orange-8a1999.ingress-erytho.easywp.com Open in urlscan Pro
63.250.43.132  Malicious Activity! Public Scan

Submitted URL: https://bit.ly/3cF8vNa
Effective URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Submission: On June 15 via automatic, source phishtank

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 63.250.43.132, located in United States and belongs to NAMECHEAP-NET, US. The main domain is orange-8a1999.ingress-erytho.easywp.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 5th 2021. Valid for: a year.
This is the only time orange-8a1999.ingress-erytho.easywp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Orange (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
3 13 63.250.43.132 22612 (NAMECHEAP...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.111.241.117 16625 (AKAMAI-AS)
4 99.83.210.18 16509 (AMAZON-02)
16 4
Domain Requested by
13 orange-8a1999.ingress-erytho.easywp.com 3 redirects orange-8a1999.ingress-erytho.easywp.com
2 sdk.follow-apps.com orange-8a1999.ingress-erytho.easywp.com
2 auth.follow-apps.com orange-8a1999.ingress-erytho.easywp.com
1 www.orangebank.fr orange-8a1999.ingress-erytho.easywp.com
1 fonts.googleapis.com orange-8a1999.ingress-erytho.easywp.com
1 bit.ly 1 redirects
16 6
Subject Issuer Validity Valid
*.ingress-erytho.easywp.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-05 -
2022-05-05
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-17 -
2021-08-09
3 months crt.sh
www.orangebank.fr
DigiCert SHA2 Extended Validation Server CA
2021-03-12 -
2022-04-11
a year crt.sh
*.follow-apps.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh

This page contains 1 frames:

Primary Page: https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Frame ID: A57A302B0FEBF25C701F0EF58339AE3E
Requests: 14 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://bit.ly/3cF8vNa HTTP 301
    http://orange-8a1999.ingress-erytho.easywp.com/orange HTTP 301
    https://orange-8a1999.ingress-erytho.easywp.com/orange HTTP 301
    http://orange-8a1999.ingress-erytho.easywp.com/orange/ HTTP 307
    https://orange-8a1999.ingress-erytho.easywp.com/orange/ HTTP 302
    https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

16
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

487 kB
Transfer

1889 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3cF8vNa HTTP 301
    http://orange-8a1999.ingress-erytho.easywp.com/orange HTTP 301
    https://orange-8a1999.ingress-erytho.easywp.com/orange HTTP 301
    http://orange-8a1999.ingress-erytho.easywp.com/orange/ HTTP 307
    https://orange-8a1999.ingress-erytho.easywp.com/orange/ HTTP 302
    https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
orange-8a1999.ingress-erytho.easywp.com/orange/sso/
Redirect Chain
  • https://bit.ly/3cF8vNa
  • http://orange-8a1999.ingress-erytho.easywp.com/orange
  • https://orange-8a1999.ingress-erytho.easywp.com/orange
  • http://orange-8a1999.ingress-erytho.easywp.com/orange/
  • https://orange-8a1999.ingress-erytho.easywp.com/orange/
  • https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
44 KB
7 KB
Document
General
Full URL
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.132 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-erytho.easywp.com
Software
nginx /
Resource Hash
6965ea74eaba1d504d34e724cb3d0788ef639ad5b95e58332dc00b118c74f3a1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
orange-8a1999.ingress-erytho.easywp.com
:scheme
https
:path
/orange/sso/login.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Tue, 15 Jun 2021 18:35:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
public
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
age
0
x-cache
MISS
accept-ranges
bytes
strict-transport-security
max-age=15768000

Redirect headers

server
nginx
date
Tue, 15 Jun 2021 18:35:26 GMT
content-type
text/html; charset=UTF-8
location
sso/login.php
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
public
referrer-policy
strict-origin-when-cross-origin
age
0
x-cache
MISS
content-length
0
strict-transport-security
max-age=15768000
v15c3e9.js
orange-8a1999.ingress-erytho.easywp.com/cdn.omniconvert.com/js/
0
0
Script
General
Full URL
https://orange-8a1999.ingress-erytho.easywp.com/cdn.omniconvert.com/js/v15c3e9.js
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.132 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-erytho.easywp.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:path
/cdn.omniconvert.com/js/v15c3e9.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
orange-8a1999.ingress-erytho.easywp.com
referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 18:35:27 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/html
strict-transport-security
max-age=15768000
content-length
167
fa-sdk-web.js
orange-8a1999.ingress-erytho.easywp.com/orange/js/vendor/
110 KB
33 KB
Script
General
Full URL
https://orange-8a1999.ingress-erytho.easywp.com/orange/js/vendor/fa-sdk-web.js
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.132 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-erytho.easywp.com
Software
nginx /
Resource Hash
48e24ca4ff13c4dc64306ceaf25453bc40afd33df973e6e339f9b1ab0c2cad28
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/orange/js/vendor/fa-sdk-web.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
orange-8a1999.ingress-erytho.easywp.com
referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 11:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
age
26861
x-cache
HIT
vary
Accept-Encoding
content-length
33034
x-xss-protection
1; mode=block
last-modified
Mon, 14 Jun 2021 10:54:58 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60c73582-1b9da"
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/javascript
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon
fonts.googleapis.com/
568 B
474 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a2a092a084f6b4417162897add3a68006c8570de386c83710753f75391b90e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://orange-8a1999.ingress-erytho.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 18:35:26 GMT
server
ESF
date
Tue, 15 Jun 2021 18:35:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Jun 2021 18:35:26 GMT
orange.v1.9.191.css
orange-8a1999.ingress-erytho.easywp.com/orange/css/
687 KB
103 KB
Stylesheet
General
Full URL
https://orange-8a1999.ingress-erytho.easywp.com/orange/css/orange.v1.9.191.css
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.132 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-erytho.easywp.com
Software
nginx /
Resource Hash
da898b0490d59c707cee4389d3f1053cffaa7cf8da745f6cc4089bad3af93809
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/orange/css/orange.v1.9.191.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
orange-8a1999.ingress-erytho.easywp.com
referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 11:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
age
26861
x-cache
HIT
vary
Accept-Encoding
content-length
105121
x-xss-protection
1; mode=block
last-modified
Mon, 14 Jun 2021 10:54:58 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60c73582-abce7"
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/css
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
orange-bank-logo.png
www.orangebank.fr/espace-client/ob-assets/img/
4 KB
4 KB
Image
General
Full URL
https://www.orangebank.fr/espace-client/ob-assets/img/orange-bank-logo.png
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.241.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-241-117.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bd4a128f754b6e3592d7a69a609e5400593eafeb0fe0ca59c9f48d6ea72667a7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://orange-8a1999.ingress-erytho.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer
last-modified
Fri, 21 May 2021 13:31:38 GMT
etag
"60a7b63a-103e"
content-type
image/png
date
Tue, 15 Jun 2021 18:35:27 GMT
x-content-type-options
nosniff
server-timing
dtRpid;desc="-1623923378"
accept-ranges
bytes
content-length
4158
x-xss-protection
1; mode=block
orange.v1.9.191.js
orange-8a1999.ingress-erytho.easywp.com/orange/js/
854 KB
248 KB
Script
General
Full URL
https://orange-8a1999.ingress-erytho.easywp.com/orange/js/orange.v1.9.191.js
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.132 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-erytho.easywp.com
Software
nginx /
Resource Hash
94472d2b60c9f34f9778de7149293dda15105042be57e3c57474f6b25c4b9964
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/orange/js/orange.v1.9.191.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
orange-8a1999.ingress-erytho.easywp.com
referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 11:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
age
26854
x-cache
HIT
vary
Accept-Encoding
content-length
252988
x-xss-protection
1; mode=block
last-modified
Mon, 14 Jun 2021 10:54:58 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60c73582-d56fd"
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/javascript
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
owl.carousel.min.js
orange-8a1999.ingress-erytho.easywp.com/orange/js/vendor/
43 KB
12 KB
Script
General
Full URL
https://orange-8a1999.ingress-erytho.easywp.com/orange/js/vendor/owl.carousel.min.js
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.132 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-erytho.easywp.com
Software
nginx /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/orange/js/vendor/owl.carousel.min.js
pragma
no-cache
cookie
faDeviceProperties=%7B%22FAID%22%3A%22DO0Abd3r28I7uQ%22%2C%22bundleId%22%3A%22com.orange.ma%22%2C%22deviceId%22%3A%22be1a316f-95d0-4bec-9177-280b475be437%22%7D; FollowAnalyticsTrackingState=true; faSession__MUTEX_x=%221623782127523%3A322370274%22; faLogsQueue_next__MUTEX_x=%221623782127523%3A322370274%22; faLogsQueue_0=%7B%22sessionId%22%3A%22INTERNAL_1623782127561%22%2C%22logType%22%3A0%2C%22logName%22%3A%22FALogNameStartSession%22%2C%22logDate%22%3A%222021-06-15T18%3A35%3A27.562Z%22%2C%22logDetails%22%3Anull%2C%22logUpTime%22%3A0%2C%22logInForeground%22%3Atrue%7D; faLogsQueue_next=1; faSession=%7B%22duration%22%3A0%2C%22id%22%3A%22INTERNAL_1623782127561%22%2C%22startTime%22%3A1623782127561%2C%22endTime%22%3A1623782127561%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
orange-8a1999.ingress-erytho.easywp.com
referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 11:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
age
26854
x-cache
HIT
vary
Accept-Encoding
content-length
11412
x-xss-protection
1; mode=block
last-modified
Mon, 14 Jun 2021 10:54:58 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60c73582-ad36"
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/javascript
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
quagga.min.js
orange-8a1999.ingress-erytho.easywp.com/orange/js/vendor/
91 KB
29 KB
Script
General
Full URL
https://orange-8a1999.ingress-erytho.easywp.com/orange/js/vendor/quagga.min.js
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.132 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-erytho.easywp.com
Software
nginx /
Resource Hash
b579f14e1319d90c704b01dccbea2b2ce2734f5109b5ee6e8753cb0a0886ceb2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/orange/js/vendor/quagga.min.js
pragma
no-cache
cookie
faDeviceProperties=%7B%22FAID%22%3A%22DO0Abd3r28I7uQ%22%2C%22bundleId%22%3A%22com.orange.ma%22%2C%22deviceId%22%3A%22be1a316f-95d0-4bec-9177-280b475be437%22%7D; FollowAnalyticsTrackingState=true; faSession__MUTEX_x=%221623782127523%3A322370274%22; faLogsQueue_next__MUTEX_x=%221623782127523%3A322370274%22; faLogsQueue_0=%7B%22sessionId%22%3A%22INTERNAL_1623782127561%22%2C%22logType%22%3A0%2C%22logName%22%3A%22FALogNameStartSession%22%2C%22logDate%22%3A%222021-06-15T18%3A35%3A27.562Z%22%2C%22logDetails%22%3Anull%2C%22logUpTime%22%3A0%2C%22logInForeground%22%3Atrue%7D; faLogsQueue_next=1; faSession=%7B%22duration%22%3A0%2C%22id%22%3A%22INTERNAL_1623782127561%22%2C%22startTime%22%3A1623782127561%2C%22endTime%22%3A1623782127561%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
orange-8a1999.ingress-erytho.easywp.com
referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 11:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
age
26854
x-cache
HIT
vary
Accept-Encoding
content-length
29359
x-xss-protection
1; mode=block
last-modified
Mon, 14 Jun 2021 10:54:58 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60c73582-16c79"
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/javascript
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
OpenIdConnectSDK.min.js
orange-8a1999.ingress-erytho.easywp.com/orange/js/
7 KB
3 KB
Script
General
Full URL
https://orange-8a1999.ingress-erytho.easywp.com/orange/js/OpenIdConnectSDK.min.js
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.132 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-erytho.easywp.com
Software
nginx /
Resource Hash
f9ca1cdcc28a91f6ca7343f24dea9083d42887a8c9f3b1f7145f94f5ad91ba91
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/orange/js/OpenIdConnectSDK.min.js
pragma
no-cache
cookie
faDeviceProperties=%7B%22FAID%22%3A%22DO0Abd3r28I7uQ%22%2C%22bundleId%22%3A%22com.orange.ma%22%2C%22deviceId%22%3A%22be1a316f-95d0-4bec-9177-280b475be437%22%7D; FollowAnalyticsTrackingState=true; faSession__MUTEX_x=%221623782127523%3A322370274%22; faLogsQueue_next__MUTEX_x=%221623782127523%3A322370274%22; faLogsQueue_0=%7B%22sessionId%22%3A%22INTERNAL_1623782127561%22%2C%22logType%22%3A0%2C%22logName%22%3A%22FALogNameStartSession%22%2C%22logDate%22%3A%222021-06-15T18%3A35%3A27.562Z%22%2C%22logDetails%22%3Anull%2C%22logUpTime%22%3A0%2C%22logInForeground%22%3Atrue%7D; faLogsQueue_next=1; faSession=%7B%22duration%22%3A0%2C%22id%22%3A%22INTERNAL_1623782127561%22%2C%22startTime%22%3A1623782127561%2C%22endTime%22%3A1623782127561%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
orange-8a1999.ingress-erytho.easywp.com
referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 11:07:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
age
26854
x-cache
HIT
vary
Accept-Encoding
content-length
2135
x-xss-protection
1; mode=block
last-modified
Mon, 14 Jun 2021 10:54:58 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60c73582-1a3c"
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/javascript
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
deployment
auth.follow-apps.com/api/
0
0
Preflight
General
Full URL
https://auth.follow-apps.com/api/deployment
Protocol
H2
Server
99.83.210.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2506b135abbe5d6c.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://orange-8a1999.ingress-erytho.easywp.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Jun 2021 18:35:29 GMT
access-control-allow-credentials
true
access-control-allow-headers
APICONTEXT,Content-Type
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
cache-control
max-age=0, private, must-revalidate
server
Cowboy
x-request-id
FojVPfBtf8PsE4YDadeb
gtm5445.html
orange-8a1999.ingress-erytho.easywp.com/www.googletagmanager.com/
0
0
Script
General
Full URL
https://orange-8a1999.ingress-erytho.easywp.com/www.googletagmanager.com/gtm5445.html?id=GTM-5DFP8H
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.132 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-erytho.easywp.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:path
/www.googletagmanager.com/gtm5445.html?id=GTM-5DFP8H
pragma
no-cache
cookie
faDeviceProperties=%7B%22FAID%22%3A%22DO0Abd3r28I7uQ%22%2C%22bundleId%22%3A%22com.orange.ma%22%2C%22deviceId%22%3A%22be1a316f-95d0-4bec-9177-280b475be437%22%7D; FollowAnalyticsTrackingState=true; faSession__MUTEX_x=%221623782127523%3A322370274%22; faLogsQueue_next__MUTEX_x=%221623782127523%3A322370274%22; faLogsQueue_0=%7B%22sessionId%22%3A%22INTERNAL_1623782127561%22%2C%22logType%22%3A0%2C%22logName%22%3A%22FALogNameStartSession%22%2C%22logDate%22%3A%222021-06-15T18%3A35%3A27.562Z%22%2C%22logDetails%22%3Anull%2C%22logUpTime%22%3A0%2C%22logInForeground%22%3Atrue%7D; faLogsQueue_next=1; faSession=%7B%22duration%22%3A0%2C%22id%22%3A%22INTERNAL_1623782127561%22%2C%22startTime%22%3A1623782127561%2C%22endTime%22%3A1623782127561%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
orange-8a1999.ingress-erytho.easywp.com
referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/sso/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 18:35:27 GMT
content-encoding
gzip
server
nginx
age
0
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
strict-transport-security
max-age=15768000
link
<https://orange-8a1999.ingress-erytho.easywp.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
deployment
auth.follow-apps.com/api/
106 B
341 B
XHR
General
Full URL
https://auth.follow-apps.com/api/deployment
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/js/vendor/fa-sdk-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.210.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2506b135abbe5d6c.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
a75fecce89b1ae2f837de16cfbe5fa8df83b5c77d48c690dca2d9e94c4e78aa3

Request headers

Referer
https://orange-8a1999.ingress-erytho.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 15 Jun 2021 18:35:29 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
106
x-request-id
FojVPnQrl75kLdMKCdWT
HelvNeue75_W1G.woff
orange-8a1999.ingress-erytho.easywp.com/orange/fonts/Helvetica-Neue-Bold/
47 KB
47 KB
Font
General
Full URL
https://orange-8a1999.ingress-erytho.easywp.com/orange/fonts/Helvetica-Neue-Bold/HelvNeue75_W1G.woff
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/css/orange.v1.9.191.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.250.43.132 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ingress-erytho.easywp.com
Software
nginx /
Resource Hash
1b50099a9065894a184ffcde3a658e858517c47b2ed11979f38c2d8c438fd41b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://orange-8a1999.ingress-erytho.easywp.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
faDeviceProperties=%7B%22FAID%22%3A%22DO0Abd3r28I7uQ%22%2C%22bundleId%22%3A%22com.orange.ma%22%2C%22deviceId%22%3A%22be1a316f-95d0-4bec-9177-280b475be437%22%7D; FollowAnalyticsTrackingState=true; faSession__MUTEX_x=%221623782127523%3A322370274%22; faLogsQueue_next__MUTEX_x=%221623782127523%3A322370274%22; faLogsQueue_0=%7B%22sessionId%22%3A%22INTERNAL_1623782127561%22%2C%22logType%22%3A0%2C%22logName%22%3A%22FALogNameStartSession%22%2C%22logDate%22%3A%222021-06-15T18%3A35%3A27.562Z%22%2C%22logDetails%22%3Anull%2C%22logUpTime%22%3A0%2C%22logInForeground%22%3Atrue%7D; faLogsQueue_next=1; faSession=%7B%22duration%22%3A0%2C%22id%22%3A%22INTERNAL_1623782127561%22%2C%22startTime%22%3A1623782127561%2C%22endTime%22%3A1623782127561%7D
:path
/orange/fonts/Helvetica-Neue-Bold/HelvNeue75_W1G.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
orange-8a1999.ingress-erytho.easywp.com
referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/css/orange.v1.9.191.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://orange-8a1999.ingress-erytho.easywp.com
Referer
https://orange-8a1999.ingress-erytho.easywp.com/orange/css/orange.v1.9.191.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 11:07:52 GMT
x-content-type-options
nosniff
x-cacheable
YES
age
26854
x-cache
HIT
content-length
47987
x-xss-protection
1; mode=block
last-modified
Mon, 14 Jun 2021 10:54:58 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"60c73582-bb73"
strict-transport-security
max-age=15768000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
font/woff
access-control-allow-origin
https://orange-8a1999.ingress-erytho.easywp.com
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
sessionId
sdk.follow-apps.com/api/
0
0
Preflight
General
Full URL
https://sdk.follow-apps.com/api/sessionId
Protocol
H2
Server
99.83.210.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2506b135abbe5d6c.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://orange-8a1999.ingress-erytho.easywp.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 15 Jun 2021 18:35:40 GMT
access-control-allow-credentials
true
access-control-allow-headers
APICONTEXT,Content-Type
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
cache-control
max-age=0, private, must-revalidate
server
Cowboy
x-request-id
FojVQPJ-V0QeVdkDYoGa
sessionId
sdk.follow-apps.com/api/
134 B
370 B
XHR
General
Full URL
https://sdk.follow-apps.com/api/sessionId
Requested by
Host: orange-8a1999.ingress-erytho.easywp.com
URL: https://orange-8a1999.ingress-erytho.easywp.com/orange/js/vendor/fa-sdk-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.210.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2506b135abbe5d6c.awsglobalaccelerator.com
Software
Cowboy /
Resource Hash
356bc718af2c059d49b31fcaffb1a7037c41630ae508511843c6a999f9d4d2e3

Request headers

Referer
https://orange-8a1999.ingress-erytho.easywp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 15 Jun 2021 18:35:40 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
134
x-request-id
FojVQPVyCBjXd9QDzMKV

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Orange (Telecommunication)

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _mktz object| dataLayer function| setImmediate function| clearImmediate object| platform object| FollowAnalytics object| fa-sdk-web object| $buoop function| _toConsumableArray function| _slice object| _gsScope function| Base function| FlipClock object| Orange number| codeLength number| telLength number| passMinLength object| emailReg object| carracterReg object| dateReg object| msisdnReg number| $widthDvice undefined| geocoder undefined| map undefined| marker undefined| my_pos object| markers object| html5 object| Modernizr function| yepnope function| $ function| jQuery object| jQuery111304609960934735551 function| SelectBox object| jQBrowser object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| Sifter object| MicroPlugin function| Selectize function| requestAnimFrame object| Quagga function| pushToDataLayer function| urldecode function| getCookie function| setCookie function| AuthorizationOptions function| isAString function| isANumber function| addParameter function| authorize function| loginOpenId function| callApiConnectException function| parseResponseData function| tokenFromAuthorizationCode function| tokenResponse function| generateTokenResponse function| isAccessTokenValid function| refreshToken function| revokeToken function| userinfo function| getJsonFromUrl function| authorizeProcessLocation function| helperRedirectOpenIdAuthorize number| lastAuthEventId string| $direction

8 Cookies

Domain/Path Name / Value
orange-8a1999.ingress-erytho.easywp.com/ Name: faLogsQueue_next__MUTEX_x
Value: %221623782127523%3A322370274%22
orange-8a1999.ingress-erytho.easywp.com/ Name: faSession__MUTEX_x
Value: %221623782127523%3A322370274%22
orange-8a1999.ingress-erytho.easywp.com/ Name: faLogsQueue_next
Value: 2
orange-8a1999.ingress-erytho.easywp.com/ Name: faLogsQueue_1
Value: %7B%22sessionId%22%3A%22INTERNAL_1623782127561%22%2C%22logType%22%3A3%2C%22logName%22%3A%22FALogNameEnterForeground%22%2C%22logDate%22%3A%222021-06-15T18%3A35%3A27.628Z%22%2C%22logDetails%22%3Anull%2C%22logUpTime%22%3A0%2C%22logInForeground%22%3Atrue%7D
orange-8a1999.ingress-erytho.easywp.com/ Name: FollowAnalyticsTrackingState
Value: true
orange-8a1999.ingress-erytho.easywp.com/ Name: faLogsQueue_0
Value: %7B%22sessionId%22%3A%22INTERNAL_1623782127561%22%2C%22logType%22%3A0%2C%22logName%22%3A%22FALogNameStartSession%22%2C%22logDate%22%3A%222021-06-15T18%3A35%3A27.562Z%22%2C%22logDetails%22%3Anull%2C%22logUpTime%22%3A0%2C%22logInForeground%22%3Atrue%7D
orange-8a1999.ingress-erytho.easywp.com/ Name: faSession
Value: %7B%22duration%22%3A0%2C%22id%22%3A%22INTERNAL_1623782127561%22%2C%22startTime%22%3A1623782127561%2C%22endTime%22%3A1623782127561%7D
orange-8a1999.ingress-erytho.easywp.com/ Name: faDeviceProperties
Value: %7B%22FAID%22%3A%22DO0Abd3r28I7uQ%22%2C%22bundleId%22%3A%22com.orange.ma%22%2C%22deviceId%22%3A%22be1a316f-95d0-4bec-9177-280b475be437%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block