urlscan.io logo urlscan.io
SecurityTrails logo

espace.agir.orange.com Open in urlscan Pro
90.84.185.128  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://espace.agir.orange.com/display/XSD/Suspicious+Kerberoasting+Activity'
Effective URL: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BK...
Submission: On October 18 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 90.84.185.128, located in Bezons, France and belongs to OCBHONEY OCB public cloud network, FR. The main domain is espace.agir.orange.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on September 10th 2024. Valid for: a year.
This is the only time espace.agir.orange.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 90.84.185.128 2280 (OCBHONEY ...)
22 1
Apex Domain
Subdomains		 Transfer
23 orange.com
espace.agir.orange.com
2 MB
22 1
Domain Requested by
23 espace.agir.orange.com 1 redirects espace.agir.orange.com
22 1
Subject Issuer Validity Valid
*.agir.orange.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-10 -
2025-10-07		 a year crt.sh

This page contains 3 frames:

Primary Page: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Frame ID: 61049BFC529EF7BA4A6265C32EA8421C
Requests: 20 HTTP requests in this frame

Frame: https://espace.agir.orange.com/rest/scriptrunner/latest/sr-analytics?origReferrer=&parentLocation=https%3A%2F%2Fespace.agir.orange.com%2Flogin.action%3Fos_destination%3D%252Fpages%252Fviewpage.action%253FspaceKey%253DXSD%2526title%253DSuspicious%252BKerberoasting%252BActivity%252527%26permissionViolation%3Dtrue
Frame ID: 41E611C2BE574874FF679952D6FBFC88
Requests: 1 HTTP requests in this frame

Frame: https://espace.agir.orange.com/rest/scriptrunner/latest/sr-analytics?origReferrer=&parentLocation=https%3A%2F%2Fespace.agir.orange.com%2Flogin.action%3Fos_destination%3D%252Fpages%252Fviewpage.action%253FspaceKey%253DXSD%2526title%253DSuspicious%252BKerberoasting%252BActivity%252527%26permissionViolation%3Dtrue
Frame ID: EB523EC079AFF4F4875B44690398A869
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Connexion - Confluence for Orange

Page URL History Show full URLs

  1. https://espace.agir.orange.com/display/XSD/Suspicious+Kerberoasting+Activity' HTTP 302
    https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26ti... Page URL

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2437 kB
Transfer

8957 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://espace.agir.orange.com/display/XSD/Suspicious+Kerberoasting+Activity' HTTP 302
    https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.action
espace.agir.orange.com/
Redirect Chain
  • https://espace.agir.orange.com/display/XSD/Suspicious+Kerberoasting+Activity'
  • https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
56 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
9a7cc17af6c8dd5a56d136b17f7c32d11cab0e2c3cb9003d5cbc1bbad3f6e909
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Language
fr-FR
Content-Type
text/html;charset=UTF-8
Date
Fri, 18 Oct 2024 09:05:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Server
elb
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
User-Agent
X-Confluence-Cluster-Node
545833d8
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
X-Confluence-Request-Time
1729242305996
X-Content-Type-Options
nosniff
X-Seraph-LoginReason
OUT
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Language
fr-FR
Content-Length
0
Content-Type
text/html;charset=UTF-8
Date
Fri, 18 Oct 2024 09:05:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Server
elb
Strict-Transport-Security
max-age=31536000
X-Confluence-Cluster-Node
545833d8
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
X-Confluence-Request-Time
1729242305942
X-Content-Type-Options
nosniff
X-Seraph-LoginReason
OUT
X-XSS-Protection
1; mode=block
batch.css
espace.agir.orange.com/s/44499b73512454301a9bcefda1d9b612-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/css/_super,-com.atlassian.plugins.atlassian-plugins-webres... 		330 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/s/44499b73512454301a9bcefda1d9b612-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/css/_super,-com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-perf-observer/batch.css
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
edcd1deed793316e4aeb87adabe0340ac3a8ba824e1a2619f7a43dc79a56c65b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

X-Seraph-LoginReason
OUT
Content-Encoding
gzip
Expires
Sat, 18 Oct 2025 09:05:06 GMT
Date
Fri, 18 Oct 2024 09:05:06 GMT
Content-Type
text/css;charset=UTF-8
X-Confluence-Request-Time
1729242306091
Vary
User-Agent
Last-Modified
Wed, 21 Jan 1970 00:20:42 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Content-Language
fr-FR
Server
elb
batch.css
espace.agir.orange.com/s/d41d8cd98f00b204e9800998ecf8427e-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/css/main,atl.general,-_super/ 		156 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/s/d41d8cd98f00b204e9800998ecf8427e-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/css/main,atl.general,-_super/batch.css?hostenabled=true
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
5f33a84a9603d59028b6a9247315803189142b3b80bad4445dd93c50056554c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

X-Seraph-LoginReason
OUT
Content-Encoding
gzip
Expires
Sat, 18 Oct 2025 09:05:06 GMT
Date
Fri, 18 Oct 2024 09:05:06 GMT
Content-Type
text/css;charset=UTF-8
X-Confluence-Request-Time
1729242306125
Vary
User-Agent
Last-Modified
Wed, 21 Jan 1970 00:20:42 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Content-Language
fr-FR
Server
elb
batch.css
espace.agir.orange.com/s/b231626b51908bf88558efc0a58d67d0-CDN/a7ge13/9012/1d0vx1s/42678a67312c52f2266e40b5577caf56/_/download/contextbatch/css/login,-_super/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/s/b231626b51908bf88558efc0a58d67d0-CDN/a7ge13/9012/1d0vx1s/42678a67312c52f2266e40b5577caf56/_/download/contextbatch/css/login,-_super/batch.css
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
ede3e77dbf67d05d17745e224e981e3c0d6d9988e6e1a278ea723380bded72d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

X-Seraph-LoginReason
OUT
Content-Encoding
gzip
Expires
Sat, 18 Oct 2025 09:05:06 GMT
Date
Fri, 18 Oct 2024 09:05:06 GMT
Content-Type
text/css;charset=UTF-8
X-Confluence-Request-Time
1729242306124
Vary
User-Agent
Last-Modified
Wed, 21 Jan 1970 00:20:42 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Content-Language
fr-FR
Server
elb
colors.css
espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/10/_/styles/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/10/_/styles/colors.css
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
627ef30f48726352d36fde01043a9bc5368cb08bb25f422a261ee47fce8d2a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

X-Seraph-LoginReason
OUT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Expires
Sat, 18 Oct 2025 09:05:06 GMT
Date
Fri, 18 Oct 2024 09:05:06 GMT
Content-Type
text/css;charset=UTF-8
X-Confluence-Request-Time
1729242306124
Vary
User-Agent
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
X-XSS-Protection
1; mode=block
Content-Language
fr-FR
Server
elb
custom.css
espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/10/_/styles/ 		43 B
692 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/10/_/styles/custom.css
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
28210b1f18da9c235742b71466dffd02fddcbbdf4bcf198a0cea3e9ea00b2055
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

X-Seraph-LoginReason
OUT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Expires
Sat, 18 Oct 2025 09:05:06 GMT
Date
Fri, 18 Oct 2024 09:05:06 GMT
Content-Type
text/css;charset=UTF-8
X-Confluence-Request-Time
1729242306126
Vary
User-Agent
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
X-XSS-Protection
1; mode=block
Content-Language
fr-FR
Server
elb
batch.js
espace.agir.orange.com/s/80d2b9e1721096b6ab007dd2311c2c79-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/js/_super,-com.atlassian.plugins.atlassian-plugins-webreso... 		988 KB
281 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/s/80d2b9e1721096b6ab007dd2311c2c79-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/js/_super,-com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-perf-observer/batch.js?locale=fr-FR
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
93b735b28fd87f05b92a8d77b33e192936d77a6c3f0b37bf0eb41ba298bef9da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

X-Seraph-LoginReason
OUT
Content-Encoding
gzip
Expires
Sat, 18 Oct 2025 09:05:06 GMT
Date
Fri, 18 Oct 2024 09:05:06 GMT
Content-Type
text/javascript;charset=UTF-8
X-Confluence-Request-Time
1729242306130
Vary
User-Agent
Last-Modified
Wed, 21 Jan 1970 00:20:42 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Content-Language
fr-FR
Server
elb
batch.js
espace.agir.orange.com/s/2bf46150fd33a6e5dd28a3907262f012-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/js/main,atl.general,-_super/ 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/s/2bf46150fd33a6e5dd28a3907262f012-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/js/main,atl.general,-_super/batch.js?hostenabled=true&locale=fr-FR
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
d8598b3dbee1680a52c315450d1edc80f467fd45af67cd87362902d3375b179a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

X-Seraph-LoginReason
OUT
Content-Encoding
gzip
Expires
Sat, 18 Oct 2025 09:05:06 GMT
Date
Fri, 18 Oct 2024 09:05:06 GMT
Content-Type
text/javascript;charset=UTF-8
X-Confluence-Request-Time
1729242306164
Vary
User-Agent
Last-Modified
Wed, 21 Jan 1970 00:20:42 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Content-Language
fr-FR
Server
elb
confluence.web.resources:captcha-handler.js
espace.agir.orange.com/s/dec65ca990515b6a056bd99463638841-CDN/a7ge13/9012/1d0vx1s/1.0/_/download/batch/confluence.web.resources:captcha-handler/ 		716 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/s/dec65ca990515b6a056bd99463638841-CDN/a7ge13/9012/1d0vx1s/1.0/_/download/batch/confluence.web.resources:captcha-handler/confluence.web.resources:captcha-handler.js?locale=fr-FR
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
e2377a77dc61b317f7882d296ca3cd0ed5d3b9b4ee3098ba2f3929bc8e942ecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

X-Seraph-LoginReason
OUT
Content-Encoding
gzip
Expires
Sat, 18 Oct 2025 09:05:06 GMT
Date
Fri, 18 Oct 2024 09:05:06 GMT
Content-Type
text/javascript;charset=UTF-8
X-Confluence-Request-Time
1729242306172
Vary
User-Agent
Last-Modified
Wed, 21 Jan 1970 00:20:42 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Content-Language
fr-FR
Server
elb
confluence.web.resources:login.js
espace.agir.orange.com/s/dec65ca990515b6a056bd99463638841-CDN/a7ge13/9012/1d0vx1s/1.0/_/download/batch/confluence.web.resources:login/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/s/dec65ca990515b6a056bd99463638841-CDN/a7ge13/9012/1d0vx1s/1.0/_/download/batch/confluence.web.resources:login/confluence.web.resources:login.js?locale=fr-FR
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
3ce22b824b829a8002798237e07ac96ea4fa1fa01b2195362b39397f6c71fd0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

X-Seraph-LoginReason
OUT
Content-Encoding
gzip
Expires
Sat, 18 Oct 2025 09:05:06 GMT
Date
Fri, 18 Oct 2024 09:05:06 GMT
Content-Type
text/javascript;charset=UTF-8
X-Confluence-Request-Time
1729242306176
Vary
User-Agent
Last-Modified
Wed, 21 Jan 1970 00:20:42 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Content-Language
fr-FR
Server
elb
confluence-white.svg
espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/1.0/_/download/resources/confluence.web.resources:ajs/images/brand-images/products/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/1.0/_/download/resources/confluence.web.resources:ajs/images/brand-images/products/confluence-white.svg
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/s/44499b73512454301a9bcefda1d9b612-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/css/_super,-com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-perf-observer/batch.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
3139352ad7b6259bc2f55d7fb2f7ee9f282946aedf3407e45560a9605a1becf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/s/44499b73512454301a9bcefda1d9b612-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/css/_super,-com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-perf-observer/batch.css

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Seraph-LoginReason
OUT
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Content-Language
fr-FR
Connection
keep-alive
Expires
Sat, 18 Oct 2025 09:05:07 GMT
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Date
Fri, 18 Oct 2024 09:05:07 GMT
Content-Type
image/svg+xml;charset=UTF-8
X-Confluence-Request-Time
1729242307337
Server
elb
Last-Modified
Wed, 21 Jan 1970 00:13:12 GMT
atlassian-horizontal-neutral.svg
espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/1.0/_/download/resources/confluence.web.resources:ajs/images/brand-images/atlassian/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/1.0/_/download/resources/confluence.web.resources:ajs/images/brand-images/atlassian/atlassian-horizontal-neutral.svg
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/s/44499b73512454301a9bcefda1d9b612-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/css/_super,-com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-perf-observer/batch.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
bf785f43ae362f027d202723272f56e439203ad4500ff84aeb2f03502259e2e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/s/44499b73512454301a9bcefda1d9b612-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/css/_super,-com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-perf-observer/batch.css

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Seraph-LoginReason
OUT
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Content-Language
fr-FR
Connection
keep-alive
Expires
Sat, 18 Oct 2025 09:05:07 GMT
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Date
Fri, 18 Oct 2024 09:05:07 GMT
Content-Type
image/svg+xml;charset=UTF-8
X-Confluence-Request-Time
1729242307347
Server
elb
Last-Modified
Wed, 21 Jan 1970 00:13:12 GMT
adgs-icons.woff
espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/9.2.2-patch-2/_/download/resources/com.atlassian.auiplugin:split_aui.splitchunk.56dfb54d0c/assets/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/9.2.2-patch-2/_/download/resources/com.atlassian.auiplugin:split_aui.splitchunk.56dfb54d0c/assets/adgs-icons.woff
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/s/44499b73512454301a9bcefda1d9b612-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/css/_super,-com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-perf-observer/batch.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
d96e135eef02ae8baa53ec80c5b39742fefe7260b00714c0f10bb8b371623daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://espace.agir.orange.com
Referer
https://espace.agir.orange.com/s/44499b73512454301a9bcefda1d9b612-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/css/_super,-com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-perf-observer/batch.css

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Seraph-LoginReason
OUT
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Content-Language
fr-FR
Connection
keep-alive
Expires
Sat, 18 Oct 2025 09:05:07 GMT
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Access-Control-Allow-Origin
*
Date
Fri, 18 Oct 2024 09:05:07 GMT
Content-Type
application/font-woff;charset=UTF-8
X-Confluence-Request-Time
1729242307422
Server
elb
Last-Modified
Wed, 21 Jan 1970 00:13:12 GMT
resources
espace.agir.orange.com/rest/wrm/2.0/ 		515 B
683 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/rest/wrm/2.0/resources
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/s/2bf46150fd33a6e5dd28a3907262f012-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/js/main,atl.general,-_super/batch.js?hostenabled=true&locale=fr-FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
c0e5fa5c306fea425c23c3907ee5c3aaad5062c0da8e5b18ebd0b5eeee0f6749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Seraph-LoginReason
OUT
X-Confluence-Cluster-Node
545833d8
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Date
Fri, 18 Oct 2024 09:05:07 GMT
Content-Type
application/json
Vary
User-Agent
Server
elb
getconfig
espace.agir.orange.com/plugins/servlet/samlsso/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/plugins/servlet/samlsso/getconfig
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/s/2bf46150fd33a6e5dd28a3907262f012-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/js/main,atl.general,-_super/batch.js?hostenabled=true&locale=fr-FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
3551c04086fc222524cb5f249cbce074746dc7220f3ccc2163e0ab202921160a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*

Response headers

X-Confluence-Cluster-Node
545833d8
Strict-Transport-Security
max-age=31536000
X-Seraph-LoginReason
OUT
Content-Encoding
gzip
Connection
keep-alive
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Content-Length
2510
Date
Fri, 18 Oct 2024 09:05:07 GMT
Content-Type
application/json;charset=UTF-8
X-Confluence-Request-Time
1729242307445
Vary
User-Agent
Server
elb
appswitcher
espace.agir.orange.com/rest/menu/latest/ 		85 B
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/rest/menu/latest/appswitcher?_=1729242306405
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/s/2bf46150fd33a6e5dd28a3907262f012-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/js/main,atl.general,-_super/batch.js?hostenabled=true&locale=fr-FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
f2e6bd025f7b86565ba4a2a92e7cb506730eabdc8c429d98fe275920db8f322b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Seraph-LoginReason
OUT
X-Confluence-Cluster-Node
545833d8
Cache-Control
no-transform
Content-Encoding
gzip
WWW-Authenticate
OAuth realm="https%3A%2F%2Fespace.agir.orange.com"
Connection
keep-alive
X-Content-Type-Options
nosniff
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Date
Fri, 18 Oct 2024 09:05:07 GMT
Content-Type
application/json
Vary
User-Agent
Server
elb
sr-analytics
espace.agir.orange.com/rest/scriptrunner/latest/ Frame 41E6 		0
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/rest/scriptrunner/latest/sr-analytics?origReferrer=&parentLocation=https%3A%2F%2Fespace.agir.orange.com%2Flogin.action%3Fos_destination%3D%252Fpages%252Fviewpage.action%253FspaceKey%253DXSD%2526title%253DSuspicious%252BKerberoasting%252BActivity%252527%26permissionViolation%3Dtrue
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/s/2bf46150fd33a6e5dd28a3907262f012-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/js/main,atl.general,-_super/batch.js?hostenabled=true&locale=fr-FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 18 Oct 2024 09:05:07 GMT
Server
elb
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
User-Agent
X-Confluence-Cluster-Node
545833d8
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
X-Content-Type-Options
nosniff
X-Seraph-LoginReason
OUT
sr-analytics
espace.agir.orange.com/rest/scriptrunner/latest/ Frame EB52 		0
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/rest/scriptrunner/latest/sr-analytics?origReferrer=&parentLocation=https%3A%2F%2Fespace.agir.orange.com%2Flogin.action%3Fos_destination%3D%252Fpages%252Fviewpage.action%253FspaceKey%253DXSD%2526title%253DSuspicious%252BKerberoasting%252BActivity%252527%26permissionViolation%3Dtrue
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/s/2bf46150fd33a6e5dd28a3907262f012-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/js/main,atl.general,-_super/batch.js?hostenabled=true&locale=fr-FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 18 Oct 2024 09:05:07 GMT
Server
elb
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
User-Agent
X-Confluence-Cluster-Node
545833d8
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
X-Content-Type-Options
nosniff
X-Seraph-LoginReason
OUT
79a4fadd2348d1b9576bda7eb83d462f
espace.agir.orange.com/rest/shortcuts/latest/shortcuts/9012/ 		85 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/rest/shortcuts/latest/shortcuts/9012/79a4fadd2348d1b9576bda7eb83d462f
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/s/2bf46150fd33a6e5dd28a3907262f012-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/js/main,atl.general,-_super/batch.js?hostenabled=true&locale=fr-FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
f2e6bd025f7b86565ba4a2a92e7cb506730eabdc8c429d98fe275920db8f322b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Seraph-LoginReason
OUT
X-Confluence-Cluster-Node
545833d8
Cache-Control
no-transform
Content-Encoding
gzip
WWW-Authenticate
OAuth realm="https%3A%2F%2Fespace.agir.orange.com"
Connection
keep-alive
X-Content-Type-Options
nosniff
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Date
Fri, 18 Oct 2024 09:05:07 GMT
Content-Type
application/json
Vary
User-Agent
Server
elb
com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-async.js
espace.agir.orange.com/s/d41d8cd98f00b204e9800998ecf8427e-CDN/a7ge13/9012/1d0vx1s/6.1.0/_/download/batch/com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-async/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/s/d41d8cd98f00b204e9800998ecf8427e-CDN/a7ge13/9012/1d0vx1s/6.1.0/_/download/batch/com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-async/com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-async.js
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/s/80d2b9e1721096b6ab007dd2311c2c79-CDN/a7ge13/9012/1d0vx1s/3c7365669ac88e084138306fb70249f6/_/download/contextbatch/js/_super,-com.atlassian.plugins.atlassian-plugins-webresource-rest:data-collector-perf-observer/batch.js?locale=fr-FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
f6b2880567d7ba9690e8e724a4c72eb15e169f97d01e92aca3db9a57ac4eda00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

X-Seraph-LoginReason
OUT
Content-Encoding
gzip
Expires
Sat, 18 Oct 2025 09:05:07 GMT
Date
Fri, 18 Oct 2024 09:05:07 GMT
Content-Type
text/javascript;charset=UTF-8
X-Confluence-Request-Time
1729242307491
Vary
User-Agent
Last-Modified
Wed, 21 Jan 1970 00:20:42 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Confluence-Cluster-Node
545833d8
Cache-Control
max-age=31536000, public
Connection
keep-alive
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Content-Language
fr-FR
Server
elb
favicon.ico
espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/10/_/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/s/a7ge13/9012/1d0vx1s/10/_/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
35998ea6b404f48cdaea65529793d93c19135974f6324bf1aabebce850e469bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

Strict-Transport-Security
max-age=31536000
Content-Length
4259
Date
Fri, 18 Oct 2024 09:05:07 GMT
Content-Type
image/x-icon;charset=UTF-8
Connection
keep-alive
Server
elb
bulk
espace.agir.orange.com/rest/analytics/1.0/publish/ 		174 B
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://espace.agir.orange.com/rest/analytics/1.0/publish/bulk
Requested by
Host: espace.agir.orange.com
URL: https://espace.agir.orange.com/s/2bf46150fd33a6e5dd28a3907262f012-CDN/a7ge13/9012/1d0vx1s/8d99233d6311b5bd78e04f7784e76f8a/_/download/contextbatch/js/main,atl.general,-_super/batch.js?hostenabled=true&locale=fr-FR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
90.84.185.128 Bezons, France, ASN2280 (OCBHONEY OCB public cloud network, FR),
Reverse DNS
ecs-90-84-185-128.compute.prod-cloud-ocb.orange-business.com
Software
elb /
Resource Hash
a1132c649f1a95dff99cb9eace7edf9ee678f576925b3b779f8cf36e018757de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true

Response headers

X-Confluence-Cluster-Node
545833d8
Strict-Transport-Security
max-age=31536000
X-Seraph-LoginReason
OUT
Cache-Control
no-transform
Content-Encoding
gzip
WWW-Authenticate
OAuth realm="https%3A%2F%2Fespace.agir.orange.com"
Connection
keep-alive
X-Content-Type-Options
nosniff
X-Confluence-Cluster-Node-Name
f4d22542-ab35-4875-89f0-b378c3df5976
Content-Length
148
Date
Fri, 18 Oct 2024 09:05:07 GMT
Content-Type
application/xml
Vary
User-Agent
Server
elb

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| WRM object| __observedResources object| goog object| soy object| soydata object| soyshim object| aui object| Raphael object| Confluence function| WRMCB object| AJS object| atlassianWebpackJsonpe19a4f58490c3d96a3072d1e47cd0e73 function| clearImmediate function| setImmediate object| regeneratorRuntime function| applyFocusVisiblePolyfill function| $ function| jQuery function| define function| require object| __auiJsonp function| _ object| Backbone boolean| COMPILED object| atl_soy object| __skate_0_13_17 function| JsMutationObserver object| jQBrowser function| skateTemplateHtml function| setCookie function| getCookie function| highlight function| KeyGenerator object| $jscomp object| NavLinks object| navlinks object| appLinksI18n object| RY string| APPSWITCHER_TRIGGER_CLICK string| APPSWITCHER_DROPDOWN_SHOW string| APPSWITCHER_DROPDOWN_DISPLAY_ERROR string| APPSWITCHER_APP_LINK_CLICK string| APPSWITCHER_CONFIGURE_LINK_CLICK object| plantuml object| MyWork object| MW string| originTarget function| registerNewSystemAuthenticator function| registerAdditionalAuthenticator function| registerNewSystemAuthenticatorByInlineRegistration function| authenticateWebAuthn function| removeWebAuthnCred function| removeHardwareCred function| registerYubikeyToken function| confirm_remove_cred function| confirmEnableOrDisableResetYubikeyHardware function| confirmEnableOrDisableResetWebAuthn function| confirmBulkResetCredForYubikeyToken function| confirmBulkResetCredForWebAUthn function| confirm_clear function| register function| register1 function| registerPlatformAuthenticator function| binToStr function| strToBin function| authenticate1 function| success function| authenticate function| getContextPath function| credentialListConversion function| getCableData function| _fetch function| serializeUvm function| checkUserRegistration function| clear12 function| printMap function| yubikeyU2FRegisterActionSubmit function| isNumberKey function| displayFlag object| webpackJsonpScriptRunner object| store object| NL object| AppLinks object| ScriptRunner object| __PLATFORM_FEATURE_FLAGS__ object| Base64 object| divToEditorMap object| BrowserMetrics object| ATL_PERF object| Select2 object| u2f object| CBOR number| verOffset

5 Cookies

Domain/Path Name / Value
espace.agir.orange.com/ Name: JSESSIONID
Value: 05C39F3487A2AE221CCE480F83588D19
.espace.agir.orange.com/ Name: d2680c7065a649e0a1410cdd8a5eb211
Value: WyIyNzcxMDk4MTg1Il0
espace.agir.orange.com/ Name: CONFLUENCE_RETURNTOCOOKIE
Value: https://espace.agir.orange.com/pages/viewpage.action?spaceKey=XSD&title=Suspicious+Kerberoasting+Activity%27
espace.agir.orange.com/ Name: DEVICEDETAILS
Value: Mozilla/5.0 (X11: Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36||Chrome||Linux OS||PDF Viewer, Chrome PDF Viewer, Chromium PDF Viewer, Microsoft Edge PDF Viewer, WebKit built-in PDF||false||Mozilla||en-US, en||true||heure dt dEurope centrale||fr-FR||true
espace.agir.orange.com/ Name: samlsso_idp.key
Value: default_idp_id

6 Console Messages

Source Level URL
Text
recommendation verbose URL: https://espace.agir.orange.com/login.action?os_destination=%2Fpages%2Fviewpage.action%3FspaceKey%3DXSD%26title%3DSuspicious%2BKerberoasting%2BActivity%2527&permissionViolation=true
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://espace.agir.orange.com/rest/menu/latest/appswitcher?_=1729242306405
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning URL: https://espace.agir.orange.com/rest/scriptrunner/latest/sr-analytics?origReferrer=&parentLocation=https%3A%2F%2Fespace.agir.orange.com%2Flogin.action%3Fos_destination%3D%252Fpages%252Fviewpage.action%253FspaceKey%253DXSD%2526title%253DSuspicious%252BKerberoasting%252BActivity%252527%26permissionViolation%3Dtrue
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://espace.agir.orange.com/rest/shortcuts/latest/shortcuts/9012/79a4fadd2348d1b9576bda7eb83d462f
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning URL: https://espace.agir.orange.com/rest/scriptrunner/latest/sr-analytics?origReferrer=&parentLocation=https%3A%2F%2Fespace.agir.orange.com%2Flogin.action%3Fos_destination%3D%252Fpages%252Fviewpage.action%253FspaceKey%253DXSD%2526title%253DSuspicious%252BKerberoasting%252BActivity%252527%26permissionViolation%3Dtrue
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://espace.agir.orange.com/rest/analytics/1.0/publish/bulk
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

espace.agir.orange.com
90.84.185.128
28210b1f18da9c235742b71466dffd02fddcbbdf4bcf198a0cea3e9ea00b2055
3139352ad7b6259bc2f55d7fb2f7ee9f282946aedf3407e45560a9605a1becf1
3551c04086fc222524cb5f249cbce074746dc7220f3ccc2163e0ab202921160a
35998ea6b404f48cdaea65529793d93c19135974f6324bf1aabebce850e469bb
3ce22b824b829a8002798237e07ac96ea4fa1fa01b2195362b39397f6c71fd0e
5f33a84a9603d59028b6a9247315803189142b3b80bad4445dd93c50056554c5
627ef30f48726352d36fde01043a9bc5368cb08bb25f422a261ee47fce8d2a17
93b735b28fd87f05b92a8d77b33e192936d77a6c3f0b37bf0eb41ba298bef9da
9a7cc17af6c8dd5a56d136b17f7c32d11cab0e2c3cb9003d5cbc1bbad3f6e909
a1132c649f1a95dff99cb9eace7edf9ee678f576925b3b779f8cf36e018757de
bf785f43ae362f027d202723272f56e439203ad4500ff84aeb2f03502259e2e2
c0e5fa5c306fea425c23c3907ee5c3aaad5062c0da8e5b18ebd0b5eeee0f6749
d8598b3dbee1680a52c315450d1edc80f467fd45af67cd87362902d3375b179a
d96e135eef02ae8baa53ec80c5b39742fefe7260b00714c0f10bb8b371623daa
e2377a77dc61b317f7882d296ca3cd0ed5d3b9b4ee3098ba2f3929bc8e942ecc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edcd1deed793316e4aeb87adabe0340ac3a8ba824e1a2619f7a43dc79a56c65b
ede3e77dbf67d05d17745e224e981e3c0d6d9988e6e1a278ea723380bded72d7
f2e6bd025f7b86565ba4a2a92e7cb506730eabdc8c429d98fe275920db8f322b
f6b2880567d7ba9690e8e724a4c72eb15e169f97d01e92aca3db9a57ac4eda00