Submitted URL: https://ac-orlen.societeg.xyz/
Effective URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2...
Submission: On August 29 via automatic, source certstream-suspicious — Scanned from FR

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 141.94.86.72, located in France and belongs to OVH, FR. The main domain is ac-orlen.societeg.xyz.
TLS certificate: Issued by R3 on August 29th 2023. Valid for: 3 months.
This is the only time ac-orlen.societeg.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 141.94.86.72 16276 (OVH)
10 195.83.89.163 2200 (FR-RENATE...)
1 195.83.89.99 2200 (FR-RENATE...)
19 4
Apex Domain
Subdomains
Transfer
11 ac-orleans-tours.fr
pia.ac-orleans-tours.fr
bv.ac-orleans-tours.fr
357 KB
9 societeg.xyz
ac-orlen.societeg.xyz
85 KB
19 2
Domain Requested by
10 pia.ac-orleans-tours.fr ac-orlen.societeg.xyz
pia.ac-orleans-tours.fr
9 ac-orlen.societeg.xyz 1 redirects ac-orlen.societeg.xyz
1 bv.ac-orleans-tours.fr pia.ac-orleans-tours.fr
19 3

This site contains no links.

Subject Issuer Validity Valid
ac-orlen.societeg.xyz
R3
2023-08-29 -
2023-11-27
3 months crt.sh
extranet.ac-orleans-tours.fr
GEANT OV RSA CA 4
2022-10-27 -
2023-10-27
a year crt.sh

This page contains 1 frames:

Primary Page: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Frame ID: 481E2ACA10775B6DD12147EA6F132DD2
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Authentification

Page URL History Show full URLs

  1. https://ac-orlen.societeg.xyz/ HTTP 302
    https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

1
Countries

509 kB
Transfer

508 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ac-orlen.societeg.xyz/ HTTP 302
    https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
ac-orlen.societeg.xyz/
Redirect Chain
  • https://ac-orlen.societeg.xyz/
  • https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%...
6 KB
2 KB
Document
General
Full URL
https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.86.72 , France, ASN16276 (OVH, FR),
Reverse DNS
ip72.ip-141-94-86.eu
Software
nginx / PHP/8.0.30 PleskLin
Resource Hash
cfce9170bd6b8821d1757ecb651c3c1b65a6df08d683ad225aef78855c897da3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 29 Aug 2023 12:40:25 GMT
server
nginx
x-powered-by
PHP/8.0.30 PleskLin

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 29 Aug 2023 12:40:25 GMT
location
./login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
server
nginx
x-powered-by
PHP/8.0.30 PleskLin
login.js
pia.ac-orleans-tours.fr/login/js/
2 KB
2 KB
Script
General
Full URL
https://pia.ac-orleans-tours.fr/login/js/login.js
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Fleury-les-Aubrais, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
294de875f49b66e79228470e78f8eb404021565fd467134223cd8f993cd75b1b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:40:25 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1613
jquery-1.12.0.min.js
pia.ac-orleans-tours.fr/login/js/
95 KB
95 KB
Script
General
Full URL
https://pia.ac-orleans-tours.fr/login/js/jquery-1.12.0.min.js
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Fleury-les-Aubrais, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:40:25 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
97362
style.css
pia.ac-orleans-tours.fr/login/style/
4 KB
4 KB
Stylesheet
General
Full URL
https://pia.ac-orleans-tours.fr/login/style/style.css
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Fleury-les-Aubrais, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
7485e692663acb8c2933fdae3d022bc1984a1a0528e0feb259c3ef2febc87f73

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:40:25 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
3854
responsive.css
pia.ac-orleans-tours.fr/login/style/
2 KB
3 KB
Stylesheet
General
Full URL
https://pia.ac-orleans-tours.fr/login/style/responsive.css
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Fleury-les-Aubrais, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
755f96082971f9e4765197cce7de89ea43eaa0d930deeb470a8efaff282541f5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:40:25 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2281
bandeau_gauche_national.jpg
ac-orlen.societeg.xyz/login_files/
25 KB
26 KB
Image
General
Full URL
https://ac-orlen.societeg.xyz/login_files/bandeau_gauche_national.jpg
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.86.72 , France, ASN16276 (OVH, FR),
Reverse DNS
ip72.ip-141-94-86.eu
Software
nginx / PleskLin
Resource Hash
a0e585b3324d091e9591fdfb631b2d81f69680a04c482e9d6b7d39e4eb6278cd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:40:25 GMT
last-modified
Tue, 29 Aug 2023 12:32:24 GMT
server
nginx
etag
"64ede558-655c"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
25948
portail_titre_accueil.gif
ac-orlen.societeg.xyz/login_files/
3 KB
3 KB
Image
General
Full URL
https://ac-orlen.societeg.xyz/login_files/portail_titre_accueil.gif
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.86.72 , France, ASN16276 (OVH, FR),
Reverse DNS
ip72.ip-141-94-86.eu
Software
nginx / PleskLin
Resource Hash
63ae340679d5af35ec862cc7cc430135ddb8b194f702e5505292c70a63a46d83

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:40:25 GMT
last-modified
Tue, 29 Aug 2023 12:32:22 GMT
server
nginx
etag
"64ede556-a23"
x-powered-by
PleskLin
content-type
image/gif
accept-ranges
bytes
content-length
2595
portail_titre_accueil_2l.gif
ac-orlen.societeg.xyz/login_files/
3 KB
3 KB
Image
General
Full URL
https://ac-orlen.societeg.xyz/login_files/portail_titre_accueil_2l.gif
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.86.72 , France, ASN16276 (OVH, FR),
Reverse DNS
ip72.ip-141-94-86.eu
Software
nginx / PleskLin
Resource Hash
df1a98d6ee3b9578353f14046cccfdd676066bd87d793b766f634a185761802e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:40:25 GMT
last-modified
Tue, 29 Aug 2023 12:32:25 GMT
server
nginx
etag
"64ede559-a57"
x-powered-by
PleskLin
content-type
image/gif
accept-ranges
bytes
content-length
2647
portail_titre2.gif
ac-orlen.societeg.xyz/login_files/
2 KB
2 KB
Image
General
Full URL
https://ac-orlen.societeg.xyz/login_files/portail_titre2.gif
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.86.72 , France, ASN16276 (OVH, FR),
Reverse DNS
ip72.ip-141-94-86.eu
Software
nginx / PleskLin
Resource Hash
09966d1a1a6a6e10d0b016ce71ad623aab78b78cf7c9bca140e72c4d60bc3e0b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:40:25 GMT
last-modified
Tue, 29 Aug 2023 12:32:22 GMT
server
nginx
etag
"64ede556-66a"
x-powered-by
PleskLin
content-type
image/gif
accept-ranges
bytes
content-length
1642
authentification-enh.css
pia.ac-orleans-tours.fr/fileadmin/
91 KB
91 KB
Stylesheet
General
Full URL
https://pia.ac-orleans-tours.fr/fileadmin/authentification-enh.css?ver=2
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Fleury-les-Aubrais, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache /
Resource Hash
a0fd8362192718e4a400a69744c521ba325d2668d2c384a5568226ef3073247a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:40:25 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Mon, 05 Jun 2023 14:08:15 GMT
Server
Apache
ETag
"16bec-5fd626f0beddc"
Content-Type
text/css
Cache-Control
max-age=1728000
Connection
close
Accept-Ranges
bytes
Content-Length
93164
Expires
Mon, 18 Sep 2023 12:40:25 GMT
apps-mire-pia-160x100.png
ac-orlen.societeg.xyz/login_files/
6 KB
6 KB
Image
General
Full URL
https://ac-orlen.societeg.xyz/login_files/apps-mire-pia-160x100.png
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.86.72 , France, ASN16276 (OVH, FR),
Reverse DNS
ip72.ip-141-94-86.eu
Software
nginx / PleskLin
Resource Hash
850e0414f841d0cf617aa9e383b55bda957e2f676e02eb4c3611633052c22e65

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:40:25 GMT
last-modified
Tue, 29 Aug 2023 12:32:25 GMT
server
nginx
etag
"64ede559-17e9"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
6121
apps-mire-sosidentifiant-160x100.png
ac-orlen.societeg.xyz/login_files/
22 KB
22 KB
Image
General
Full URL
https://ac-orlen.societeg.xyz/login_files/apps-mire-sosidentifiant-160x100.png
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.86.72 , France, ASN16276 (OVH, FR),
Reverse DNS
ip72.ip-141-94-86.eu
Software
nginx / PleskLin
Resource Hash
494dd2295cd4aec65f409c1ffb2dd16b927277db13e98054cce13c5a12ef0321

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:40:25 GMT
last-modified
Tue, 29 Aug 2023 12:32:21 GMT
server
nginx
etag
"64ede555-5817"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
22551
apps-mire-accesbloque-160x100.png
ac-orlen.societeg.xyz/login_files/
22 KB
22 KB
Image
General
Full URL
https://ac-orlen.societeg.xyz/login_files/apps-mire-accesbloque-160x100.png
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
141.94.86.72 , France, ASN16276 (OVH, FR),
Reverse DNS
ip72.ip-141-94-86.eu
Software
nginx / PleskLin
Resource Hash
4772ee017340730161f1bb054a9e62f213ea64a5549961a73bdebe7719b45cbb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:40:25 GMT
last-modified
Tue, 29 Aug 2023 12:32:22 GMT
server
nginx
etag
"64ede556-584f"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
22607
check_adresse.js
pia.ac-orleans-tours.fr/fileadmin/
1 KB
2 KB
Script
General
Full URL
https://pia.ac-orleans-tours.fr/fileadmin/check_adresse.js
Requested by
Host: ac-orlen.societeg.xyz
URL: https://ac-orlen.societeg.xyz/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Fleury-les-Aubrais, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache /
Resource Hash
258b3b16f1c346a5529b66678aa55938485b60ed9ad0117be6c1154df5eccc7b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ac-orlen.societeg.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:40:25 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Mon, 05 Jun 2023 13:38:56 GMT
Server
Apache
ETag
"4e1-5fd6206303c00"
Content-Type
text/javascript
Cache-Control
public
Connection
close
Accept-Ranges
bytes
Content-Length
1249
Expires
Mon, 18 Sep 2023 12:40:25 GMT
contour_bleu_vert_top_left.gif
pia.ac-orleans-tours.fr/login/images/
1 KB
1 KB
Image
General
Full URL
https://pia.ac-orleans-tours.fr/login/images/contour_bleu_vert_top_left.gif
Requested by
Host: pia.ac-orleans-tours.fr
URL: https://pia.ac-orleans-tours.fr/login/style/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Fleury-les-Aubrais, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
5b24b39536564664d3b3f8370c7f5eebdda366c5ea5ba7acee6a853e115fd4a7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pia.ac-orleans-tours.fr/login/style/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:40:25 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
1077
contour_bleu_vert_bottom_right.gif
pia.ac-orleans-tours.fr/login/images/
932 B
1 KB
Image
General
Full URL
https://pia.ac-orleans-tours.fr/login/images/contour_bleu_vert_bottom_right.gif
Requested by
Host: pia.ac-orleans-tours.fr
URL: https://pia.ac-orleans-tours.fr/login/style/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Fleury-les-Aubrais, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
8c81b6cbb3ca90d967cf811099e7636d47bb122d2950ecfcb9e56f0713aeadeb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pia.ac-orleans-tours.fr/login/style/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:40:25 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
932
icon-eye-open.png
pia.ac-orleans-tours.fr/login/images/
350 B
698 B
Image
General
Full URL
https://pia.ac-orleans-tours.fr/login/images/icon-eye-open.png
Requested by
Host: pia.ac-orleans-tours.fr
URL: https://pia.ac-orleans-tours.fr/login/style/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Fleury-les-Aubrais, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
0a69fbb4ccc6230aeb27572423f5f165af1e351d05aabeff1c0123cec77dfe34

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pia.ac-orleans-tours.fr/login/style/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:40:25 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
350
bandeau_gauche_national.jpg
pia.ac-orleans-tours.fr/fileadmin/
41 KB
42 KB
Image
General
Full URL
https://pia.ac-orleans-tours.fr/fileadmin/bandeau_gauche_national.jpg
Requested by
Host: pia.ac-orleans-tours.fr
URL: https://pia.ac-orleans-tours.fr/fileadmin/authentification-enh.css?ver=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Fleury-les-Aubrais, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache /
Resource Hash
f8c866c01cb65fe061f4d9e74466bfc290ae8e58467c6f2cea6f81f9631360a0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pia.ac-orleans-tours.fr/fileadmin/authentification-enh.css?ver=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:40:25 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Tue, 23 Nov 2021 14:02:30 GMT
Server
Apache
ETag
"a48e-5d175313563c5"
Content-Type
image/jpeg
Cache-Control
public
Connection
close
Accept-Ranges
bytes
Content-Length
42126
Expires
Mon, 18 Sep 2023 12:40:25 GMT
acad.svg
bv.ac-orleans-tours.fr/identite_graphique/api/logos/
115 KB
116 KB
Image
General
Full URL
https://bv.ac-orleans-tours.fr/identite_graphique/api/logos/acad.svg
Requested by
Host: pia.ac-orleans-tours.fr
URL: https://pia.ac-orleans-tours.fr/fileadmin/authentification-enh.css?ver=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.99 Fleury-les-Aubrais, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
bv.ac-orleans-tours.fr
Software
Apache/2.4.34 (Red Hat) PHP/7.1.30 / PHP/7.1.30
Resource Hash
857c510fe50c1965548d7229b8227eba83b9bcbc0cc05731ed48224862e8519f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pia.ac-orleans-tours.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Tue, 29 Aug 2023 12:40:25 GMT
Last-Modified
Sat, 10 Jul 2021 06:28:32 GMT
Server
Apache/2.4.34 (Red Hat) PHP/7.1.30
X-Powered-By
PHP/7.1.30
Content-Type
image/svg+xml
Cache-Control
max-age=3000, public
Content-Disposition
inline; filename="acad-1010(83.9)-80-fbd2f0c1dd-.svg"
Connection
close
Accept-Ranges
bytes
Content-Length
117958
truncated
/
66 KB
66 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3739cd73049361473bb02e1037b6a02581a65cc7f8ff264c20ba7590214ad6b1

Request headers

Referer
Origin
https://ac-orlen.societeg.xyz
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
application/x-font-otf

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| getFocus function| startup function| isIE function| $ function| jQuery undefined| str

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ac-orlen.societeg.xyz
bv.ac-orleans-tours.fr
pia.ac-orleans-tours.fr
141.94.86.72
195.83.89.163
195.83.89.99
09966d1a1a6a6e10d0b016ce71ad623aab78b78cf7c9bca140e72c4d60bc3e0b
0a69fbb4ccc6230aeb27572423f5f165af1e351d05aabeff1c0123cec77dfe34
258b3b16f1c346a5529b66678aa55938485b60ed9ad0117be6c1154df5eccc7b
294de875f49b66e79228470e78f8eb404021565fd467134223cd8f993cd75b1b
3739cd73049361473bb02e1037b6a02581a65cc7f8ff264c20ba7590214ad6b1
4772ee017340730161f1bb054a9e62f213ea64a5549961a73bdebe7719b45cbb
494dd2295cd4aec65f409c1ffb2dd16b927277db13e98054cce13c5a12ef0321
5b24b39536564664d3b3f8370c7f5eebdda366c5ea5ba7acee6a853e115fd4a7
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
63ae340679d5af35ec862cc7cc430135ddb8b194f702e5505292c70a63a46d83
7485e692663acb8c2933fdae3d022bc1984a1a0528e0feb259c3ef2febc87f73
755f96082971f9e4765197cce7de89ea43eaa0d930deeb470a8efaff282541f5
850e0414f841d0cf617aa9e383b55bda957e2f676e02eb4c3611633052c22e65
857c510fe50c1965548d7229b8227eba83b9bcbc0cc05731ed48224862e8519f
8c81b6cbb3ca90d967cf811099e7636d47bb122d2950ecfcb9e56f0713aeadeb
a0e585b3324d091e9591fdfb631b2d81f69680a04c482e9d6b7d39e4eb6278cd
a0fd8362192718e4a400a69744c521ba325d2668d2c384a5568226ef3073247a
cfce9170bd6b8821d1757ecb651c3c1b65a6df08d683ad225aef78855c897da3
df1a98d6ee3b9578353f14046cccfdd676066bd87d793b766f634a185761802e
f8c866c01cb65fe061f4d9e74466bfc290ae8e58467c6f2cea6f81f9631360a0