urlscan.io logo urlscan.io
SecurityTrails logo

pia-accademie.clients-cr-agri.pro Open in urlscan Pro
188.114.96.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://imsva91-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fpia%2daccademie.clients%2dcr%2dagri.pro&umid=EBDA1F5D-1...
Effective URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2...
Submission: On June 28 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 20 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is pia-accademie.clients-cr-agri.pro.
TLS certificate: Issued by WE1 on June 25th 2024. Valid for: 3 months.
This is the only time pia-accademie.clients-cr-agri.pro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious1 votes Show Verdicts

Domain & IP information

IP Address AS Autonomous System
1 1 35.81.174.242 16509 (AMAZON-02)
2 13 188.114.96.3 13335 (CLOUDFLAR...)
8 195.83.89.163 2200 (FR-RENATE...)
1 195.83.89.99 2200 (FR-RENATE...)
20 3
1    35.81.174.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-174-242.us-west-2.compute.amazonaws.com
imsva91-ctp.trendmicro.com
13    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
pia-accademie.clients-cr-agri.pro
8    195.83.89.163 (Orléans, France)

ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR)
PTR: vip-163.ac-orleans-tours.fr
pia.ac-orleans-tours.fr
1    195.83.89.99 (Orléans, France)

ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR)
bv.ac-orleans-tours.fr
Domain Requested by
13 pia-accademie.clients-cr-agri.pro 2 redirects pia-accademie.clients-cr-agri.pro
8 pia.ac-orleans-tours.fr pia-accademie.clients-cr-agri.pro
pia.ac-orleans-tours.fr
1 bv.ac-orleans-tours.fr
1 imsva91-ctp.trendmicro.com 1 redirects
20 4

This site contains no links.

Subject Issuer Validity Valid
clients-cr-agri.pro
WE1		 2024-06-25 -
2024-09-23		 3 months crt.sh
extranet.ac-orleans-tours.fr
GEANT OV RSA CA 4		 2024-02-21 -
2025-02-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Frame ID: F6BC72E3E0DDFD0BE553CCD37DD84AAA
Requests: 18 HTTP requests in this frame

Frame: https://pia-accademie.clients-cr-agri.pro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Frame ID: 23D62CCF03F7AD66E5B61C767D921042
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Authentification

Page URL History Show full URLs

  1. https://imsva91-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fpia%2daccademie.clients%2dcr%2dagri... HTTP 302
    https://pia-accademie.clients-cr-agri.pro/ HTTP 302
    https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

214 kB
Transfer

214 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://imsva91-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fpia%2daccademie.clients%2dcr%2dagri.pro&umid=EBDA1F5D-1BEC-1606-BD60-0D1A8C7ABFA5&auth=b2e75a85dac1d6c2329f45d980d65bc87d967b19-08a5f4147df75d10d53aa3a14e769997f69d72f7 HTTP 302
    https://pia-accademie.clients-cr-agri.pro/ HTTP 302
    https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://pia-accademie.clients-cr-agri.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://pia-accademie.clients-cr-agri.pro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
pia-accademie.clients-cr-agri.pro/
Redirect Chain
  • https://imsva91-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fpia%2daccademie.clients%2dcr%2dagri.pro&umid=EBDA1F5D-1BEC-1606-BD60-0D1A8C7ABFA5&auth=b2e75a85dac1d6c2329f45d980d65bc87d...
  • https://pia-accademie.clients-cr-agri.pro/
  • https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=...
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.29
Resource Hash
6000a76a34b3aa8b167a704b416b2e41e604ca2f5fb629c5d6eab3907b07e8c4

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89aca18a2a259ef4-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 28 Jun 2024 09:25:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXhtaiCTYlAlJIeLA0xOysT3qGSDvE9KHjJ3cBdLgQb3IR5oqyuJpLWZ%2BSy3oNLj4SVCIG%2BGn1JFro7dHsXYNTGPha%2FLUds75dzB%2FQm8hiTv%2FH1iSvKnGpTRuuvtEW5%2B3oLn%2BdoaN7REq2QK5XfXNRpyIAA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.1.29

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89aca188b8a59ef4-CDG
content-type
text/html; charset=UTF-8
date
Fri, 28 Jun 2024 09:25:42 GMT
location
./login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=alQSb7BziDHf%2BwOrnN2UOHzoWGXXpLHDvQjByfoiRge%2Boh1BsiNqbxTsxB2SfOAmipw8fO411hnY53PLM8c92dWH6MzcA5Ui%2Bmdlj2UdVTwkQVh3jWIZVLbl7tl2Tr7MwZdMdYw6vdkO7GI0RRBDtrwcH6o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.1.29
login.js
pia.ac-orleans-tours.fr/login/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pia.ac-orleans-tours.fr/login/js/login.js
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Orléans, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
294de875f49b66e79228470e78f8eb404021565fd467134223cd8f993cd75b1b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 09:25:42 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1613
jquery-1.12.0.min.js
pia.ac-orleans-tours.fr/login/js/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pia.ac-orleans-tours.fr/login/js/jquery-1.12.0.min.js
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Orléans, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 09:25:42 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
97362
style.css
pia.ac-orleans-tours.fr/login/style/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pia.ac-orleans-tours.fr/login/style/style.css
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Orléans, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
7485e692663acb8c2933fdae3d022bc1984a1a0528e0feb259c3ef2febc87f73

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 09:25:42 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
3854
responsive.css
pia.ac-orleans-tours.fr/login/style/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pia.ac-orleans-tours.fr/login/style/responsive.css
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Orléans, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
755f96082971f9e4765197cce7de89ea43eaa0d930deeb470a8efaff282541f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 09:25:42 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
2281
bandeau_gauche_national.jpg
pia-accademie.clients-cr-agri.pro/login_files/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pia-accademie.clients-cr-agri.pro/login_files/bandeau_gauche_national.jpg
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e585b3324d091e9591fdfb631b2d81f69680a04c482e9d6b7d39e4eb6278cd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:25:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
101479
alt-svc
h3=":443"; ma=86400
content-length
25948
last-modified
Thu, 27 Jun 2024 05:13:32 GMT
server
cloudflare
etag
"667cf4fc-655c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zb4XVbZEwFJQ0ooXkam4LvL%2BTrcy%2B1IJhZAqsgTXNv2DGxPs%2BG8apRx338UxA%2F37aEpJHzzLWNtQAAsBlRHaZvZ8wUE%2FDbbUfJJWp1cX2%2FSF4ooq8QvxvmzRUodnYbZR%2F7gBGNrgbs%2Fv9T2Nx%2FEsUEdPHdw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89aca18afb049ef4-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
portail_titre_accueil.gif
pia-accademie.clients-cr-agri.pro/login_files/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pia-accademie.clients-cr-agri.pro/login_files/portail_titre_accueil.gif
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ae340679d5af35ec862cc7cc430135ddb8b194f702e5505292c70a63a46d83

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:25:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
101479
alt-svc
h3=":443"; ma=86400
content-length
2595
last-modified
Thu, 27 Jun 2024 05:13:31 GMT
server
cloudflare
etag
"667cf4fb-a23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DN0YYlMZZ8Jth0LmWA8X8ttLixRctU4j5s%2BEDs%2FFcv6FTWHr7g6NJH1S0AHaOvZ08D1sIjO3DuZEhcMTpKMNSYkEO0y7%2Buz2RmXAVC3Cyye8W3fpxyBxqT%2Fc8oWkPSO2e1aHDBUt7W6DI2pq%2BZj8cgTPzy0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89aca18afb059ef4-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
portail_titre_accueil_2l.gif
pia-accademie.clients-cr-agri.pro/login_files/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pia-accademie.clients-cr-agri.pro/login_files/portail_titre_accueil_2l.gif
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df1a98d6ee3b9578353f14046cccfdd676066bd87d793b766f634a185761802e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:25:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
101479
alt-svc
h3=":443"; ma=86400
content-length
2647
last-modified
Thu, 27 Jun 2024 05:13:34 GMT
server
cloudflare
etag
"667cf4fe-a57"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oqb8trBnZqgRVh7%2BRoYouySCy1s5XfHbXvw8GtAbeSv8Rd1Dq8pGSuu5I272btnkkqkD%2Bl3q%2BrDUMG7rAK8YHclxINygdmRiq89%2FiJrLGv2YAmOwss5lgqevvrfKxOWgDRTdViO2OOtZEbpXNK5qI58pWqE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89aca18b5b429ef4-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
portail_titre2.gif
pia-accademie.clients-cr-agri.pro/login_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pia-accademie.clients-cr-agri.pro/login_files/portail_titre2.gif
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09966d1a1a6a6e10d0b016ce71ad623aab78b78cf7c9bca140e72c4d60bc3e0b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:25:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
101479
alt-svc
h3=":443"; ma=86400
content-length
1642
last-modified
Thu, 27 Jun 2024 05:13:31 GMT
server
cloudflare
etag
"667cf4fb-66a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCa%2BNRett10ofIuS0lCCbH9xvjAMyO26A%2Bde9tLHQI4giqey%2FmyONeoWg%2F1duQGoOdTBIdb9JzTk%2FQxXKwjO7Uztp8B2e%2FdZGqbkOiSPf9fQqe4ArxNM7lz0wUraHJ2UOzr7pUTaYAubZTGrCaiLiRQGgl0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89aca18b5b459ef4-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
authentification-enh.css
pia-accademie.clients-cr-agri.pro/flogin_files/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pia-accademie.clients-cr-agri.pro/flogin_files/authentification-enh.css?ver=2
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:25:42 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
164
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1h9WHDCCw1G2XLdk%2BdfsRMtOyOZHAxC%2BC1kJyyXWzu%2BoLrmVTf1r5ErY0cLspertZ5UtbyORqq8jASRG8fyNtnyACJpt1rFuC4BBKo9fs0X8siHHess7QRYs4HcVsHN6Ga2%2Bcchfko9s1ARJ3B4gpS6rvYE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89aca18b8b689ef4-CDG
alt-svc
h3=":443"; ma=86400
apps-mire-pia-160x100.png
pia-accademie.clients-cr-agri.pro/login_files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pia-accademie.clients-cr-agri.pro/login_files/apps-mire-pia-160x100.png
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850e0414f841d0cf617aa9e383b55bda957e2f676e02eb4c3611633052c22e65

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:25:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15987
alt-svc
h3=":443"; ma=86400
content-length
6121
last-modified
Thu, 27 Jun 2024 05:13:33 GMT
server
cloudflare
etag
"667cf4fd-17e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OO7ce2E7ecP8lu3Gx8234ppThc91sI5K3zCxWTNohRb1LaQm%2FXgpExXKAyebPUu0wPBE36LsaP9owaouIBdfZBApJFpcT1e4g%2BNPVOz0vEZ1iaaVhT9L2VVxSP8YFmaigk6Kbm27BpIFZd9O%2FzZUnYwDRbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89aca18b9b779ef4-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
apps-mire-sosidentifiant-160x100.png
pia-accademie.clients-cr-agri.pro/login_files/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pia-accademie.clients-cr-agri.pro/login_files/apps-mire-sosidentifiant-160x100.png
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494dd2295cd4aec65f409c1ffb2dd16b927277db13e98054cce13c5a12ef0321

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:25:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
101478
alt-svc
h3=":443"; ma=86400
content-length
22551
last-modified
Thu, 27 Jun 2024 05:13:29 GMT
server
cloudflare
etag
"667cf4f9-5817"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AeQJ9Vph8xnCfWEDQm2sU69mwYfOp1uUx7W3LYqdw%2BBw4COtzSFZQ6KE7AW3PSTTeZTDErl2xJJXNZCtMixBvVSrKQYtGhLHhZM7NGH6QqAroEIuxcnv4FJsku4w8w7JMdm6XN9vCduYUILLbWSSiYQ1nTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89aca18c7c419ef4-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
apps-mire-accesbloque-160x100.png
pia-accademie.clients-cr-agri.pro/login_files/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pia-accademie.clients-cr-agri.pro/login_files/apps-mire-accesbloque-160x100.png
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4772ee017340730161f1bb054a9e62f213ea64a5549961a73bdebe7719b45cbb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 09:25:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
101478
alt-svc
h3=":443"; ma=86400
content-length
22607
last-modified
Thu, 27 Jun 2024 05:13:30 GMT
server
cloudflare
etag
"667cf4fa-584f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLJXOoTfp9ScBiUXxrbOm9DOiRLe%2FPhJK8yuH%2BoisMQbIIJ0toUJL996a7oJTxqsVqzeey0W7rLG5qPr1xXyyMufTzpJvvBEzBasrkGgw5hbGy8sV4YkvhaL0PdDSiY%2BKoAmBC7d6G65BtfLyy3%2F0fNqcNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89aca18cbc739ef4-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
check_adresse.js
pia.ac-orleans-tours.fr/fileadmin/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pia.ac-orleans-tours.fr/fileadmin/check_adresse.js
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Orléans, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache /
Resource Hash
aea828876559677665a8115d6de8c58f009a7fa04c87e89fc0eeede67c31b159

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 09:25:42 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Thu, 28 Mar 2024 10:05:35 GMT
Server
Apache
ETag
"4e5-614b5aa15bf43"
Content-Type
text/javascript
Cache-Control
public
Connection
close
Accept-Ranges
bytes
Content-Length
1253
Expires
Thu, 18 Jul 2024 09:25:42 GMT
contour_bleu_vert_top_left.gif
pia.ac-orleans-tours.fr/login/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pia.ac-orleans-tours.fr/login/images/contour_bleu_vert_top_left.gif
Requested by
Host: pia.ac-orleans-tours.fr
URL: https://pia.ac-orleans-tours.fr/login/style/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Orléans, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
5b24b39536564664d3b3f8370c7f5eebdda366c5ea5ba7acee6a853e115fd4a7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia.ac-orleans-tours.fr/login/style/style.css
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 09:25:42 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
1077
contour_bleu_vert_bottom_right.gif
pia.ac-orleans-tours.fr/login/images/ 		932 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pia.ac-orleans-tours.fr/login/images/contour_bleu_vert_bottom_right.gif
Requested by
Host: pia.ac-orleans-tours.fr
URL: https://pia.ac-orleans-tours.fr/login/style/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Orléans, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
8c81b6cbb3ca90d967cf811099e7636d47bb122d2950ecfcb9e56f0713aeadeb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia.ac-orleans-tours.fr/login/style/style.css
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 09:25:42 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
932
icon-eye-open.png
pia.ac-orleans-tours.fr/login/images/ 		350 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pia.ac-orleans-tours.fr/login/images/icon-eye-open.png
Requested by
Host: pia.ac-orleans-tours.fr
URL: https://pia.ac-orleans-tours.fr/login/style/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.163 Orléans, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
vip-163.ac-orleans-tours.fr
Software
Apache / Servlet/2.5 JSP/2.1
Resource Hash
0a69fbb4ccc6230aeb27572423f5f165af1e351d05aabeff1c0123cec77dfe34

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia.ac-orleans-tours.fr/login/style/style.css
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 09:25:42 GMT
WWW-Authenticate
Basic realm="CT"
Last-Modified
Fri, 10 Feb 2017 14:38:00 GMT
Server
Apache
X-Powered-By
Servlet/2.5 JSP/2.1
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
350
main.js
pia-accademie.clients-cr-agri.pro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/ Frame 23D6
Redirect Chain
  • https://pia-accademie.clients-cr-agri.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://pia-accademie.clients-cr-agri.pro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pia-accademie.clients-cr-agri.pro/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da750e99cc4663d1b2b150d41c53598c8afa584a3d2ab0d45f8ba11777906b01
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 28 Jun 2024 09:25:42 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aVR4s%2F%2BAk70V3kUQnm8xh8%2F3oLt90SD6cHLzf3QKriomEB%2BFIxET0hPsYI1VtvP02ksk670Stb62Gw9RfipJOC9kKyxSMQNET4RgFPqHqAKRtMmEuqj9ztI89E%2F3%2FT5LdD9Gj6tsMHqfo1QIZ%2BTh7kl5JnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
89aca18dad249ef4-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 28 Jun 2024 09:25:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5K7XPtzOdqdl58cHvz2LYC7ep8Jp%2BIAa3RQ7CkCgb9hNSfeisAuAZoB5dKWl3i4lblwZQEiM%2BTWkTq2ZXxEk0Z8mr2PRGruQ4BeoPdQTR1m%2F270pBDL5b%2FC4z7SXaxDzidL7tYQlD2WAmpzrt5fE9fkxT8%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
89aca18d7d049ef4-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
bv.ac-orleans-tours.fr/sos_identifiant/ 		11 KB
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bv.ac-orleans-tours.fr/sos_identifiant/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.83.89.99 Orléans, France, ASN2200 (FR-RENATER Reseau National de telecommunications pour la Technologie, FR),
Reverse DNS
Software
Apache/2.4.34 (Red Hat) PHP/7.1.30 /
Resource Hash
910b98e8ff825a7e4e242eef351f55bb64ca19232eb09c3f3d1dbf99669d03bd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pia-accademie.clients-cr-agri.pro/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 28 Jun 2024 09:25:42 GMT
Last-Modified
Wed, 26 Aug 2020 08:11:30 GMT
Server
Apache/2.4.34 (Red Hat) PHP/7.1.30
ETag
"2cee-5adc35df9442a"
Content-Type
image/vnd.microsoft.icon
Cache-Control
max-age=1209600
Connection
close
Accept-Ranges
bytes
Content-Length
11502
Expires
Fri, 12 Jul 2024 09:25:42 GMT
89aca18a2a259ef4
pia-accademie.clients-cr-agri.pro/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 23D6 		0
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pia-accademie.clients-cr-agri.pro/cdn-cgi/challenge-platform/h/b/jsd/r/89aca18a2a259ef4
Requested by
Host: pia-accademie.clients-cr-agri.pro
URL: https://pia-accademie.clients-cr-agri.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 28 Jun 2024 09:25:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g6s6twyoah%2BOeWo60IILAHVuPFS3zC257H4TVeewnZu9hNtB21LRDoR4gmxEnYxfeNJph0B6MSorksqMst0QwzNSKpN0ngZjuwKX398cklIT2oiWJAn89f7kEr0yZXB4B14fV%2F8Sf9N2MGUTsXG5I6j5eEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
89aca18e2d7d9ef4-CDG
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

Malicious page.domain
Submitted on June 28th 2024, 9:27:54 am UTC — From France

Threats: Phishing
Comment: Phishing site targeting French Education Administration

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| getFocus function| startup function| isIE function| $ function| jQuery undefined| str

1 Cookies

Domain/Path Name / Value
.clients-cr-agri.pro/ Name: cf_clearance
Value: GmDmEDznxU6AM870oovum_29bz9i3fg.RmST8fDDHjI-1719566742-1.0.1.1-CHMwYRp4xppfNr4kmdOaCcD1mOoXfv2K1sc0Q47a69A3sBXaTg398HshBpLxEqo82xqJlppPpBZ_32fsOgaQnA

2 Console Messages

Source Level URL
Text
network error URL: https://pia-accademie.clients-cr-agri.pro/flogin_files/authentification-enh.css?ver=2
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation warning URL: https://pia-accademie.clients-cr-agri.pro/login.php?CTLoginErrorMsg=Identifiant%20ou%20mot%20de%20passe%20incorrect&CT_ORIG_URL=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F&ct_orig_uri=https%3A%2F%2Fpia.ac-orleans-tours.fr%3A443%2Fprotege%2F
Message:
[DOM] Found 2 elements with non-unique id #user: (More info: https://goo.gl/9p2vKq) %o %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bv.ac-orleans-tours.fr
imsva91-ctp.trendmicro.com
pia-accademie.clients-cr-agri.pro
pia.ac-orleans-tours.fr
188.114.96.3
195.83.89.163
195.83.89.99
35.81.174.242
09966d1a1a6a6e10d0b016ce71ad623aab78b78cf7c9bca140e72c4d60bc3e0b
0a69fbb4ccc6230aeb27572423f5f165af1e351d05aabeff1c0123cec77dfe34
294de875f49b66e79228470e78f8eb404021565fd467134223cd8f993cd75b1b
4772ee017340730161f1bb054a9e62f213ea64a5549961a73bdebe7719b45cbb
494dd2295cd4aec65f409c1ffb2dd16b927277db13e98054cce13c5a12ef0321
5b24b39536564664d3b3f8370c7f5eebdda366c5ea5ba7acee6a853e115fd4a7
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
6000a76a34b3aa8b167a704b416b2e41e604ca2f5fb629c5d6eab3907b07e8c4
63ae340679d5af35ec862cc7cc430135ddb8b194f702e5505292c70a63a46d83
7485e692663acb8c2933fdae3d022bc1984a1a0528e0feb259c3ef2febc87f73
755f96082971f9e4765197cce7de89ea43eaa0d930deeb470a8efaff282541f5
850e0414f841d0cf617aa9e383b55bda957e2f676e02eb4c3611633052c22e65
8c81b6cbb3ca90d967cf811099e7636d47bb122d2950ecfcb9e56f0713aeadeb
910b98e8ff825a7e4e242eef351f55bb64ca19232eb09c3f3d1dbf99669d03bd
a0e585b3324d091e9591fdfb631b2d81f69680a04c482e9d6b7d39e4eb6278cd
aea828876559677665a8115d6de8c58f009a7fa04c87e89fc0eeede67c31b159
da750e99cc4663d1b2b150d41c53598c8afa584a3d2ab0d45f8ba11777906b01
df1a98d6ee3b9578353f14046cccfdd676066bd87d793b766f634a185761802e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855