ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226 1.4 kB URL ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 598b57a4c93cca0b698e339ed2727682
8077f9d8ad3e0816039cd2d66bff8465dbfa0a9b
5b4f63b53e1ad2f54c925b8215b621c317da660726d04b1cd6bf477a970e09c8
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 09 Jun 2023 14:59:12 GMT
ETag: "8077f9d8ad3e0816039cd2d66bff8465dbfa0a9b"
Last-Modified: Mon, 05 Jun 2023 14:59:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3336
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d29c230d90cfab4-OSL
ct16323.tw1.ru/OR/Orange22/password.php
87.249.38.16 14 kB URL User Request GET ct16323.tw1.ru/OR/Orange22/password.php
IP 87.249.38.16:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (52420), with CRLF line terminators
Hash 1a92eeaeb746cbecd2030e7aa1783efe
2e8af3c875e8cc12edbdfdf9a8c926e61e3cefbc
ecae069a91969d38da8846e6ed4c031bf381a7219232fead51a83366b11c2d79
GET /OR/Orange22/password.php HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/integrator.js
87.249.38.16200 OK 109 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/integrator.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with no line terminators
Hash 82bb040bd5729e459f7cc5a09981cc86
6729b40c106631dd384a6161580dfec5a6643fa8
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/password_fichiers/integrator.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Content-Length: 109
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Connection: keep-alive
ETag: "6477970f-6d"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Accept-Ranges: bytes
ct16323.tw1.ru/OR/Orange22/password_fichiers/ec.js
87.249.38.16200 OK 1.3 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/ec.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (523)
Hash 7b430c6350a59a7cf22b9adeccba327b
b48d3c289bcb6809bb52fffd8f013055ed6bcd65
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
GET /OR/Orange22/password_fichiers/ec.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-adb"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/bundle.css
87.249.38.16200 OK 32 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/bundle.css
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (822)
Hash 826c37c3759790ba2f54df579b525402
d4dda8921ec3c4a163fc2402670e5389b8ccace8
c648eb5e5dd5917f98d40cc6d9ed068f20f25319ff8c9f200da08a02c280b638
GET /OR/Orange22/password_fichiers/bundle.css HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: text/css
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-3658e"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/osd.js
87.249.38.16200 OK 28 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/osd.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (65425)
Hash 623b740374c5f0bfe11f72c8569ac3e1
c0da83676462f0157290b40521da18edf639ca0d
187f0e2d2331f649e0afc51f0567cf23ef47d57283aa928313452eb1a559efb4
GET /OR/Orange22/password_fichiers/osd.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-1277a"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/utag_002.js
87.249.38.16200 OK 9.2 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/utag_002.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document, ASCII text, with very long lines (2272)
Hash 2f146474317068a16a596c1fa8a581bb
b2551854df5886193274a1358afd011eafd2d70f
29e49450a2aa5777ddae401bc9b08db87e247108ede5246b744c8c42010578a9
GET /OR/Orange22/password_fichiers/utag_002.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-71a6"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/wrap_002.js
87.249.38.16200 OK 34 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/wrap_002.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (22342), with LF, NEL line terminators
Hash 83426b7ee6fb9b722ca402b2368ffd91
7762d5fe5a302506784f0a7baff8670fee96108c
47beda598efc303a2d1c94f2a769fe560609c4874288960f1ea6b8e9f1fe2baf
GET /OR/Orange22/password_fichiers/wrap_002.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-1c73a"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/analytics.js
87.249.38.16200 OK 19 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/analytics.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (1325)
Hash 53ee95b384d866e8692bb1aef923b763
a82812b87b667d32a8e51514c578a5175edd94b4
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
GET /OR/Orange22/password_fichiers/analytics.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-b7cb"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/o_load_responsive.js
87.249.38.16200 OK 14 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/o_load_responsive.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type C source, Unicode text, UTF-8 text, with very long lines (31978)
Hash 24608491cc178eb96b93183c72bb356e
b5400c213e4e2c494bf0fb872b0728c895b16f84
981533b57b1ade011c28086311f0a9f84f572d7cca6d729c52ab845a482a199d
GET /OR/Orange22/password_fichiers/o_load_responsive.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-bc1e"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/wrap.js
87.249.38.16200 OK 47 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/wrap.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (40931)
Hash 20f0a62b6efd2b7a30e2e6d59ba43da4
3b9f6f4c832d2da868d2853af926d7f2abbb980d
70c6274d94af8fd8e0e2c9654297c5c29a919cf405f684dcf67e1a06d859e9f9
GET /OR/Orange22/password_fichiers/wrap.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-23de7"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
code.jquery.com/jquery-3.5.1.slim.min.js
69.16.175.42200 OK 25 kB URL GET HTTP/2 code.jquery.com/jquery-3.5.1.slim.min.js
IP 69.16.175.42:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65245)
Hash fb8409a092adc6e8be17e87d59e0595e
cf8d9821552d51bb50ce572e696aba1309065800
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
GET /jquery-3.5.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 05 Jun 2023 16:23:10 GMT
content-encoding: gzip
content-length: 24606
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11abc"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1685982190.dop222.sk1.t,1685982190.cds065.sk1.hn,1685982190.cds202.sk1.c
X-Firefox-Spdy: h2
ct16323.tw1.ru/OR/Orange22/password_fichiers/common.js
87.249.38.16200 OK 12 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/common.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (31981)
Hash 0b8f1f0070747a2340cf272686b0ca3e
80bbffc846222ea37c96b6772ffdce535af352cf
422e6c2e0785856e5e1aaa5b21b358465c62a9fdc60d41148e474ea0acd2835c
GET /OR/Orange22/password_fichiers/common.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-9e37"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/common.css
87.249.38.16200 OK 314 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/common.css
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (1210), with no line terminators
Hash 9c50986b94d7129e2c17ba91f2f99c44
c7ef726fa5dc8c6e513ff1ba95173659cd0df697
9d203ca69703024402ebf53d83e6a7aff3aec17c7b63993a63228aa467b463aa
GET /OR/Orange22/password_fichiers/common.css HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: text/css
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-4ba"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/configuration.json
87.249.38.16200 OK 366 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/configuration.json
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Hash ef3828e134882e1c876dab2fa4d4adb9
ccae070757372ba1361cf4017fa7c95765483f42
110fc0d903269e07466e6046d1133356354f9344421364cf22d04c477785e512
GET /OR/Orange22/password_fichiers/configuration.json HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
ETag: W/"41e-5fd01ccbc3bf5"
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/bundle.js
87.249.38.16200 OK 53 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/bundle.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (65451)
Hash 4fe8f7e93fbf013ab328ac614c9beb1e
c6e554c9a20ae17a9e026d96d6dd4f27481d60c2
1dea5048e429a178a10583c16403d1894c61b47d1421f73c39e8c39f244ed54b
GET /OR/Orange22/password_fichiers/bundle.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-30a67"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/o_tealium.js
87.249.38.16200 OK 461 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/o_tealium.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type exported SGML document, ASCII text
Hash c565a78bb5f5bf65a24ad7d69eecc911
2bfdd57e5b89e751d4054ddbeb4af6179538f9ca
48e3519db17530c83a984fda459577525b5a8e0b5d7eae6aff3983676df229d2
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/password_fichiers/o_tealium.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Content-Length: 461
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Connection: keep-alive
ETag: "6477970f-1cd"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Accept-Ranges: bytes
ct16323.tw1.ru/OR/Orange22/password_fichiers/utag_003.js
87.249.38.16200 OK 572 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/utag_003.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document, ASCII text, with very long lines (403)
Hash adc847a44c527dfec076e1e841692e88
4a5af36ff3dd6c8656ab1b359062a05b2e299630
f9694462a39c1a319ac9db6cb051272af288ab6a0d1d3e9ab430f6aeeb49199a
GET /OR/Orange22/password_fichiers/utag_003.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-4aa"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/o_onei_core.js
87.249.38.16200 OK 12 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/o_onei_core.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (31797)
Hash e466b0dfc1a9ef10f74b219d1e7c4edf
acbd064b08faa860e22b41cefb23f7b40bfe42b8
9668ded257e371ef94eabc30a62a180d208124b92289e045528d52158398060c
GET /OR/Orange22/password_fichiers/o_onei_core.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-c0b6"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/o_onei_desktop.js
87.249.38.16200 OK 11 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/o_onei_desktop.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (31955)
Hash 667c109f2350e518a6b82320c7ea3eb4
f5e32800e1918543468cebe4211e5e13ed7355f3
3ab27256fba79a23e584d985d1ac54785178a77ddafae1e573b2c34bb2954369
GET /OR/Orange22/password_fichiers/o_onei_desktop.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-bdb1"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/datadome.js
87.249.38.16200 OK 22 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/datadome.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (65433)
Hash eec7704cb9ea3860a2cc47c7794a88da
78d1aa7a123cdd71824ab1b015fc54b1ed6a00f2
b16556cd55d68160a36aca0b3c164d0e4fd4d7dcd962bd66882371831ca098a8
GET /OR/Orange22/password_fichiers/datadome.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-2179d"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/ora_authen.identification
87.249.38.16200 OK 3.8 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/ora_authen.identification
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Hash 8bfbacf1d217ca8c35b670f6e6ef31c6
2c43a9177cf05c997fa035f897f2734aed941a7b
7e9e645bcb0d35d7bde7ac7a901917d98d03190aeab77bb65f6acce6310da751
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/password_fichiers/ora_authen.identification HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Length: 3812
Connection: keep-alive
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
ETag: "ee4-5fd01ccbe8db4"
Accept-Ranges: bytes
ct16323.tw1.ru/OR/Orange22/password_fichiers/o_onei_responsive.css
87.249.38.16200 OK 18 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/o_onei_responsive.css
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (65536), with no line terminators
Hash d6e2a659478284f2d0fc13fb0c9a6f46
893bac880e322e3e1193b0173693704ef7647eee
eadfe869ae51069f151a344771463206574c3c4482b33a60081c89f312479267
GET /OR/Orange22/password_fichiers/o_onei_responsive.css HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: text/css
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-2e31e"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/o_completion.js
87.249.38.16200 OK 26 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/o_completion.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (31992)
Hash 198322b5cdb62d03d2f10dda59e3d417
3314edc8cd60151744957a309ec8872512b13e05
5fe4503dc83e2c1c9b76c24f03244b59db16ddfcce9300909b3a86c4ca7c2bed
GET /OR/Orange22/password_fichiers/o_completion.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-1b77e"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/oneI.json
87.249.38.16200 OK 14 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/oneI.json
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (443)
Hash 427e80995454dd59a35ce0845d427eaf
5a32f7d33c74eecf210912f936374c13ae526246
ed85dfe388a20021f09bcfe91e1632de22d135e903780ba16d5d18f7394b87b2
GET /OR/Orange22/password_fichiers/oneI.json HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
ETag: W/"31476-5fd01ccbe7e14"
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/ABPlanning.json
87.249.38.16200 OK 106 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/ABPlanning.json
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Hash cf9b9da1f2124678596cb0db68f19fcc
c705ff82c357017892c9d6e92adbd5fec37a24e8
6f6b02609eaa139e7cb337db713e87b1339c2f4f1a20b6e672fcdcf93d565cac
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/password_fichiers/ABPlanning.json HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/json
Content-Length: 106
Connection: keep-alive
Last-Modified: Wed, 31 May 2023 18:50:54 GMT
ETag: "6a-5fd01ccb69e77"
Accept-Ranges: bytes
ct16323.tw1.ru/OR/Orange22/password_fichiers/oan_common-async-3.js
87.249.38.16200 OK 63 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/oan_common-async-3.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (41696), with LF, NEL line terminators
Hash 2cb760e239cac01daf0ec447345d3f51
f1a78abd7c2b1b69938d4f4bec9f70c274a7cdf6
873eb75ff8b0b0bc721cb7b240a89311abae74d8e0447ec45c9fdd51cda79189
GET /OR/Orange22/password_fichiers/oan_common-async-3.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-36948"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/px.js
87.249.38.16200 OK 346 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/px.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (346), with no line terminators
Hash f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/password_fichiers/px.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Content-Length: 346
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Connection: keep-alive
ETag: "6477970f-15a"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Accept-Ranges: bytes
ct16323.tw1.ru/OR/Orange22/password_fichiers/utag.js
87.249.38.16200 OK 5.5 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/utag.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (1204)
Hash 3103c2f4a9dc018935af5b05c8da5771
8366ed8e5e28ed007ff5604466b6ea0649e059eb
f8d67952948993a17415668bcd6d30bf01fd77de3f707d3ec8dc7244386ce098
GET /OR/Orange22/password_fichiers/utag.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-5969"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/config.js
87.249.38.16200 OK 12 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/config.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (46153)
Hash f052c4ff346c90fb144734bf619a7c0f
01e4df392976368190595df473bc8e5c5d225efd
8d9b3f46abc454c620056257fceb35d9c69a88b907c177b02d9de26129fb1e22
GET /OR/Orange22/password_fichiers/config.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-c968"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/gpt.js
87.249.38.16200 OK 19 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/gpt.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (56157)
Hash 106619947b1e25411ce93455af1218bc
fc17d3fa7d4483b4bf95efd9c2f70215139667d9
2db57f6929e4a82a9fcf9ed3804adbed41d44ae000fd72f074d6ba5b72dee212
GET /OR/Orange22/password_fichiers/gpt.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-dc43"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/functions/hideShow/hideShowPassword.min.js
87.249.38.16200 OK 2.6 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/functions/hideShow/hideShowPassword.min.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (8234), with no line terminators
Hash c15627cb41cad912398a622533f74fd4
6129adb095e47a2be94cf3bba382099fdc6562e6
b6a63849f3e8066cdf340498b1701223621633fcc4b498a618d6f51a8380713e
GET /OR/Orange22/functions/hideShow/hideShowPassword.min.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970e-202a"
Expires: Thu, 06 Jul 2023 16:23:11 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/password_fichiers/pubads_impl_2020120701.js
87.249.38.16200 OK 100 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/pubads_impl_2020120701.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (65439)
Hash 433dd0f28ab0f64447ff9ad5484edb0c
a60ea1400da3faf6738ee8572be9215a9f9bb11d
9ff097bb2a8986d45348ac893bede5cafd713e7164381c9a5e8f4f7aef9e30bc
GET /OR/Orange22/password_fichiers/pubads_impl_2020120701.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:10 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6477970f-45cde"
Expires: Thu, 06 Jul 2023 16:23:10 GMT
Cache-Control: max-age=2678400
Content-Encoding: gzip
ct16323.tw1.ru/OR/Orange22/functions/getinput/jquery.get-input-type.js
87.249.38.16404 Not Found 196 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/functions/getinput/jquery.get-input-type.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/functions/getinput/jquery.get-input-type.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
ct16323.tw1.ru/OR/Orange22/password_fichiers/logo-orange.png
87.249.38.16200 OK 3.4 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/logo-orange.png
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced\012- data
Hash ba58c4c13a8cce3745d4891ece04159e
f06787352d2f6c0a8ae701ff27a066d4ba646a6c
b36e8ca10880ffc8a3903cd991589fbbe8aa75cbff6315f475be1ed0e9bda472
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/password_fichiers/logo-orange.png HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: image/png
Content-Length: 3354
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Connection: keep-alive
ETag: "6477970f-d1a"
Expires: Thu, 06 Jul 2023 16:23:11 GMT
Cache-Control: max-age=2678400
Accept-Ranges: bytes
ct16323.tw1.ru/OR/Orange22/password_fichiers/567x302_OBANK_Levier01_PUSH_20201109a.jpg
87.249.38.16200 OK 94 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/567x302_OBANK_Levier01_PUSH_20201109a.jpg
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 567x302, components 3\012- data
Hash 8174f3d7001a76ab6ed2be5ceda24053
9fab890f69769c6e05e37213dae3129f773fdf55
2d543c630aa02d4fbb2a7e3ee34bb5267d781f4f5c3f59deb8e09c9d89b4e364
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/password_fichiers/567x302_OBANK_Levier01_PUSH_20201109a.jpg HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: image/jpeg
Content-Length: 94192
Last-Modified: Wed, 31 May 2023 18:50:54 GMT
Connection: keep-alive
ETag: "6477970e-16ff0"
Expires: Thu, 06 Jul 2023 16:23:11 GMT
Cache-Control: max-age=2678400
Accept-Ranges: bytes
ct16323.tw1.ru/OR/Orange22/password_fichiers/img_event_elcos-desktop_noelarrive.png
87.249.38.16200 OK 8.8 kB URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/img_event_elcos-desktop_noelarrive.png
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type PNG image data, 162 x 50, 8-bit/color RGB, interlaced\012- data
Hash 20c688296b476b68d978bf5e9af9fbe8
17068f17339b5d05ea988a8ddc9fd9f523d357ac
1f877ab6934b3bef3b096e4bb526b510f34f6d2fe9b7eba551333e14fd4c4c94
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/password_fichiers/img_event_elcos-desktop_noelarrive.png HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: image/png
Content-Length: 8754
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Connection: keep-alive
ETag: "6477970f-2232"
Expires: Thu, 06 Jul 2023 16:23:11 GMT
Cache-Control: max-age=2678400
Accept-Ranges: bytes
ct16323.tw1.ru/OR/Orange22/password_fichiers/Logo_MC_noir_fond_transparent_small.png
87.249.38.16200 OK 853 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/Logo_MC_noir_fond_transparent_small.png
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type PNG image data, 20 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash bbfb3a4e950d63bd020add300cf15332
3ccb7cfe0d1409489ac3c40b6fa5c9c7b9a47c6c
4ae42e92bba9df8768146f10ff90e5be5d949425d05752f87a6fd8d2e27ece88
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/password_fichiers/Logo_MC_noir_fond_transparent_small.png HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: image/png
Content-Length: 853
Last-Modified: Wed, 31 May 2023 18:50:54 GMT
Connection: keep-alive
ETag: "6477970e-355"
Expires: Thu, 06 Jul 2023 16:23:11 GMT
Cache-Control: max-age=2678400
Accept-Ranges: bytes
ct16323.tw1.ru/OR/Orange22/password_fichiers/Logo_MC_orange_fond_transparent_small.png
87.249.38.16200 OK 858 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/Logo_MC_orange_fond_transparent_small.png
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type PNG image data, 20 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 6000d3e42563def838266719364eba06
e850fa48a787af8f1450bab7f47925e311977c06
27ffcc2c1144b73849cddaab57af25ea3ecb95a0434936d03e9dce93683a3c85
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/password_fichiers/Logo_MC_orange_fond_transparent_small.png HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: image/png
Content-Length: 858
Last-Modified: Wed, 31 May 2023 18:50:54 GMT
Connection: keep-alive
ETag: "6477970e-35a"
Expires: Thu, 06 Jul 2023 16:23:11 GMT
Cache-Control: max-age=2678400
Accept-Ranges: bytes
ct16323.tw1.ru/OR/Orange22/password_fichiers/z.gif
87.249.38.16200 OK 43 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/password_fichiers/z.gif
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/password_fichiers/z.gif HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Wed, 31 May 2023 18:50:55 GMT
Connection: keep-alive
ETag: "6477970f-2b"
Expires: Thu, 06 Jul 2023 16:23:11 GMT
Cache-Control: max-age=2678400
Accept-Ranges: bytes
tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js
54.230.111.8200 OK 167 B URL GET HTTP/2 tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js
IP 54.230.111.8:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /utag/orange/abtesting/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: application/javascript
Content-Length: 167
Connection: keep-alive
Location: https://tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js
X-Cache: Redirect from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QmJgoH9sFow9bgZo5DdQnDui0SOPug2Dzdsx5zpoQiQuMrUotwo4pw==
Cache-Control: max-age=300
c.woopic.com/Magic/configuration.tgif.json
193.252.122.137302 Moved Temporarily 178 B URL GET HTTP/1.1 c.woopic.com/Magic/configuration.tgif.json
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /Magic/configuration.tgif.json HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/Magic/configuration.tgif.json
c.woopic.com/Magic/o_tealium.js?update
193.252.122.137301 Moved Permanently 178 B URL GET HTTP/1.1 c.woopic.com/Magic/o_tealium.js?update
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /Magic/o_tealium.js?update HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/Magic/o_tealium.js?update?update
c.woopic.com/libs/common/o_load_responsive.js
193.252.122.137301 Moved Permanently 178 B URL GET HTTP/1.1 c.woopic.com/libs/common/o_load_responsive.js
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /libs/common/o_load_responsive.js HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/libs/common/o_load_responsive.js
c.woopic.com/libs/3fb1499fd0cd5b1b9a87c93d6d21cb38/common/js/common.js
193.252.122.137302 Moved Temporarily 178 B URL GET HTTP/1.1 c.woopic.com/libs/3fb1499fd0cd5b1b9a87c93d6d21cb38/common/js/common.js
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /libs/3fb1499fd0cd5b1b9a87c93d6d21cb38/common/js/common.js HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/libs/3fb1499fd0cd5b1b9a87c93d6d21cb38/common/js/common.js
c.woopic.com/libs/5f7e175dd055a7a6e56d4881cc06ff27/common/css/common.css
193.252.122.137301 Moved Permanently 178 B URL GET HTTP/1.1 c.woopic.com/libs/5f7e175dd055a7a6e56d4881cc06ff27/common/css/common.css
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /libs/5f7e175dd055a7a6e56d4881cc06ff27/common/css/common.css HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/libs/5f7e175dd055a7a6e56d4881cc06ff27/common/css/common.css
c.woopic.com/Magic/oneI.res.desktop.4.5.5.json
193.252.122.137301 Moved Permanently 178 B URL GET HTTP/1.1 c.woopic.com/Magic/oneI.res.desktop.4.5.5.json
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /Magic/oneI.res.desktop.4.5.5.json HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/Magic/oneI.res.desktop.4.5.5.json
cdn.woopic.com/c15d9d8fc98141b084d96f795046449b/trust-latest/datadome.js
193.252.122.137200 OK 22 kB URL GET HTTP/1.1 cdn.woopic.com/c15d9d8fc98141b084d96f795046449b/trust-latest/datadome.js
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (65432)
Hash 4999233b500efc6427ccaa25ce97ad92
92847ef22ea3403cf2c34e5eac439c1f5dda19b8
047a8a23da5cb0bd6d8f997310054fdce09af1965507bb03d45db87bf2b8efd6
GET /c15d9d8fc98141b084d96f795046449b/trust-latest/datadome.js HTTP/1.1
Host: cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin,Accept-Encoding
Last-Modified: Fri, 28 May 2021 09:08:23 GMT
X-Timestamp: 1622192902.48024
X-Object-Meta-Mtime: 1622192884.931981
X-Trans-Id: txa2a638ebd9cf4d509b714-00645b5311
Cache-Control: max-age=31536000
Age: 2275550
X-Mid: pr4b
X-Cache: HIT
x-server: bgl
Content-Encoding: gzip
c.woopic.com/Magic/configuration.tgif.json
193.252.122.137302 Moved Temporarily 154 B URL GET HTTP/1.1 c.woopic.com/Magic/configuration.tgif.json
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /Magic/configuration.tgif.json HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: https://r.orange.fr/r/Oerreur_403
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
c.woopic.com/libs/5f7e175dd055a7a6e56d4881cc06ff27/common/css/common.css
193.252.122.137301 Moved Permanently 154 B URL GET HTTP/1.1 c.woopic.com/libs/5f7e175dd055a7a6e56d4881cc06ff27/common/css/common.css
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /libs/5f7e175dd055a7a6e56d4881cc06ff27/common/css/common.css HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: https://r.orange.fr/r/Oerreur_403
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
c.woopic.com/libs/3fb1499fd0cd5b1b9a87c93d6d21cb38/common/js/common.js
193.252.122.137302 Moved Temporarily 154 B URL GET HTTP/1.1 c.woopic.com/libs/3fb1499fd0cd5b1b9a87c93d6d21cb38/common/js/common.js
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /libs/3fb1499fd0cd5b1b9a87c93d6d21cb38/common/js/common.js HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: https://r.orange.fr/r/Oerreur_403
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js
54.230.111.8200 OK 1.5 kB URL GET HTTP/2 tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js
IP 54.230.111.8:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (2695)
Hash 6b967f813c93121ef7c535583e260632
c04b18ebf085535b51614295067b49ee7cec5399
420a690eb56c9e4ad93992a9e914317462c345f1675d49d23c538e82e5afa931
GET /utag/orange/abtesting/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 11 Apr 2023 14:30:32 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 97rDJ_fUbAi_w4P_Xm7Lw_S09WIYM_UE
server: AmazonS3
content-encoding: br
date: Mon, 05 Jun 2023 16:18:34 GMT
etag: W/"6b967f813c93121ef7c535583e260632"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NGBJFDBs3An68j8NQRzzqcAkmvN-iB87ZERPia3mhBaYYm6BacpdHQ==
age: 297
cache-control: max-age=300
X-Firefox-Spdy: h2
c.woopic.com/libs/common/o_load_responsive.js
193.252.122.137301 Moved Permanently 15 kB URL GET HTTP/1.1 c.woopic.com/libs/common/o_load_responsive.js
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- C source, Unicode text, UTF-8 text, with very long lines (31947)
Hash e8e69d0eb6803ac8959872894b621a3b
d9f985fa48d33bc043e0707b2260ad565a02ad4b
38840ec2434592be4ca56c7ff3ea8a1450e2339add0f298531dc3837bb1f75ae
GET /libs/common/o_load_responsive.js HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/javascript
Content-Length: 15198
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 08:57:30 GMT
Etag: e8e69d0eb6803ac8959872894b621a3b
X-Timestamp: 1685437049.09811
Cache-Control: s-maxage=60, max-age=0
X-Trans-Id: tx2551592015284c66b6dfa-00647e0bd6
Vary: Origin, Accept-Encoding
Content-Encoding: gzip
Age: 25
X-Mid: pr2b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
cdn.woopic.com/c15d9d8fc98141b084d96f795046449b/auth-2.17.2/images/services_comm/om_desktop.png
193.252.122.137200 OK 29 kB URL GET HTTP/1.1 cdn.woopic.com/c15d9d8fc98141b084d96f795046449b/auth-2.17.2/images/services_comm/om_desktop.png
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type PNG image data, 300 x 320, 8-bit/color RGB, non-interlaced\012- data
Hash bfd2858e4707255b0200abbe93131293
f693dffde9c8263e2aab90fb16a0ff070b5b4104
8dab2dc2566251e916a476c846ea0ed1ce459d26917a088146765ea6b2bef997
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /c15d9d8fc98141b084d96f795046449b/auth-2.17.2/images/services_comm/om_desktop.png HTTP/1.1
Host: cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: image/png
Content-Length: 29367
Connection: keep-alive
Vary: Origin,Accept-Encoding
Last-Modified: Tue, 18 Aug 2020 15:38:09 GMT
Etag: bfd2858e4707255b0200abbe93131293
X-Timestamp: 1597765088.67657
X-Object-Meta-Mtime: 1597764295.000000
X-Trans-Id: tx2e6f95b966cf41a7a3ea3-00647e0b64
Cache-Control: max-age=31536000
Age: 139
X-Mid: pr4b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
c.woopic.com/fonts/o-icomoon.woff2?20201014
193.252.122.137301 Moved Permanently 178 B URL GET HTTP/1.1 c.woopic.com/fonts/o-icomoon.woff2?20201014
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fonts/o-icomoon.woff2?20201014 HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/fonts/o-icomoon.woff2?20201014?20201014
ct16323.tw1.ru/OR/Orange22/fonts/HelvNeue55_W1G.woff2
87.249.38.16404 Not Found 196 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/fonts/HelvNeue55_W1G.woff2
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/fonts/HelvNeue55_W1G.woff2 HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password_fichiers/bundle.css
Cookie: utag_main=v_id:01888c5e9b05001db144971b003305046002e00900918$_sn:1$_ss:1$_st:1685983990342$ses_id:1685982190342%3Bexp-session$_pn:1%3Bexp-session
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
ct16323.tw1.ru/OR/Orange22/fonts/HelvNeue75_W1G.woff2
87.249.38.16404 Not Found 196 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/fonts/HelvNeue75_W1G.woff2
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/fonts/HelvNeue75_W1G.woff2 HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password_fichiers/bundle.css
Cookie: utag_main=v_id:01888c5e9b05001db144971b003305046002e00900918$_sn:1$_ss:1$_st:1685983990342$ses_id:1685982190342%3Bexp-session$_pn:1%3Bexp-session
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
c.woopic.com/fonts/HelvNeue55_W1G.woff2?20201014
193.252.122.137301 Moved Permanently 178 B URL GET HTTP/1.1 c.woopic.com/fonts/HelvNeue55_W1G.woff2?20201014
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fonts/HelvNeue55_W1G.woff2?20201014 HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/fonts/HelvNeue55_W1G.woff2?20201014?20201014
c.woopic.com/fonts/HelvNeue75_W1G.woff2?20201014
193.252.122.137301 Moved Permanently 178 B URL GET HTTP/1.1 c.woopic.com/fonts/HelvNeue75_W1G.woff2?20201014
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fonts/HelvNeue75_W1G.woff2?20201014 HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/fonts/HelvNeue75_W1G.woff2?20201014?20201014
ct16323.tw1.ru/OR/Orange22/functions/getinput/jquery.get-input-type.js
87.249.38.16404 Not Found 196 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/functions/getinput/jquery.get-input-type.js
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/functions/getinput/jquery.get-input-type.js HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password.php
Cookie: utag_main=v_id:01888c5e9b05001db144971b003305046002e00900918$_sn:1$_ss:1$_st:1685983990342$ses_id:1685982190342%3Bexp-session$_pn:1%3Bexp-session
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
cdn.adgtw.orangeads.fr/build/lib/px.js?ch=2
193.252.122.137200 OK 242 B URL GET HTTP/1.1 cdn.adgtw.orangeads.fr/build/lib/px.js?ch=2
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (346), with no line terminators
Hash f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /build/lib/px.js?ch=2 HTTP/1.1
Host: cdn.adgtw.orangeads.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 02 Jun 2023 06:19:49 GMT
X-Timestamp: 1685686788.01195
Cache-Control: public, max-age=604800
X-Trans-Id: tx97c189096c91415485ae6-0064798a1b
Age: 295379
X-Mid: pr2b
X-Cache: HIT
x-server: bgl
Content-Encoding: gzip
tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js
54.230.111.8200 OK 167 B URL GET HTTP/2 tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js
IP 54.230.111.8:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
Fingerprint6B:C4:49:CA:3C:06:E1:FA:8B:24:5C:78:97:D9:86:D7:EB:CA:09:62
ValidityTue, 18 Apr 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /utag/orange/abtesting/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: application/javascript
Content-Length: 167
Connection: keep-alive
Location: https://tags.tiqcdn.com/utag/orange/abtesting/prod/utag.sync.js
X-Cache: Redirect from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5zwb_NOLJAnHnNtpECB52sh3gVjzDvuaPaKUJhnjsK-D3f48P059Wg==
Cache-Control: max-age=300
ct16323.tw1.ru/OR/Orange22/fonts/HelvNeue55_W1G.woff
87.249.38.16404 Not Found 196 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/fonts/HelvNeue55_W1G.woff
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/fonts/HelvNeue55_W1G.woff HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password_fichiers/bundle.css
Cookie: utag_main=v_id:01888c5e9b05001db144971b003305046002e00900918$_sn:1$_ss:1$_st:1685983990342$ses_id:1685982190342%3Bexp-session$_pn:1%3Bexp-session
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
ct16323.tw1.ru/OR/Orange22/fonts/HelvNeue75_W1G.woff
87.249.38.16404 Not Found 196 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/fonts/HelvNeue75_W1G.woff
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/fonts/HelvNeue75_W1G.woff HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password_fichiers/bundle.css
Cookie: utag_main=v_id:01888c5e9b05001db144971b003305046002e00900918$_sn:1$_ss:1$_st:1685983990342$ses_id:1685982190342%3Bexp-session$_pn:1%3Bexp-session
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
tags.tiqcdn.com/utag/orange/identite/prod/utag.29.js?utv=ut4.45.202011261448
54.230.111.8301 Moved Permanently 167 B URL GET HTTP/1.1 tags.tiqcdn.com/utag/orange/identite/prod/utag.29.js?utv=ut4.45.202011261448
IP 54.230.111.8:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /utag/orange/identite/prod/utag.29.js?utv=ut4.45.202011261448 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: application/javascript
Content-Length: 167
Connection: keep-alive
Location: https://tags.tiqcdn.com/utag/orange/identite/prod/utag.29.js?utv=ut4.45.202011261448
X-Cache: Redirect from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1hLmHjMKkvGDox6yvZPZgQ7lu4wtAOmZ8Mk2wxIXueP4CJvDx3tq3Q==
Cache-Control: max-age=1296000
cdn.adgtw.orangeads.fr/build/oan_common-async-3.2.min.js?f1a78abd7c2b1b69938d4f4bec9f70c274a7cdf6
193.252.122.137200 OK 48 kB URL GET HTTP/1.1 cdn.adgtw.orangeads.fr/build/oan_common-async-3.2.min.js?f1a78abd7c2b1b69938d4f4bec9f70c274a7cdf6
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (65465)
Hash 2cf7f574731d76c62e2b0d719cb96753
d536732d8ba0bb6ee77015552072cbd3a2d04fd8
108da7c81c543549c8f9fe21ca400402aaad501d29e6a4e2241e3e7d478f196c
GET /build/oan_common-async-3.2.min.js?f1a78abd7c2b1b69938d4f4bec9f70c274a7cdf6 HTTP/1.1
Host: cdn.adgtw.orangeads.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 02 Jun 2023 06:19:25 GMT
X-Timestamp: 1685686764.17036
Cache-Control: public, max-age=604800
X-Trans-Id: tx20b7e8e351964430a54e8-00647e0bef
Age: 0
X-Mid: pr1b
X-Cache: MISS
x-server: bgl
Content-Encoding: gzip
c.woopic.com/Magic/oneI.res.desktop.4.5.5.json
193.252.122.137301 Moved Permanently 154 B URL GET HTTP/1.1 c.woopic.com/Magic/oneI.res.desktop.4.5.5.json
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /Magic/oneI.res.desktop.4.5.5.json HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: https://r.orange.fr/r/Oerreur_403
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
trust-system-eui.orange.fr/js
193.252.122.88200 OK 227 B URL POST HTTP/1.1 trust-system-eui.orange.fr/js
IP 193.252.122.88:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectlogin.orange.fr
Fingerprint53:5F:62:9C:5D:47:59:ED:E4:D2:A5:BB:D5:EB:75:C3:4E:51:51:66
ValidityWed, 17 Aug 2022 00:00:00 GMT - Tue, 29 Aug 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash aa4291feb02c6abd77708f70ea4b7b5f
6ee4cd93e785f6430d43419b2730c14dae1e2e72
a07ed35feaf6e1aadb0b78e4708afd8924f036df1f632f7f4c4fc479a8ae6405
POST /js HTTP/1.1
Host: trust-system-eui.orange.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 2526
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 16:23:11 GMT
Server: DataDome
access-control-allow-origin: *
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-type: application/json;charset=utf-8
content-length: 227
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
gp.cdn.woopic.com/libs/J06O120cS/common/css/common.css
193.252.122.137200 OK 318 B URL GET HTTP/1.1 gp.cdn.woopic.com/libs/J06O120cS/common/css/common.css
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (1270), with no line terminators
Hash adf9b849879d64823051612b3d9d4b04
1eb06014995283ca83d2e13eca1473fa2cd92def
8be5ae17528bfe2afdbc8baade09375837ec60bb02b54c4bf43eeee81b065634
GET /libs/J06O120cS/common/css/common.css HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/css
Content-Length: 318
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 08:57:24 GMT
X-Timestamp: 1685437043.37494
Cache-Control: max-age=15552000
X-Trans-Id: tx0f4d9a81a88f46a0b5b34-006475ba75
ETag: W/adf9b849879d64823051612b3d9d4b04
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
Age: 545146
X-Mid: pr1b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
gp.cdn.woopic.com/magic/configuration.tgif.json
193.252.122.137 372 B URL GET gp.cdn.woopic.com/magic/configuration.tgif.json
IP 193.252.122.137:0
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Hash ef3828e134882e1c876dab2fa4d4adb9
ccae070757372ba1361cf4017fa7c95765483f42
110fc0d903269e07466e6046d1133356354f9344421364cf22d04c477785e512
GET /magic/configuration.tgif.json HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Feb 2022 14:56:54 GMT
X-Timestamp: 1645801013.83939
X-Trans-Id: tx77a0157b22d24026808d3-00647dfe69
Vary: Accept-Encoding, Origin
Cache-Control: max-age=3600
Age: 3462
X-Mid: pr1b
X-Cache: HIT
x-server: bgl
Content-Encoding: gzip
gp.cdn.woopic.com/magic/o_tealium.js?update
193.252.122.137200 OK 283 B URL GET HTTP/1.1 gp.cdn.woopic.com/magic/o_tealium.js?update
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type exported SGML document, ASCII text
Hash c565a78bb5f5bf65a24ad7d69eecc911
2bfdd57e5b89e751d4054ddbeb4af6179538f9ca
48e3519db17530c83a984fda459577525b5a8e0b5d7eae6aff3983676df229d2
GET /magic/o_tealium.js?update HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 11 Apr 2023 10:05:03 GMT
X-Timestamp: 1681207502.30185
X-Trans-Id: tx24002a4a9baf45b0aec55-00647e04ab
Vary: Accept-Encoding, Origin
Cache-Control: max-age=3600
Age: 1860
X-Mid: pr3b
X-Cache: HIT
x-server: bgl
Content-Encoding: gzip
gp.cdn.woopic.com/libs/J06O120cS/common/js/common.js
193.252.122.137200 OK 21 kB URL GET HTTP/1.1 gp.cdn.woopic.com/libs/J06O120cS/common/js/common.js
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (31951)
Hash 27fe85ad5d5e94d60db0081b00098965
3134b8b3f918409d2a65c6c26971d3af14c76403
35bddcae1ee26a3ed6b91ceb217186a713f52bb6339b4776bfa358c14f797c3d
GET /libs/J06O120cS/common/js/common.js HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/javascript
Content-Length: 21379
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 08:57:25 GMT
X-Timestamp: 1685437044.05118
Cache-Control: max-age=15552000
X-Trans-Id: tx0c8cb6105f9f4f1588a0c-006475ba75
ETag: W/27fe85ad5d5e94d60db0081b00098965
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
Age: 545146
X-Mid: pr2b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
confiant-integrations.global.ssl.fastly.net/native/202012081025/wrap.js
151.101.65.194200 OK 35 kB URL GET HTTP/1.1 confiant-integrations.global.ssl.fastly.net/native/202012081025/wrap.js
IP 151.101.65.194:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (22342), with LF, NEL line terminators
Hash 83426b7ee6fb9b722ca402b2368ffd91
7762d5fe5a302506784f0a7baff8670fee96108c
47beda598efc303a2d1c94f2a769fe560609c4874288960f1ea6b8e9f1fe2baf
GET /native/202012081025/wrap.js HTTP/1.1
Host: confiant-integrations.global.ssl.fastly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 34644
x-amz-id-2: rRNllVFLCquVHVTE7AdYcpu940ABuHd9srYaQj9XQI/zjUuH7GVZ1UeSX/++FmixBGvos1V4eJs=
x-amz-request-id: 7J8AKVCSJ06REVZF
Last-Modified: Tue, 08 Dec 2020 16:26:32 GMT
ETag: "1e44e6ee79c6ec09c22f19bd2054c6f1"
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Accept-Ranges: bytes
Date: Mon, 05 Jun 2023 16:23:12 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1666-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1685982192.773190,VS0,VE494
confiant-integrations.global.ssl.fastly.net/gpt/202009091622/wrap.js
151.101.65.194200 OK 47 kB URL GET HTTP/1.1 confiant-integrations.global.ssl.fastly.net/gpt/202009091622/wrap.js
IP 151.101.65.194:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (40931)
Hash 20f0a62b6efd2b7a30e2e6d59ba43da4
3b9f6f4c832d2da868d2853af926d7f2abbb980d
70c6274d94af8fd8e0e2c9654297c5c29a919cf405f684dcf67e1a06d859e9f9
GET /gpt/202009091622/wrap.js HTTP/1.1
Host: confiant-integrations.global.ssl.fastly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 47003
x-amz-id-2: 1iX2Oxl3yZLJY71/iDglrxNP29TdXRPuU1SSZ466FDcWf5VrMopcxdiPKdWj/vndK0mKNGu8RCc=
x-amz-request-id: 7J810ED37NXDJPBX
Last-Modified: Wed, 09 Sep 2020 20:45:44 GMT
ETag: "8534fa9f2d46d1a8d5d7bd06db517739"
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Accept-Ranges: bytes
Date: Mon, 05 Jun 2023 16:23:12 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1666-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1685982192.772086,VS0,VE499
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=orange/identite/202011261454&cb=1685982191881
54.230.111.8301 Moved Permanently 167 B URL GET HTTP/1.1 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=orange/identite/202011261454&cb=1685982191881
IP 54.230.111.8:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /utag/tiqapp/utag.v.js?a=orange/identite/202011261454&cb=1685982191881 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: application/javascript
Content-Length: 167
Connection: keep-alive
Location: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=orange/identite/202011261454&cb=1685982191881
X-Cache: Redirect from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zxr_flzGngfdnxxa9wtC_yNopzG1STKARsbIosdpob3e_J3J8j7kqQ==
Cache-Control: max-age=300
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=orange/identite/202011261454&cb=1685982191881
54.230.111.8301 Moved Permanently 2 B URL GET HTTP/1.1 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=orange/identite/202011261454&cb=1685982191881
IP 54.230.111.8:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=orange/identite/202011261454&cb=1685982191881 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Jun 2023 16:20:55 GMT
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cwJPPkM0X4hreiJBA2ultElLbMlkCSAqcgx8udwzmcQIZMSiE9l5qA==
age: 138
cache-control: max-age=300
X-Firefox-Spdy: h2
r.orange.fr/r/Oerreur_403
81.52.142.222301 Moved Permanently 0 B URL GET HTTP/1.1 r.orange.fr/r/Oerreur_403
IP 81.52.142.222:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectr.orange.fr
Fingerprint95:02:27:2A:A5:53:5B:4D:AA:8A:17:01:79:AE:59:14:2C:5E:DD:49
ValidityWed, 26 Oct 2022 00:00:00 GMT - Tue, 26 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/Oerreur_403 HTTP/1.1
Host: r.orange.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Content-Length: 0
Date: Mon, 05 Jun 2023 16:23:12 GMT
Expires: 0
Location: https://e.orange.fr/error403.html
Server: Apache
X-Redirector-Request-Id: 08da29c6-45f5-4cec-735d-4c818fba7c00
X-Vcap-Request-Id: 08da29c6-45f5-4cec-735d-4c818fba7c00
Connection: close
r.orange.fr/r/Oerreur_403
81.52.142.222301 Moved Permanently 0 B URL GET HTTP/1.1 r.orange.fr/r/Oerreur_403
IP 81.52.142.222:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectr.orange.fr
Fingerprint95:02:27:2A:A5:53:5B:4D:AA:8A:17:01:79:AE:59:14:2C:5E:DD:49
ValidityWed, 26 Oct 2022 00:00:00 GMT - Tue, 26 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/Oerreur_403 HTTP/1.1
Host: r.orange.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Content-Length: 0
Date: Mon, 05 Jun 2023 16:23:12 GMT
Expires: 0
Location: https://e.orange.fr/error403.html
Server: Apache
X-Redirector-Request-Id: 7d44e4c4-d0fb-4660-4a92-7de3f9b6f998
X-Vcap-Request-Id: 7d44e4c4-d0fb-4660-4a92-7de3f9b6f998
Connection: close
r.orange.fr/r/Oerreur_403
81.52.142.222301 Moved Permanently 0 B URL GET HTTP/1.1 r.orange.fr/r/Oerreur_403
IP 81.52.142.222:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectr.orange.fr
Fingerprint95:02:27:2A:A5:53:5B:4D:AA:8A:17:01:79:AE:59:14:2C:5E:DD:49
ValidityWed, 26 Oct 2022 00:00:00 GMT - Tue, 26 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/Oerreur_403 HTTP/1.1
Host: r.orange.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Content-Length: 0
Date: Mon, 05 Jun 2023 16:23:12 GMT
Expires: 0
Location: https://e.orange.fr/error403.html
Server: Apache
X-Redirector-Request-Id: 3b1b7882-2632-48c9-6670-180f223446c2
X-Vcap-Request-Id: 3b1b7882-2632-48c9-6670-180f223446c2
Connection: close
r.orange.fr/r/Oerreur_403
81.52.142.222301 Moved Permanently 0 B URL GET HTTP/1.1 r.orange.fr/r/Oerreur_403
IP 81.52.142.222:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectr.orange.fr
Fingerprint95:02:27:2A:A5:53:5B:4D:AA:8A:17:01:79:AE:59:14:2C:5E:DD:49
ValidityWed, 26 Oct 2022 00:00:00 GMT - Tue, 26 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/Oerreur_403 HTTP/1.1
Host: r.orange.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Content-Length: 0
Date: Mon, 05 Jun 2023 16:23:12 GMT
Expires: 0
Location: https://e.orange.fr/error403.html
Server: Apache
X-Redirector-Request-Id: 471bedfe-3f3d-4b94-77b7-c592589ceed5
X-Vcap-Request-Id: 471bedfe-3f3d-4b94-77b7-c592589ceed5
Connection: close
r.orange.fr/r/Oerreur_403
81.52.142.222301 Moved Permanently 0 B URL GET HTTP/1.1 r.orange.fr/r/Oerreur_403
IP 81.52.142.222:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectr.orange.fr
Fingerprint95:02:27:2A:A5:53:5B:4D:AA:8A:17:01:79:AE:59:14:2C:5E:DD:49
ValidityWed, 26 Oct 2022 00:00:00 GMT - Tue, 26 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/Oerreur_403 HTTP/1.1
Host: r.orange.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Content-Length: 0
Date: Mon, 05 Jun 2023 16:23:12 GMT
Expires: 0
Location: https://e.orange.fr/error403.html
Server: Apache
X-Redirector-Request-Id: 37037b65-51a3-461b-438a-381dacb3cd14
X-Vcap-Request-Id: 37037b65-51a3-461b-438a-381dacb3cd14
Connection: close
ct16323.tw1.ru/OR/Orange22/fonts/HelvNeue55_W1G.ttf
87.249.38.16404 Not Found 196 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/fonts/HelvNeue55_W1G.ttf
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/fonts/HelvNeue55_W1G.ttf HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password_fichiers/bundle.css
Cookie: utag_main=v_id:01888c5e9b05001db144971b003305046002e00900918$_sn:1$_ss:1$_st:1685983990342$ses_id:1685982190342%3Bexp-session$_pn:1%3Bexp-session
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
ct16323.tw1.ru/OR/Orange22/fonts/HelvNeue75_W1G.ttf
87.249.38.16404 Not Found 196 B URL GET HTTP/1.1 ct16323.tw1.ru/OR/Orange22/fonts/HelvNeue75_W1G.ttf
IP 87.249.38.16:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /OR/Orange22/fonts/HelvNeue75_W1G.ttf HTTP/1.1
Host: ct16323.tw1.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/OR/Orange22/password_fichiers/bundle.css
Cookie: utag_main=v_id:01888c5e9b05001db144971b003305046002e00900918$_sn:1$_ss:1$_st:1685983990342$ses_id:1685982190342%3Bexp-session$_pn:1%3Bexp-session
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.22.1
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
c.woopic.com/fonts/o-icomoon.woff?20201014
193.252.122.137301 Moved Permanently 178 B URL GET HTTP/1.1 c.woopic.com/fonts/o-icomoon.woff?20201014
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fonts/o-icomoon.woff?20201014 HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/fonts/o-icomoon.woff?20201014?20201014
c.woopic.com/fonts/HelvNeue55_W1G.woff?20201014
193.252.122.137301 Moved Permanently 178 B URL GET HTTP/1.1 c.woopic.com/fonts/HelvNeue55_W1G.woff?20201014
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fonts/HelvNeue55_W1G.woff?20201014 HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/fonts/HelvNeue55_W1G.woff?20201014?20201014
c.woopic.com/fonts/HelvNeue75_W1G.woff?20201014
193.252.122.137 178 B URL c.woopic.com/fonts/HelvNeue75_W1G.woff?20201014
IP 193.252.122.137:0
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fonts/HelvNeue75_W1G.woff?20201014 HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/fonts/HelvNeue75_W1G.woff?20201014?20201014
gp.cdn.woopic.com/fonts/HelvNeue55_W1G.woff2?20201014
193.252.122.137200 OK 19 kB URL GET HTTP/1.1 gp.cdn.woopic.com/fonts/HelvNeue55_W1G.woff2?20201014
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Web Open Font Format (Version 2), TrueType, length 18684, version 1.0\012- data
Hash 7cacf6f3f310565b41c6b3f536419773
b3bfd7ddfe2b3c908b2c25d739bc710d24494cb8
a84ca6b96b545a4df7413f3bbe30dc209af87adff480ee3a5cd0ff73e94ebbbb
GET /fonts/HelvNeue55_W1G.woff2?20201014 HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://gp.cdn.woopic.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: application/octet-stream
Content-Length: 18684
Connection: keep-alive
Access-Control-Expose-Headers: cache-control, content-language, content-type, expires, last-modified, pragma, etag, x-timestamp, x-trans-id, x-object-meta-cache-control-max-age
Last-Modified: Thu, 11 May 2023 16:01:31 GMT
Etag: 7cacf6f3f310565b41c6b3f536419773
X-Timestamp: 1683820890.79915
Access-Control-Allow-Origin: *
X-Trans-Id: txd03dc46195ba44b7a622d-006477d7db
Cache-Control: max-age=15552000
Vary: Origin
Age: 406549
X-Mid: pr3b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
gp.cdn.woopic.com/fonts/HelvNeue75_W1G.woff2?20201014
193.252.122.137200 OK 18 kB URL GET HTTP/1.1 gp.cdn.woopic.com/fonts/HelvNeue75_W1G.woff2?20201014
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Web Open Font Format (Version 2), TrueType, length 18520, version 1.0\012- data
Hash e54a5770b5f82d8d6d9a1727e440bd79
057464047783bfe4b217c9e81e48b71aab7b0082
9d091f8ac8f622ef32b06ef1d72e296675b8ac7a0eedb132e089d8a4d61ce5dd
GET /fonts/HelvNeue75_W1G.woff2?20201014 HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://gp.cdn.woopic.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: application/octet-stream
Content-Length: 18520
Connection: keep-alive
Access-Control-Expose-Headers: cache-control, content-language, content-type, expires, last-modified, pragma, etag, x-timestamp, x-trans-id, x-object-meta-cache-control-max-age
Last-Modified: Thu, 11 May 2023 16:01:28 GMT
Etag: e54a5770b5f82d8d6d9a1727e440bd79
X-Timestamp: 1683820887.10969
Access-Control-Allow-Origin: *
X-Trans-Id: tx14361b01c23e4158bba06-006477d7db
Cache-Control: max-age=15552000
Vary: Origin
Age: 406549
X-Mid: pr3b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
e.orange.fr/error403.html
193.252.122.137403 Forbidden 2.4 kB URL GET HTTP/1.1 e.orange.fr/error403.html
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectc.woopic.com
Fingerprint34:83:09:2D:08:4F:0E:50:ED:6A:F3:D6:97:94:63:2B:7B:E2:FC:20
ValidityMon, 18 Jul 2022 00:00:00 GMT - Tue, 01 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (317)
Hash 3f39620647124d65839bd31a1b3a83f2
4f9b6bfc70827f590569d4e212956d673fa71aa7
3320cc239b2fbfa44f7b5d9e42b5bea4321db9617368d928222114b37bcf20e8
GET /error403.html HTTP/1.1
Host: e.orange.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html
Content-Length: 2354
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:47:18 GMT
X-Timestamp: 1678963637.21927
X-Object-Meta-Cache-Control-Max-Age: 31540000
X-Trans-Id: txbaf52cafd79d49c6b1ad3-00646cbe4f
Cache-Control: max-age=31540000
ETag: W/3f39620647124d65839bd31a1b3a83f2
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1133984
X-Mid: pr1b
X-Cache: HIT
x-server: bgl
e.orange.fr/error403.html
193.252.122.137403 Forbidden 2.4 kB URL GET HTTP/1.1 e.orange.fr/error403.html
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectc.woopic.com
Fingerprint34:83:09:2D:08:4F:0E:50:ED:6A:F3:D6:97:94:63:2B:7B:E2:FC:20
ValidityMon, 18 Jul 2022 00:00:00 GMT - Tue, 01 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (317)
Hash 3f39620647124d65839bd31a1b3a83f2
4f9b6bfc70827f590569d4e212956d673fa71aa7
3320cc239b2fbfa44f7b5d9e42b5bea4321db9617368d928222114b37bcf20e8
GET /error403.html HTTP/1.1
Host: e.orange.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html
Content-Length: 2354
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:47:18 GMT
X-Timestamp: 1678963637.21927
X-Object-Meta-Cache-Control-Max-Age: 31540000
X-Trans-Id: tx1853a925de464ba0bd93e-00645b4e45
Cache-Control: max-age=31540000
ETag: W/3f39620647124d65839bd31a1b3a83f2
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 2276779
X-Mid: pr3b
X-Cache: HIT
x-server: bgl
e.orange.fr/error403.html
193.252.122.137403 Forbidden 2.4 kB URL GET HTTP/1.1 e.orange.fr/error403.html
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectc.woopic.com
Fingerprint34:83:09:2D:08:4F:0E:50:ED:6A:F3:D6:97:94:63:2B:7B:E2:FC:20
ValidityMon, 18 Jul 2022 00:00:00 GMT - Tue, 01 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (317)
Hash 3f39620647124d65839bd31a1b3a83f2
4f9b6bfc70827f590569d4e212956d673fa71aa7
3320cc239b2fbfa44f7b5d9e42b5bea4321db9617368d928222114b37bcf20e8
GET /error403.html HTTP/1.1
Host: e.orange.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html
Content-Length: 2354
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:47:18 GMT
X-Timestamp: 1678963637.21927
X-Object-Meta-Cache-Control-Max-Age: 31540000
X-Trans-Id: tx1853a925de464ba0bd93e-00645b4e45
Cache-Control: max-age=31540000
ETag: W/3f39620647124d65839bd31a1b3a83f2
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 2276779
X-Mid: pr3b
X-Cache: HIT
x-server: bgl
e.orange.fr/error403.html
193.252.122.137403 Forbidden 2.4 kB URL GET HTTP/1.1 e.orange.fr/error403.html
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectc.woopic.com
Fingerprint34:83:09:2D:08:4F:0E:50:ED:6A:F3:D6:97:94:63:2B:7B:E2:FC:20
ValidityMon, 18 Jul 2022 00:00:00 GMT - Tue, 01 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (317)
Hash 3f39620647124d65839bd31a1b3a83f2
4f9b6bfc70827f590569d4e212956d673fa71aa7
3320cc239b2fbfa44f7b5d9e42b5bea4321db9617368d928222114b37bcf20e8
GET /error403.html HTTP/1.1
Host: e.orange.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html
Content-Length: 2354
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:47:18 GMT
X-Timestamp: 1678963637.21927
X-Object-Meta-Cache-Control-Max-Age: 31540000
X-Trans-Id: txbaf52cafd79d49c6b1ad3-00646cbe4f
Cache-Control: max-age=31540000
ETag: W/3f39620647124d65839bd31a1b3a83f2
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1133984
X-Mid: pr1b
X-Cache: HIT
x-server: bgl
e.orange.fr/error403.html
193.252.122.137403 Forbidden 2.4 kB URL GET HTTP/1.1 e.orange.fr/error403.html
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectc.woopic.com
Fingerprint34:83:09:2D:08:4F:0E:50:ED:6A:F3:D6:97:94:63:2B:7B:E2:FC:20
ValidityMon, 18 Jul 2022 00:00:00 GMT - Tue, 01 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (317)
Hash 3f39620647124d65839bd31a1b3a83f2
4f9b6bfc70827f590569d4e212956d673fa71aa7
3320cc239b2fbfa44f7b5d9e42b5bea4321db9617368d928222114b37bcf20e8
GET /error403.html HTTP/1.1
Host: e.orange.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html
Content-Length: 2354
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:47:18 GMT
X-Timestamp: 1678963637.21927
X-Object-Meta-Cache-Control-Max-Age: 31540000
X-Trans-Id: tx1853a925de464ba0bd93e-00645b4e45
Cache-Control: max-age=31540000
ETag: W/3f39620647124d65839bd31a1b3a83f2
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 2276779
X-Mid: pr2b
X-Cache: HIT
x-server: bgl
c.woopic.com/fonts/HelvNeue55_W1G.ttf?20201014
193.252.122.137301 Moved Permanently 178 B URL GET HTTP/1.1 c.woopic.com/fonts/HelvNeue55_W1G.ttf?20201014
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fonts/HelvNeue55_W1G.ttf?20201014 HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/fonts/HelvNeue55_W1G.ttf?20201014?20201014
c.woopic.com/fonts/o-icomoon.ttf?20201014
193.252.122.137301 Moved Permanently 178 B URL GET HTTP/1.1 c.woopic.com/fonts/o-icomoon.ttf?20201014
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fonts/o-icomoon.ttf?20201014 HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/fonts/o-icomoon.ttf?20201014?20201014
c.woopic.com/fonts/HelvNeue75_W1G.ttf?20201014
193.252.122.137301 Moved Permanently 178 B URL GET HTTP/1.1 c.woopic.com/fonts/HelvNeue75_W1G.ttf?20201014
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /fonts/HelvNeue75_W1G.ttf?20201014 HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 16:23:12 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://c.woopic.com/fonts/HelvNeue75_W1G.ttf?20201014?20201014
cdn.woopic.com/c15d9d8fc98141b084d96f795046449b/auth-2.17.2/icons/favicon-194x194.png
193.252.122.137200 OK 680 B URL GET HTTP/1.1 cdn.woopic.com/c15d9d8fc98141b084d96f795046449b/auth-2.17.2/icons/favicon-194x194.png
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type PNG image data, 194 x 194, 8-bit/color RGBA, non-interlaced\012- data
Hash 5608b8bfdb3b2102d558f69f2aede778
8844295cf7a92af84a35fe7711fb1b99c8e8e860
40613807e3b07197817a58c12d4c46ea117d76e3338a2cc995c7c4c88844882d
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /c15d9d8fc98141b084d96f795046449b/auth-2.17.2/icons/favicon-194x194.png HTTP/1.1
Host: cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: image/png
Content-Length: 680
Connection: keep-alive
Vary: Origin,Accept-Encoding
Last-Modified: Tue, 18 Aug 2020 15:38:08 GMT
Etag: 5608b8bfdb3b2102d558f69f2aede778
X-Timestamp: 1597765087.00571
X-Object-Meta-Mtime: 1597764295.000000
X-Trans-Id: txf5f5cdb972a84888a810a-00647e0b65
Cache-Control: max-age=31536000
Age: 139
X-Mid: pr4b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
gp.cdn.woopic.com/libs/J06O120cS/common/js/o_onei_desktop.js
193.252.122.137200 OK 14 kB URL GET HTTP/1.1 gp.cdn.woopic.com/libs/J06O120cS/common/js/o_onei_desktop.js
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (31807)
Hash 7bdf57f95ac940a24edb076735bdd14c
eb3cc7f7440317fa97dda5e4378aa1b280ffad86
ef90c4d1643cd5d7dc71ac097bd79c66e1eb77d3851cf9bbed1d35ee465b54f1
GET /libs/J06O120cS/common/js/o_onei_desktop.js HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: text/javascript
Content-Length: 14185
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 08:57:25 GMT
X-Timestamp: 1685437044.23300
Cache-Control: max-age=15552000
X-Trans-Id: tx37c49851801a47cab40a9-006475ba75
ETag: W/7bdf57f95ac940a24edb076735bdd14c
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
Age: 545148
X-Mid: pr1b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
cdn.woopic.com/c15d9d8fc98141b084d96f795046449b/auth-2.17.2/icons/favicon-16x16.png
193.252.122.137200 OK 156 B URL GET HTTP/1.1 cdn.woopic.com/c15d9d8fc98141b084d96f795046449b/auth-2.17.2/icons/favicon-16x16.png
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 626f69e7786315605b8ded76e6fcbc8b
b35aacdb793e2aecfbf1200804419130db0735c9
62a86ea8519b47dc4f5dcfc10ba55e26c34065a64f1a34ec2e6edd52c16b803d
Analyzer Verdict Alert urlquery phishing Phishing - Orange
GET /c15d9d8fc98141b084d96f795046449b/auth-2.17.2/icons/favicon-16x16.png HTTP/1.1
Host: cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
Vary: Origin,Accept-Encoding
Last-Modified: Tue, 18 Aug 2020 15:38:08 GMT
Etag: 626f69e7786315605b8ded76e6fcbc8b
X-Timestamp: 1597765087.16158
X-Object-Meta-Mtime: 1597764295.000000
X-Trans-Id: txc3311a88e0c442a5b283f-00647e0bf1
Cache-Control: max-age=31536000
Age: 0
X-Mid: pr2b
X-Cache: MISS
x-server: bgl
Accept-Ranges: bytes
gp.cdn.woopic.com/libs/J06O120cS/common/js/o_onei_core.all.desktop.YMsdcLhX.js
193.252.122.137200 OK 90 kB URL GET HTTP/1.1 gp.cdn.woopic.com/libs/J06O120cS/common/js/o_onei_core.all.desktop.YMsdcLhX.js
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (33843), with NEL line terminators
Hash 04e0feaaef643601e0514897eed8120f
ea8264122c12c786291faabd6bd2c0c8144451c8
62a097af3424ef383c700570ef72bcb0f5158711e10c5d72c9db600231c05ddc
GET /libs/J06O120cS/common/js/o_onei_core.all.desktop.YMsdcLhX.js HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: text/javascript
Content-Length: 90434
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 08:57:25 GMT
X-Timestamp: 1685437044.19263
Cache-Control: max-age=15552000
X-Trans-Id: tx5f1b635e7eb54d5bb0eb9-006475ba75
ETag: W/04e0feaaef643601e0514897eed8120f
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
Age: 545147
X-Mid: pr2b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
gp.cdn.woopic.com/libs/J06O120cS/common/css/o_onei_responsive.css
193.252.122.137200 OK 28 kB URL GET HTTP/1.1 gp.cdn.woopic.com/libs/J06O120cS/common/css/o_onei_responsive.css
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (65536), with no line terminators
Hash 27c1e6e048e776a80723b7cf7fd3f61a
a31762e31e23050c5c9f9f1fc0e1bf5685954622
3cba37b4ce7180b2504a390ed12b9e8e3c65359f1864295471e0b5dec90ab37a
GET /libs/J06O120cS/common/css/o_onei_responsive.css HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: text/css
Content-Length: 28047
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 08:57:24 GMT
X-Timestamp: 1685437043.30349
Cache-Control: max-age=15552000
X-Trans-Id: tx9e05c5fe558347fbaf2c6-006475ba75
ETag: W/27c1e6e048e776a80723b7cf7fd3f61a
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
Age: 545148
X-Mid: pr1b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
gp.cdn.woopic.com/libs/J06O120cS/common/js/external/search/o_completion.js
193.252.122.137200 OK 64 kB URL GET HTTP/1.1 gp.cdn.woopic.com/libs/J06O120cS/common/js/external/search/o_completion.js
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type HTML document, ASCII text
Hash 4408b5afa6988edf6352ccb441882154
9258152dc87e8cff27d6475c4ce0eb7e8148f341
27007b1a1e4933f175f888fa8c0527619b043c6d94cca9f1ed7a2c1471d00c23
GET /libs/J06O120cS/common/js/external/search/o_completion.js HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: text/javascript
Content-Length: 64012
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 08:57:25 GMT
X-Timestamp: 1685437044.22815
Cache-Control: max-age=15552000
X-Trans-Id: txa10f2b8c8c484735bc622-006475ba75
ETag: W/4408b5afa6988edf6352ccb441882154
Content-Encoding: gzip
Vary: Origin, Accept-Encoding
Age: 545148
X-Mid: pr3b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
gp.cdn.woopic.com/magic/oneI.res.desktop.5.0.3.json
193.252.122.137 10 kB URL GET gp.cdn.woopic.com/magic/oneI.res.desktop.5.0.3.json
IP 193.252.122.137:0
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Unicode text, UTF-8 text, with very long lines (1337)
Hash f0b503601684b93349983fd0777ee90c
fa385d36531d2a33cf93aa8ad6223fb5b614635a
ecb5165446c8d676308da549df22f919b8a7fe87a57165b4aef0cdd95eec5323
GET /magic/oneI.res.desktop.5.0.3.json HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 15 May 2023 08:49:14 GMT
X-Timestamp: 1684140553.83781
X-Trans-Id: tx87151055df4849b8b11f3-00647e04cb
Vary: Accept-Encoding, Origin
Cache-Control: max-age=3600
Age: 1830
X-Mid: pr2b
X-Cache: HIT
x-server: bgl
Content-Encoding: gzip
gp.cdn.woopic.com/fonts/o-icomoon.woff2?20201014
193.252.122.137200 OK 14 kB URL GET HTTP/1.1 gp.cdn.woopic.com/fonts/o-icomoon.woff2?20201014
IP 193.252.122.137:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type Web Open Font Format (Version 2), TrueType, length 13644, version 1.0\012- data
Hash 9e0847145553460e0d4332843fdaf7b4
f0e1604dc368564192d3990a4bf7b94baabd5d00
bc29b9fbbe5fd57e9cd50049aaff479f15a236cd156e2a840d4f57594a097301
GET /fonts/o-icomoon.woff2?20201014 HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://gp.cdn.woopic.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: application/octet-stream
Content-Length: 13644
Connection: keep-alive
Access-Control-Expose-Headers: cache-control, content-language, content-type, expires, last-modified, pragma, etag, x-timestamp, x-trans-id, x-object-meta-cache-control-max-age
Last-Modified: Thu, 11 May 2023 16:01:35 GMT
Etag: 9e0847145553460e0d4332843fdaf7b4
X-Timestamp: 1683820894.08290
Access-Control-Allow-Origin: *
X-Trans-Id: tx9bf6cbb8913144cebe908-006477d7dc
Cache-Control: max-age=15552000
Vary: Origin
Age: 406549
X-Mid: pr3b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
c.woopic.com/z.gif?APP=elco&access=desktop&loaderLoaded=1481&libLoading=3076&libLoaded=3076&rendered=3228&end=3228
193.252.122.137200 OK 43 B URL GET HTTP/1.1 c.woopic.com/z.gif?APP=elco&access=desktop&loaderLoaded=1481&libLoading=3076&libLoaded=3076&rendered=3228&end=3228
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /z.gif?APP=elco&access=desktop&loaderLoaded=1481&libLoading=3076&libLoaded=3076&rendered=3228&end=3228 HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache
X-Mid: N-pr2b
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
c.woopic.com/z.gif?APP=elco&access=desktop&loaderLoaded=1481&libLoading=3076&libLoaded=3076&rendered=3242&end=3242
193.252.122.137200 OK 43 B URL GET HTTP/1.1 c.woopic.com/z.gif?APP=elco&access=desktop&loaderLoaded=1481&libLoading=3076&libLoaded=3076&rendered=3242&end=3242
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /z.gif?APP=elco&access=desktop&loaderLoaded=1481&libLoading=3076&libLoaded=3076&rendered=3242&end=3242 HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-cache
X-Mid: N-pr4b
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
sso.orange.fr/pushms/advise/1.1/proposal?targets=TOP%5Borangefr_megamenu_mof_seg%3A1%2Corangefr_megamenu_mof_perso%3A99%2Corangefr_megamenu_int_seg%3A1%2Corangefr_megamenu_int_perso%3A99%2Corangefr_megamenu_pim_seg%3A1%2Corangefr_megamenu_pim_perso%3A99%2Corangefr_megamenu_corner_event%3A1%5D&canal=06o&canalPhysique=web
193.251.215.153200 OK 3.6 kB URL GET HTTP/1.1 sso.orange.fr/pushms/advise/1.1/proposal?targets=TOP%5Borangefr_megamenu_mof_seg%3A1%2Corangefr_megamenu_mof_perso%3A99%2Corangefr_megamenu_int_seg%3A1%2Corangefr_megamenu_int_perso%3A99%2Corangefr_megamenu_pim_seg%3A1%2Corangefr_megamenu_pim_perso%3A99%2Corangefr_megamenu_corner_event%3A1%5D&canal=06o&canalPhysique=web
IP 193.251.215.153:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectsso.orange.fr
FingerprintB0:8C:CC:20:C7:4F:3B:9F:B7:9E:61:29:65:38:66:25:B1:42:08:42
ValidityTue, 16 May 2023 00:00:00 GMT - Fri, 31 May 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (8854), with no line terminators
Hash f60139b3dea0fd90f8034bd4aa524935
d6b7cc3d0a56a50069302b822b964e50d066c64e
9b6108b245ee8d6b90a643d773521565a12624d2006400ce2a11d86c351649fa
GET /pushms/advise/1.1/proposal?targets=TOP%5Borangefr_megamenu_mof_seg%3A1%2Corangefr_megamenu_mof_perso%3A99%2Corangefr_megamenu_int_seg%3A1%2Corangefr_megamenu_int_perso%3A99%2Corangefr_megamenu_pim_seg%3A1%2Corangefr_megamenu_pim_perso%3A99%2Corangefr_megamenu_corner_event%3A1%5D&canal=06o&canalPhysique=web HTTP/1.1
Host: sso.orange.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ct16323.tw1.ru
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 16:23:13 GMT
X-Request-Id: ZH4L8UUc4O9crAKFz8qR@wAAAFE
UNIQUE_ID: ZH4L8UUc4O9crAKFz8qR@wAAAFE
X-Adv-Status: 213
X-Adv-Med-et: 3451
X-Adv-RE-rtt: 12903
Vary: Origin,User-Agent,Accept-Encoding,Accept
Last-Modified: Mon, 05 Jun 2023 16:23:13 GMT
Content-Encoding: gzip
ETag: "-"
Cache-Control: private,max-age=0,s-maxage=0,must-revalidate
Content-Length: 3649
Content-Type: application/json
P3P: CP="NOI"
Connection: close
Set-Cookie: cookie_wt=!bMdzc/iC5bgBIWLycgeoogDF0hoFWQ7f0S40T8sRNqfWS93oUff9fE8jnxO0OSXUdvL/7C1kg6rnb+paW6Q/+zORT6ZEMa7Q9efSpIsoH1/92wZa0vtxj8IGsXsDkcap5Eo3egpP57jOtX/R+/+gKSjQ7PXjpVA=; path=/; Httponly; Secure ; SameSite=None
TS011e2867=01306ea61e0b63380937f04c619b4693846ac0a857877a19bbca2f3d5e170ed8bdfe322615e124e0ff2c226490c6673aaa4c9d72db; Path=/ ; Secure ; SameSite=None
c.woopic.com/logo-orange.png
193.252.122.137200 OK 3.4 kB URL GET HTTP/1.1 c.woopic.com/logo-orange.png
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type PNG image data, 250 x 250, 8-bit colormap, non-interlaced\012- data
Hash ba58c4c13a8cce3745d4891ece04159e
f06787352d2f6c0a8ae701ff27a066d4ba646a6c
b36e8ca10880ffc8a3903cd991589fbbe8aa75cbff6315f475be1ed0e9bda472
GET /logo-orange.png HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: image/png
Content-Length: 3354
Connection: keep-alive
Last-Modified: Tue, 01 Mar 2022 10:11:08 GMT
Etag: ba58c4c13a8cce3745d4891ece04159e
X-Timestamp: 1646129467.21732
X-Object-Meta-Mtime: 1646129461.489712
X-Trans-Id: txa0a32f66fc6545e8902cc-00647e0ba0
Vary: Origin
Age: 81
X-Mid: pr2b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
gp.cdn.woopic.com/zema/1.0.0/assets/telesurveillance.2ff3839756.jpg
193.252.122.137200 OK 24 kB URL GET HTTP/1.1 gp.cdn.woopic.com/zema/1.0.0/assets/telesurveillance.2ff3839756.jpg
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 567x302, components 3\012- data
Hash b0b0c360cab2ba6afece4a071dd28678
851d403e70a2abe8e9e65e29e4cd38c8a9db578d
b9439e26b99ebb1b20132e210e241b5a23178c77a0a697477a464d97737f278c
GET /zema/1.0.0/assets/telesurveillance.2ff3839756.jpg HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: image/jpeg
Content-Length: 23849
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 13:49:18 GMT
Etag: b0b0c360cab2ba6afece4a071dd28678
X-Timestamp: 1685454557.56562
Cache-Control: max-age=15552000
X-Trans-Id: tx6cc6bb8f9c6640d6825d3-006475fedf
Vary: Origin
Age: 527634
X-Mid: pr2b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
gp.cdn.woopic.com/zema/1.0.0/assets/Image-megamenu-banque-300123.c60297e301.png
193.252.122.137200 OK 80 kB URL GET HTTP/1.1 gp.cdn.woopic.com/zema/1.0.0/assets/Image-megamenu-banque-300123.c60297e301.png
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 567x302, components 3\012- data
Hash 021b5026900aee57f5db9ee06a07d00f
227dd5f4224d0913ec6dceec572d2cc5eaf9a176
83cc5d6a3b32a5d7fbd23cb7b30e492a40558327201a2aec1cf9bc440abbf824
GET /zema/1.0.0/assets/Image-megamenu-banque-300123.c60297e301.png HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: image/png
Content-Length: 79993
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 13:49:16 GMT
Etag: 021b5026900aee57f5db9ee06a07d00f
X-Timestamp: 1685454555.90172
Cache-Control: max-age=15552000
X-Trans-Id: txb6e4ec663d3547f4b2999-006475fedf
Vary: Origin
Age: 527634
X-Mid: pr2b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
gp.cdn.woopic.com/zema/1.0.0/assets/offres-forfaits.0dd24e2bfe.png
193.252.122.137200 OK 190 kB URL GET HTTP/1.1 gp.cdn.woopic.com/zema/1.0.0/assets/offres-forfaits.0dd24e2bfe.png
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type PNG image data, 408 x 302, 8-bit/color RGBA, non-interlaced\012- data
Size 190 kB (190406 bytes)
Hash 1247cdc686cc780bf78ce055fd85722a
cbc599aedd70a315f92b60ae0437547474f2db26
4995cb754001cf4e3457ee1884adb145140dbb87b8d26b8109b0cdd62fc4df6c
GET /zema/1.0.0/assets/offres-forfaits.0dd24e2bfe.png HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: image/png
Content-Length: 190406
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 13:49:17 GMT
Etag: 1247cdc686cc780bf78ce055fd85722a
X-Timestamp: 1685454556.45417
Cache-Control: max-age=15552000
X-Trans-Id: txe6776fcdec764d47925f6-006475fedf
Vary: Origin
Age: 527634
X-Mid: pr1b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
gp.cdn.woopic.com/zema/1.0.0/assets/offres-mobiles.dc002b241b.png
193.252.122.137200 OK 168 kB URL GET HTTP/1.1 gp.cdn.woopic.com/zema/1.0.0/assets/offres-mobiles.dc002b241b.png
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type PNG image data, 408 x 302, 8-bit/color RGBA, non-interlaced\012- data
Size 168 kB (167895 bytes)
Hash c7d2c9d8835445294ce16e336dfcace1
497a9c7b7d06fba477dc55dccbed889f94b2f1ca
309e1f498c78244626b47edef3290b99e8878d93f8f85ae3ae6dc8746357a3d1
GET /zema/1.0.0/assets/offres-mobiles.dc002b241b.png HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: image/png
Content-Length: 167895
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 13:49:17 GMT
Etag: c7d2c9d8835445294ce16e336dfcace1
X-Timestamp: 1685454556.79225
Cache-Control: max-age=15552000
X-Trans-Id: txedc0a08a7bb941a880042-006475fedf
Vary: Origin
Age: 527634
X-Mid: pr3b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
gp.cdn.woopic.com/zema/1.0.0/assets/VisuelMegaMenuIetM.4b12cc3626.png
193.252.122.137200 OK 149 kB URL GET HTTP/1.1 gp.cdn.woopic.com/zema/1.0.0/assets/VisuelMegaMenuIetM.4b12cc3626.png
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
File type PNG image data, 567 x 302, 8-bit/color RGBA, non-interlaced\012- data
Size 149 kB (148895 bytes)
Hash 1646f6e41b400e24eb0a382221f2a1ed
b135fd65cde5ebcd45fd9fe1d6d6657bc0696ea2
fa7269f5630f79fcd24a27e751ac02403d73163746d6bb4e95abff3dd9abe216
GET /zema/1.0.0/assets/VisuelMegaMenuIetM.4b12cc3626.png HTTP/1.1
Host: gp.cdn.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 16:23:13 GMT
Content-Type: image/png
Content-Length: 148895
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 13:49:17 GMT
Etag: 1646f6e41b400e24eb0a382221f2a1ed
X-Timestamp: 1685454556.03655
Cache-Control: max-age=15552000
X-Trans-Id: tx7b4320d81bef46188f72d-006475fedf
Vary: Origin
Age: 527634
X-Mid: pr1b
X-Cache: HIT
x-server: bgl
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 5a65ab604ecb4f6bc4d0b8f18872c757
5cc8c1fdb4fbf2b62c513edeea75b5cb7e8171b7
eebda0199d9f25f3d150aa63a7db585c04908ab1106684274ddaa15ac83dd7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 16:23:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 700d09b8e20089cc4d5eebe096a9500f
8f71f91e9bf818f7f4c18053e22a3078d796a545
e34cbc6c7d50238eae68d853292214dde71df09f8a9d0dd1832b52e496acf2cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 16:23:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
172.217.21.161200 OK 3.0 kB URL GET HTTP/2 tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
IP 172.217.21.161:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
FingerprintFE:A7:82:21:40:84:DF:21:05:A7:26:90:B5:B0:82:DA:A9:6C:52:2A
ValidityFri, 19 May 2023 12:57:39 GMT - Fri, 11 Aug 2023 12:57:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5647)
Hash 94918a2321b72368fdfe5b171aa653cd
98b7880b6c2a5fed14b55458e175424d34fdcd69
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
GET /safeframe/1-0-37/html/container.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2973
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Jun 2023 08:59:15 GMT
expires: Sat, 01 Jun 2024 08:59:15 GMT
cache-control: public, immutable, max-age=31536000
age: 285841
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
content-type: text/html
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
996f5f9484d2d7907326671d40452523.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
142.250.74.97200 OK 3.0 kB URL GET HTTP/2 996f5f9484d2d7907326671d40452523.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
IP 142.250.74.97:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint43:CE:FB:9F:15:CF:60:5A:60:72:25:27:C1:45:67:BF:C4:B1:1A:1E
ValidityFri, 19 May 2023 12:53:03 GMT - Fri, 11 Aug 2023 12:53:02 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5647)
Hash 94918a2321b72368fdfe5b171aa653cd
98b7880b6c2a5fed14b55458e175424d34fdcd69
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
GET /safeframe/1-0-37/html/container.html HTTP/1.1
Host: 996f5f9484d2d7907326671d40452523.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2973
date: Mon, 05 Jun 2023 16:23:16 GMT
expires: Tue, 04 Jun 2024 16:23:16 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 5a65ab604ecb4f6bc4d0b8f18872c757
5cc8c1fdb4fbf2b62c513edeea75b5cb7e8171b7
eebda0199d9f25f3d150aa63a7db585c04908ab1106684274ddaa15ac83dd7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 16:23:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 5a65ab604ecb4f6bc4d0b8f18872c757
5cc8c1fdb4fbf2b62c513edeea75b5cb7e8171b7
eebda0199d9f25f3d150aa63a7db585c04908ab1106684274ddaa15ac83dd7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 16:23:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
confiant-integrations.global.ssl.fastly.net/Ngwh8Nfclp8QnaUOpjNkhYFSsl8/gpt_and_prebid/config.js
151.101.65.194200 OK 46 kB URL GET HTTP/1.1 confiant-integrations.global.ssl.fastly.net/Ngwh8Nfclp8QnaUOpjNkhYFSsl8/gpt_and_prebid/config.js
IP 151.101.65.194:80
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
File type ASCII text, with very long lines (64490)
Hash 37f91da54f11784e8e74da975126286b
3f47f3593c8c9d7d56ff5245e6a7e7fdef74e2ef
d570807649d0e7b8ffccabbeab9b212235129e788b660c08c78445cd255d0467
GET /Ngwh8Nfclp8QnaUOpjNkhYFSsl8/gpt_and_prebid/config.js HTTP/1.1
Host: confiant-integrations.global.ssl.fastly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ct16323.tw1.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 45751
x-amz-id-2: PMNv/gzQ3GIGsWZ0xqiOq2DcYznrQpTt/QMfc1Rv5V5ou7RyZoggGJR0D5+jxTczLzck8Eo6YxY=
x-amz-request-id: PQEQKAPGTA981W6Z
Last-Modified: Mon, 05 Jun 2023 16:05:50 GMT
ETag: "41a22e5793ab1d0e2cb5f419ad9eb05d"
x-amz-server-side-encryption: AES256
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Content-Encoding: gzip
Content-Type: text/javascript
Server: AmazonS3
Accept-Ranges: bytes
Date: Mon, 05 Jun 2023 16:23:16 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1666-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1685982196.359139,VS0,VE466
c.woopic.com/Magic/o_tealium.js?update?update
193.252.122.137302 Moved Temporarily 0 B URL GET HTTP/1.1 c.woopic.com/Magic/o_tealium.js?update?update
IP 193.252.122.137:443
Requested by http://ct16323.tw1.ru/OR/Orange22/password.php
Certificate IssuerDigiCert Inc
Subjectcdn.woopic.com
Fingerprint86:3D:4E:DE:E4:E4:F2:E4:15:F2:97:34:00:C9:8F:85:F3:76:7C:00
ValidityFri, 14 Oct 2022 00:00:00 GMT - Tue, 27 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Magic/o_tealium.js?update?update HTTP/1.1
Host: c.woopic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ct16323.tw1.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 05 Jun 2023 16:23:11 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: https://r.orange.fr/r/Oerreur_403
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block