV0aC5vcGVuZmxhLm1lL3JlYWxtcy9vcGVuZmxhbWUiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsImNsaWVudF9yZXF1ZXN0X3BhcmFtX2FwcHJvdmFsX3Byb21wdCI6ImZvcmNlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9hZG1pbi5kZXYtMHBxMjgub25yYW1wLnBvZXRpY2RhdGEub3BlbmZsYW1lLmNsb3VkL29hdXRoMi9jYWxsYmFjayIsInN0YXRlIjoienVHQVd3eHRZUWpsQl9uM3NIX0c3eTR0U18zRTJzTEVmZEd2bm5RTklsQTpodHRwczovL2FjbWF5YmVycnkud29ya3NwYWNlLmFkbWluLmRldi0wcHEyOC5vbnJhbXAucG9ldGljZGF0YS5vcGVuZmxhbWUuY2xvdWQvIiwibm9uY2UiOiJndE83WWxqWmJyT3hPU1IzR2o4UVpRQ19kdTVRT1RYZWlIcjlSZkJtWVJrIn19.Q275dpFx6TbHfbYWIUhGXnxyXxX2-GGXwBS42-p-wFQ |
|
.admin.dev-0pq28.onramp.poeticdata.openflame.cloud/ | Name: poeticdata_onramp_dev-0pq28_openflame_admin_csrf Value: REacbO-Uvh74Kz39g_3fQTruCrgt0S-D3TXF7kz4ArlLXjeo9SG2KqT2pdZVTUPvj-08dDSVrWIX2ocmj5nDv2c2qZCmKQxzukINrm1X_Br-c32eLbgKAME=|1689806850|iDV9dtNJctxWdfK7XprgEwZduJMkfpRRAs-8TQyfuog= |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acmayberry.workspace.admin.dev-0pq28.onramp.poeticdata.openflame.cloud
admin.dev-0pq28.onramp.poeticdata.openflame.cloud
auth.openfla.me
135.148.102.12
178.128.134.17
045f938544c7d9c05b5db3c34e1ba69441245b36a457411e27e8be4b0a30376d
1b2db8fccaa1c957d98af0d31381cd115427fdc12201f764b1228dced52b97df
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
3ae70dab780072574135c509dfb3ddce16b61aace0757c138e76bc705433d380
3cfb28778895d6adca324710b2000c6e15ef5a7b88d461f39b29ff6fb877b778
4879da63b3ef5103e6d604a3d2aa6a1410782b5b90017b6654b76038f872e8c6
4f1d2635a19b006926f481c38ce5d3707b6baefea2baa24b7e83f64e8a01a8af
6e434b4718f92ef31984e99d5d03f4c79078f66b797bc62258c754db5a25f326
899ddf54f776080a878ef8af104b0c364c0b27135c4d109e4d29a5e7f0386b8f
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
bae41ff593e0cfd5d25ce72edf6731524c8eb91c21e4757ce725e01dafceddb5
d1a8050bc40f6d57004bb91fa74177b2651771db650fdcd7e533677b06d61ce4
ebb336575edb0a58cab890171d849936b085b91cc15ad0e1b049d94b61a1eb87
f7c4f357ff8affa77391afa60edb232e96fbd8cd8453f88db210da3874696954