orange-actionnariatsalarie.vote.voxaly.com
Open in
urlscan Pro
194.5.119.129
Malicious Activity!
Public Scan
URL:
https://orange-actionnariatsalarie.vote.voxaly.com/pages/identification
Submission: On December 04 via manual from FR — Scanned from FR
Submission: On December 04 via manual from FR — Scanned from FR
Summary
This website contacted 1 IPs
in 1 countries
across 1 domains to perform 15 HTTP transactions.
The main IP is 194.5.119.129, located in
France and
belongs to EXPERIAN DOCAPOST BPO SAS, FR.
The main domain is orange-actionnariatsalarie.vote.voxaly.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 28th 2023. Valid for: a year.
This is the only time orange-actionnariatsalarie.vote.voxaly.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 28th 2023. Valid for: a year.
This is the only time orange-actionnariatsalarie.vote.voxaly.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Orange (Telecommunication)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 15 | 194.5.119.129 194.5.119.129 | 3259 (EXPERIAN ...) (EXPERIAN DOCAPOST BPO SAS) | |
| 15 | 1 |
15
194.5.119.129
(France)
ASN3259 (EXPERIAN DOCAPOST BPO SAS, FR)
ASN3259 (EXPERIAN DOCAPOST BPO SAS, FR)
| orange-actionnariatsalarie.vote.voxaly.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
voxaly.com
orange-actionnariatsalarie.vote.voxaly.com |
689 KB |
| 15 | 1 |
| Domain | Requested by | |
|---|---|---|
| 15 | orange-actionnariatsalarie.vote.voxaly.com |
orange-actionnariatsalarie.vote.voxaly.com
|
| 15 | 1 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.voxaly.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.vote.voxaly.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-28 - 2025-01-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://orange-actionnariatsalarie.vote.voxaly.com/pages/identification
Frame ID: 09A0EED634720F3C6D0B25E7DA874C60
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Le scrutin n'est pas encore ouvert. - operation84328.nomPage Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.voxaly.com/
Title: © 2024 VOXALY
Title: © 2024 VOXALY
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
identification
orange-actionnariatsalarie.vote.voxaly.com/pages/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.bundle.js
orange-actionnariatsalarie.vote.voxaly.com/pages/includes/dist/election/ |
1 MB 317 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendors.bundle.js
orange-actionnariatsalarie.vote.voxaly.com/pages/includes/dist/election/ |
358 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
verifiabilite.bundle.js
orange-actionnariatsalarie.vote.voxaly.com/pages/includes/dist/election/ |
45 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
forge.min.js
orange-actionnariatsalarie.vote.voxaly.com/pages/includes/libs/forge-7.1/ |
265 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
vendors.style.css
orange-actionnariatsalarie.vote.voxaly.com/pages/includes/dist/election/ |
41 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
election.css
orange-actionnariatsalarie.vote.voxaly.com/pages/includes/election/css/ |
72 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.style.css
orange-actionnariatsalarie.vote.voxaly.com/pages/includes/dist/election/ |
102 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
data
orange-actionnariatsalarie.vote.voxaly.com/pages/parameters/ |
3 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.png
orange-actionnariatsalarie.vote.voxaly.com/pages/includes/commun/images/ |
789 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
orange-actionnariatsalarie.vote.voxaly.com/pages/includes/election/fonts/ |
100 KB 101 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.png
orange-actionnariatsalarie.vote.voxaly.com/pages/includes/election/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo_haut_droite.png
orange-actionnariatsalarie.vote.voxaly.com/pages/includes/election/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
temoin
orange-actionnariatsalarie.vote.voxaly.com/pages/rest/ |
254 B 792 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
data
orange-actionnariatsalarie.vote.voxaly.com/pages/rest/identification/ |
16 KB 16 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Orange (Telecommunication)215 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| bdc_react_settings number| 2f1acc6c3a606b082e5eef5e54414ffb object| __localeData__ object| regeneratorRuntime function| $ function| jQuery number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP number| rr number| vv string| BI_RM object| BI_RC function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| bnClone function| bnIntValue function| bnByteValue function| bnShortValue function| bnpChunkSize function| bnSigNum function| bnpToRadix function| bnpFromRadix function| bnpFromNumber function| bnToByteArray function| bnEquals function| bnMin function| bnMax function| bnpBitwiseTo function| op_and function| bnAnd function| op_or function| bnOr function| op_xor function| bnXor function| op_andnot function| bnAndNot function| bnNot function| bnShiftLeft function| bnShiftRight function| lbit function| bnGetLowestSetBit function| cbit function| bnBitCount function| bnTestBit function| bnpChangeBit function| bnSetBit function| bnClearBit function| bnFlipBit function| bnpAddTo function| bnAdd function| bnSubtract function| bnMultiply function| bnSquare function| bnDivide function| bnRemainder function| bnDivideAndRemainder function| bnpDMultiply function| bnpDAddOffset function| NullExp function| nNop function| nMulTo function| nSqrTo function| bnPow function| bnpMultiplyLowerTo function| bnpMultiplyUpperTo function| Barrett function| barrettConvert function| barrettRevert function| barrettReduce function| barrettSqrTo function| barrettMulTo function| bnModPow function| bnGCD function| bnpModInt function| bnModInverse object| lowprimes number| lplim function| bnIsProbablePrime function| bnpMillerRabin function| Arcfour function| ARC4init function| ARC4next function| prng_newstate object| rng_pool number| rng_pptr number| rng_psize function| rng_seed_int function| rng_seed_time number| t object| cryptoObj object| ua function| rng_get_byte function| rng_get_bytes function| SecureRandom function| X9ECParameters function| x9getCurve function| x9getG function| x9getN function| x9getH function| fromHex function| secp128r1 function| secp160k1 function| secp160r1 function| secp192k1 function| secp192r1 function| secp224r1 function| secp256r1 function| getSECCurveByName function| ECFieldElementFp function| feFpEquals function| feFpToBigInteger function| feFpNegate function| feFpAdd function| feFpSubtract function| feFpMultiply function| feFpSquare function| feFpDivide function| ECPointFp function| pointFpGetX function| pointFpGetY function| pointFpEquals function| pointFpIsInfinity function| pointFpNegate function| pointFpAdd function| pointFpTwice function| pointFpMultiply function| pointFpMultiplyTwo function| ECCurveFp function| curveFpGetQ function| curveFpGetA function| curveFpGetB function| curveFpEquals function| curveFpGetInfinity function| curveFpFromBigInteger function| curveReduce function| curveFpDecodePointHex function| curveFpEncodePointHex function| _createClass function| _classCallCheck function| hash function| pick_rand function| publickey function| PointtoHex function| HextoPoint function| string_to_bigint function| bigint_to_string function| string_to_point function| point_to_string function| EGciphertext function| CtxttoHex function| HextoCtxt function| CtxtArraytoHex function| HextoCtxtArray function| encrypt function| CDHverify function| EGdecryptverify function| DLverify function| Schnorrverify function| loadPublicKey function| encryptMessage function| compressChoix function| makeString function| strRepeat function| isBlank function| pad function| lpad function| chars function| splice function| insert function| sha256 function| sha224 object| forge2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| orange-actionnariatsalarie.vote.voxaly.com/ | Name: XSRF-TOKEN Value: f402ccd3-d51a-4e5f-bf4c-15d99880220a |
|
| orange-actionnariatsalarie.vote.voxaly.com/ | Name: JSESSIONID Value: 1E8A886CD5CA713A003BF1EF1CFFDC87 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 ; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
orange-actionnariatsalarie.vote.voxaly.com
194.5.119.129
051f867b53b49d92947ee76a005aceefa85ef709c9506a2d5ef02091f9cae2c5
08ba91e5edc942ae459f6b304be0f0734a94bcf76c529824b734ee83e0d0d764
0b009d79a92ee243f93c158495ffa2e3ed60ca3fe001c46bd6b8e052780f723f
369fc2b09d9311f7bf5338a8b43637a35da14a17bac71feea722e05fdbff8d26
56c058dcbe2708a1c62f55020a5340c896c048e70f752e306d2cd1b5059c35c7
6939a4b261a1316fd4caec9abbb60fb42325811e7dd58740224ef8c0a468bc35
82fb6b4dc7333d2dcad1bcf56bb5937b67db6511b2ae518c424e461092a24771
8c9d2628f4c1743e84d0e5e4b03254e1477bffda21dba263b7d7c59e3dd6dfe9
8dbed6c67e2f777311fabd262fc039d019f3ff8a7a0915dec1ebf376a63f15b8
9598d6ad913e24f551fdc2e06e4faef501cadf8c109077149c521a4dc5994c5e
9ee528fae3270a18f9ef02e08baa054b2a428d449190346a68afefeb047fa6a6
b36e8ca10880ffc8a3903cd991589fbbe8aa75cbff6315f475be1ed0e9bda472
be1be432433ade19a41e61e91c707fe25dcc581915826cad24cb8a9a8613c71e
cae78177f6724909365f9a9ad86f441779d4cb5e0bf7ed631dd1292fc39491e1
db27a061ee2dfd99fe50b5ca3d63ada543af8c2db3918429df1b320184dc0e7a