Report - aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg

Report Overview

Submitted URL
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
IP
63.250.43.136
ASN
#22612 NAMECHEAP-NET
Submitted
2024-04-30 16:27:19
Access
public
Website Title
SG | Connexion
Final URL
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Tags
societe_generale financial phishing
urlquery detections
Phishing - Societe Generale

Detections

urlquery
74
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aveyron-ec74fe.ingress-florina.ewp.live	unknown	unknown	No data	No data	25 kB	1.4 MB	63.250.43.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/init-configs_20220624163857.js	5.3 kB	2023-03-07	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/init-configs_20220624163857.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:53:11 Last Seen2024-04-30 18:31:05 Times Seen91 Hash 0ce100e5494fd23f44c08870ffeafb54 aa95660cccbf7c89fda5e3bc1c36194ab73ce1ac 3940ae454d8670f5a17174d067cab19ac409d1dda4803cad26abc00c990844ce Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/tc_SocieteGenerale_22.js	237 kB	2023-03-14	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/tc_SocieteGenerale_22.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 19:17:42 Last Seen2024-04-30 18:31:05 Times Seen93 Hash fe1f9f5ef106f6941daee833ce8d3fed f3d802305aa8828c20dd7dfff1e103a2ac2698c0 ffca0f2c478401870feb156cb93f75280062dae38fdfeb596466169950a38f1d Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg	50 B	2023-03-10	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 23:07:41 Last Seen2024-04-30 18:31:05 Times Seen68 Hash 85a25c4d64cf2360951cbf80417e6f48 781fd587f91c4b76c6d2c346fa84e9b596eab203 d5cc5f406ac41660153dbcf9ecf59781c5aefba1d17e40d9260987d6ea6d9bf7 Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg	15 B	2023-03-07	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 21:53:11 Last Seen2024-04-30 18:31:05 Times Seen400 Hash 4a2be1f68b7564d1eb06471bb0754e1b 92be5685a8c521acca7ba10da2f5cceb3e558219 f3b8583304213a75f01e94d2fcd52a3fb80dfd5a607c77aa8b6c3626a30bd3e7 Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg	461 B	2024-04-30	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-30 18:06:52 Last Seen2024-04-30 18:31:05 Times Seen3 Hash 026439fe68f8c50db22ec3a271c46339 fc279114f7b276e930bbae6e9e199cb24e9d080f 923edc17d3db0e170866a5e2517195e78e598383fdb66d3cca851c211ffbf590 Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/dcaweb-main.js	194 kB	2023-04-06	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/dcaweb-main.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 19:55:51 Last Seen2024-04-30 18:31:05 Times Seen41 Hash 6afb29d47a1b0c0d93128bb23dc6d2fd 0fa3fb55f94b7657b9a2c7907cdcaf3d9f002bc1 2da56f0dc3ee3c64aa16cfcf7721adafdee80cdd7e0ad832cb13cc43c244efbe Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg	2.4 kB	2023-03-14	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 17:38:33 Last Seen2024-04-30 18:31:05 Times Seen58 Hash 08a23bb6c03dba762dd80696920504a5 aa43b04d6c72ed2c5af410f9b895f32e740b73e8 1d814d477faf4e736d41483e14e9cf48fd4ae96cc8471fd42f197c26c445f5d5 Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg	447 B	2023-03-14	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 17:38:33 Last Seen2024-04-30 18:31:05 Times Seen58 Hash eda4f5a6aa985737a50cd8d1893fcc5d 1a87ef1087f8c3d8548a6a8e5712ab411f18187c 579addaa3c4d06fcfb6693463b528bb0a8a2dae2672f6f7bf87c2d3cdc9ffb24 Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg	215 B	2023-03-14	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 17:38:33 Last Seen2024-04-30 18:31:05 Times Seen58 Hash b5c2f52846acd9cada4681626247a6e7 685e19bb65ddbf10463a1d0b7acfcc737a82d244 c8e45f77774988eb461464f1390f374fa8445979fed1186bdac4336459f28e58 Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg	453 B	2023-03-14	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 17:38:33 Last Seen2024-04-30 18:31:05 Times Seen58 Hash f33988d8f02d30b2b87494f62f527a04 fb60d64faa6a32e24366791a48b1b084fe92e1cf 6070dfb04e9804c7db84a7a3e1e2d8700642f2a8c274c8732175234f3b375b1e Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/lib/rules.js	488 B	2023-03-07	2024-05-19
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/lib/rules.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-05-19 21:08:43 Times Seen820 Hash cd884ffdf1f759fbdeaae54b636288d4 450ea313a0b4b250024abd0935c1f59617841134 f0f8ce50e148b374b7b9b29180824007970478e81ce52669d531a669d9c4c34d Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg	295 B	2023-03-14	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 17:38:33 Last Seen2024-04-30 18:31:05 Times Seen58 Hash 28eef1983486163bae6a828c2d264cb5 ceb0deb069756f2f5dcbed07ba43c0823b644de0 5b959d85f5517a60d412f0dfc0c4bb7a43574849a3d6bfdcfd54755c0340153d Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/lib/jquery.js	88 kB	2023-03-07	2024-05-21
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/lib/jquery.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-21 15:04:45 Times Seen99305 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg	3.4 kB	2023-03-14	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 17:38:33 Last Seen2024-04-30 18:31:05 Times Seen58 Hash dda1afe8763789b4b2e7dc60ec943f95 b11346e49abab822eea8265035d7ab92178289dc 29aafba96c0e2f5848ac406764fbee0e60027d7a5df4d685f62eca0b71a97a72 Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg	103 B	2023-03-10	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 23:07:42 Last Seen2024-04-30 18:31:05 Times Seen62 Hash 7f43655b3af0be9fd784e446733fee02 4f0e4f368527104332bf81d4f5c00c871b283bf1 b74e6cf55f2225d70c1778f03183181c4bb7025f52b12c76f9c240d736f1661a Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/n2g_secu.js	302 B	2023-03-07	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/n2g_secu.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:53:11 Last Seen2024-04-30 18:31:05 Times Seen769 Hash bfe9ed83d7f91f016da0098eaa045246 f54713ef6558805d629052650d5e01c9efab5de4 fe136c9ab8e8892e8115af3b4fc3f4fba42a9b3d65fa5a56c30214880766f3c2 Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/lib/jquery2.js	70 kB	2023-03-07	2024-05-19
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/lib/jquery2.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:09 Last Seen2024-05-19 21:08:43 Times Seen857 Hash f86b7a0e560edb5951576cf8884153e6 e5b4c5b95c79e6e42ef676ed77986db3f85223ab 74a340d2c31205e840515065e739e3d08fa169bc8fa52c66db838dbf749103c1 Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/jQuery.min.affcbf7942d5bedb0785712.js	154 kB	2023-11-16	2024-05-14
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/jQuery.min.affcbf7942d5bedb0785712.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-16 02:19:53 Last Seen2024-05-14 17:25:52 Times Seen112 Hash 0788a8f61b6fefd5e24be8ee105ccbfe 913ab146281c5f797c7213989674694896b198d8 3895b1ae68326e2f741061e13771b1c944097c408f33c99699655e0364313076 Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg	887 B	2023-03-14	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 17:38:33 Last Seen2024-04-30 18:31:05 Times Seen57 Hash 4850b18862bb56773a22730d85bf018d 5d7427a5b864997d84cc934ec4c1214070bfb3c5 1ebf163dda7ca5446aed8f23ab35551a825f5508537f313023a4808cac8ebb24 Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/public-dca.js	4.3 kB	2023-03-14	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/public-dca.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:38:33 Last Seen2024-04-30 18:31:05 Times Seen94 Hash 33914d573a804936167cfe01f9fe815a db1fa0c4e6683e3eab073e342932f8df4d5289c4 5f0e9e0b84ba4948f06763f772560c859fc49dd63f5cc3165ad5f94160fe81f9 Loading...

	aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/dca_portail_global_20211128192509.js	3.4 kB	2023-03-07	2024-04-30
Pretty URL aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/dca_portail_global_20211128192509.js IP 63.250.43.137 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:53:11 Last Seen2024-04-30 18:31:05 Times Seen101 Hash 2ea817806fbd46a342aaff7eb14b0043 073b3ffb771c8c9ba685599167c300d9b9e56381 0f0c9a0d3315908b1f7c15f96957b4c61b59963d5137b40c130ab6e10f8eba83 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 81506f6c9b74db893b121a759da430d7	1.0 kB	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:33:09 Last Seen2024-05-19 21:08:43 Times Seen464 Hash 81506f6c9b74db893b121a759da430d7 2d4226d3b0de0217029bc6113d7489f398b5a4be a49959becff3155c2f2c2ba4684dfecdf77e055678880cbddac3c81eba11fe3c Loading...

HTTP Transactions (42)

URL IP Response Size

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg

63.250.43.137

200 OK

13 kB

URL User Request GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (984), with CRLF, LF line terminators
Size
13 kB (12781 bytes)
Hash
2043b0cf0d2535b3a89981512ebc3fc3
9d08d46c67ac79c72f520a514b56acffe0597a12
63409c570616784da6049cb67fdcfb71e2b4f1ff1f817a8a0b86989c6dcace87

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/pages/index.php?lsg HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:16:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, public
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 29446
accept-ranges: bytes
x-cache: HIT
content-length: 12781
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/n2g_secu.js

63.250.43.137

200 OK

186 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/n2g_secu.js
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
ASCII text
Size
186 B (186 bytes)
Hash
bfe9ed83d7f91f016da0098eaa045246
f54713ef6558805d629052650d5e01c9efab5de4
fe136c9ab8e8892e8115af3b4fc3f4fba42a9b3d65fa5a56c30214880766f3c2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/js/n2g_secu.js HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2024 11:43:33 GMT
vary: Accept-Encoding
etag: W/"662f87e5-12e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 186
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/init-configs_20220624163857.js

63.250.43.137

200 OK

1.4 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/init-configs_20220624163857.js
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
1.4 kB (1419 bytes)
Hash
0ce100e5494fd23f44c08870ffeafb54
aa95660cccbf7c89fda5e3bc1c36194ab73ce1ac
3940ae454d8670f5a17174d067cab19ac409d1dda4803cad26abc00c990844ce

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/js/init-configs_20220624163857.js HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2024 11:43:33 GMT
vary: Accept-Encoding
etag: W/"662f87e5-14ce"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 1419
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/dca_portail_global_20211128192509.js

63.250.43.137

200 OK

1.2 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/dca_portail_global_20211128192509.js
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
1.2 kB (1200 bytes)
Hash
2ea817806fbd46a342aaff7eb14b0043
073b3ffb771c8c9ba685599167c300d9b9e56381
0f0c9a0d3315908b1f7c15f96957b4c61b59963d5137b40c130ab6e10f8eba83

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/js/dca_portail_global_20211128192509.js HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2024 11:43:33 GMT
vary: Accept-Encoding
etag: W/"662f87e5-d62"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 1200
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/public-dca.js

63.250.43.137

200 OK

1.8 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/public-dca.js
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4331), with no line terminators
Size
1.8 kB (1781 bytes)
Hash
33914d573a804936167cfe01f9fe815a
db1fa0c4e6683e3eab073e342932f8df4d5289c4
5f0e9e0b84ba4948f06763f772560c859fc49dd63f5cc3165ad5f94160fe81f9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/js/public-dca.js HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2024 11:43:33 GMT
vary: Accept-Encoding
etag: W/"662f87e5-10eb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 1781
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/index_pri_20220712163248.min.css

63.250.43.137

200 OK

34 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/index_pri_20220712163248.min.css
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (34176 bytes)
Hash
849fd06fd654b7f78ee5f1abcf89cf7a
06112fcf6ccd470fe47fed419bb82e1f0eb7943d
3071af167b5a02305b91311419ec69d7bd736cb0747fc42edf182f0a9e6e9d75

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/css/index_pri_20220712163248.min.css HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2024 11:42:23 GMT
vary: Accept-Encoding
etag: W/"662f879f-3734a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 34176
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/spec56_btn_gsm_all_gcd_20211128192509.min.css

63.250.43.137

200 OK

292 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/spec56_btn_gsm_all_gcd_20211128192509.min.css
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (711), with no line terminators
Size
292 B (292 bytes)
Hash
79281f1fb20ee8956ede11c4af608409
e25ff0212bac188b902a21c3ab989b394fe8d217
0a2a772760a16e07b99ff6f6061b4d9b8c99bde4152bd0dde426d013987ef097

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/css/spec56_btn_gsm_all_gcd_20211128192509.min.css HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2024 11:42:36 GMT
vary: Accept-Encoding
etag: W/"662f87ac-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 292
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/head-section_fix-gb9_16381239090000.css

63.250.43.137

200 OK

124 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/head-section_fix-gb9_16381239090000.css
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
ASCII text
Size
124 B (124 bytes)
Hash
527d84e9cc74653cc0ab940b463d1469
06533490188bdefeee857859e8fb1c618fd77048
0d0c477e9849e1b674c4070ef22e282fe52c08b7d54018b3844a999ae8ca5c79

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/css/head-section_fix-gb9_16381239090000.css HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: text/css
content-length: 124
last-modified: Mon, 29 Apr 2024 11:42:23 GMT
etag: "662f879f-7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/lib/rules.js

63.250.43.137

200 OK

248 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/lib/rules.js
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
248 B (248 bytes)
Hash
cd884ffdf1f759fbdeaae54b636288d4
450ea313a0b4b250024abd0935c1f59617841134
f0f8ce50e148b374b7b9b29180824007970478e81ce52669d531a669d9c4c34d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/lib/rules.js HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2024 11:43:39 GMT
vary: Accept-Encoding
etag: W/"662f87eb-1e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 248
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/lib/jquery2.js

63.250.43.137

200 OK

24 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/lib/jquery2.js
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (33165)
Size
24 kB (24460 bytes)
Hash
f86b7a0e560edb5951576cf8884153e6
e5b4c5b95c79e6e42ef676ed77986db3f85223ab
74a340d2c31205e840515065e739e3d08fa169bc8fa52c66db838dbf749103c1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/lib/jquery2.js HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2024 11:43:39 GMT
vary: Accept-Encoding
etag: W/"662f87eb-11348"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 24460
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/lib/jquery.js

63.250.43.137

200 OK

31 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/lib/jquery.js
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30719 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/lib/jquery.js HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2024 11:43:39 GMT
vary: Accept-Encoding
etag: W/"662f87eb-15851"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 30719
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/style.css

63.250.43.137

200 OK

10 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/style.css
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
10 kB (9994 bytes)
Hash
423f8d8b436ec7988ef2d1fa7c4aadab
142f3795a8c4054fe8d656ec11e228e9526d4829
1c3ddc644027227dbff74862a0dbe7f18f0f474ece9cd803ae58d186f15b0684

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/css/style.css HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2024 11:42:36 GMT
vary: Accept-Encoding
etag: W/"662f87ac-11eec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 9994
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/securite-renforcee.png

63.250.43.137

200 OK

3.5 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/securite-renforcee.png
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced
Size
3.5 kB (3460 bytes)
Hash
756e5bdb3942f6c656250b8a635ea5ca
a03c0222b67b68b19dd02a5407555727b169f5cb
0fb87a360659fde9b149b2036db331efa88b0d3d06ab319c0510480243c2bb8a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/securite-renforcee.png HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: image/png
content-length: 3460
last-modified: Mon, 29 Apr 2024 11:43:07 GMT
etag: "662f87cb-d84"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/SGAvenirStrokedConseiller24.svg

63.250.43.137

200 OK

439 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/SGAvenirStrokedConseiller24.svg
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
439 B (439 bytes)
Hash
8463811cafb76e9382dd19c6f52421a3
29b7d5e919f3f74d4c63c18a531ff055808c2f35
c3dc22600cc625efd20530d11eea272876e4ca84d85b6d21d0080cf8d87f2e79

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/SGAvenirStrokedConseiller24.svg HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Apr 2024 11:43:07 GMT
vary: Accept-Encoding
etag: W/"662f87cb-3c0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 439
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/gen_ui.png

63.250.43.137

200 OK

6.4 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/gen_ui.png
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced
Size
6.4 kB (6380 bytes)
Hash
f5f55947733314117f1109f93f826b5f
394e87fcb82200b9c108182bdc761dc6aa016467
c4763204659e2a150da0e4f784da55eff7c77ae08b0c4fe9156a832093fb90fb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/gen_ui.png HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: image/png
content-length: 6380
last-modified: Mon, 29 Apr 2024 11:42:52 GMT
etag: "662f87bc-18ec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/s-curit-renforc-e-2.png

63.250.43.137

200 OK

3.8 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/s-curit-renforc-e-2.png
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
PNG image data, 46 x 67, 8-bit/color RGBA, non-interlaced
Size
3.8 kB (3790 bytes)
Hash
9034fe25222bf982cc43941cedc4d0b3
37a2b32a5b7590383056858e9628c42ce768bf55
12ad8a6fe4c03864191066da21747429eb42250696a30943f165b6bbc19ae162

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/s-curit-renforc-e-2.png HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: image/png
content-length: 3790
last-modified: Mon, 29 Apr 2024 11:43:07 GMT
etag: "662f87cb-ece"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/SGAvenirStyledCarteBloquee48.svg

63.250.43.137

200 OK

368 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/SGAvenirStyledCarteBloquee48.svg
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
368 B (368 bytes)
Hash
5057d5cf0dd58f1e1d05f73955763bbd
15dcaea00b4310a4c3f5cd570d007e5dcfe19506
18d2574039d88205568e102026c3fc3f2997f8aab59cc11cd791bfee6fc38213

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/SGAvenirStyledCarteBloquee48.svg HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Apr 2024 11:43:07 GMT
vary: Accept-Encoding
etag: W/"662f87cb-269"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 368
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/SGAvenirStrokedProperties24.svg

63.250.43.137

200 OK

315 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/SGAvenirStrokedProperties24.svg
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
315 B (315 bytes)
Hash
18e78a5db136d44285eb605e866ce995
fa1dba649798177419ddec29424981b1d8630cbf
472ce0bb9404f8261b0c96e69448a0f62d913129d14f680126817de6c6b092f5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/SGAvenirStrokedProperties24.svg HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Apr 2024 11:43:07 GMT
vary: Accept-Encoding
etag: W/"662f87cb-3bf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 315
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/eo2680-style.css

63.250.43.137

200 OK

559 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/eo2680-style.css
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
ASCII text
Size
559 B (559 bytes)
Hash
c7561f7c82488a89dfebd17d88ee1228
1f772743a94ff966632603c15ace99848bf61284
42d1dc709aae2bded3fab89a75b78ac71ac56a5bc9938e213bb95dd47fb87fae

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/css/eo2680-style.css HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2024 11:42:23 GMT
vary: Accept-Encoding
etag: W/"662f879f-777"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 559
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/SGAvenirStyledBouclierSecurite48.svg

63.250.43.137

200 OK

388 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/SGAvenirStyledBouclierSecurite48.svg
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
388 B (388 bytes)
Hash
6e7d7d48655dece24d5f76dfc9efa0ca
029840e05f8e1d374d38b4512b412975b0749a70
aef5c5e51ae514f22b02f0c8e99468f37cb49665aedfdde4f30d93921176ae67

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/SGAvenirStyledBouclierSecurite48.svg HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Apr 2024 11:43:07 GMT
vary: Accept-Encoding
etag: W/"662f87cb-254"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 388
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/logo-sg-seul.svg

63.250.43.137

200 OK

1.4 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/logo-sg-seul.svg
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1444 bytes)
Hash
a4905efc552b898322c256cb4d4f55c3
6ca6d615b2ebe329819a0338879c1d206ad0b90b
4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/logo-sg-seul.svg HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Apr 2024 11:42:52 GMT
vary: Accept-Encoding
etag: W/"662f87bc-be2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 1444
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/tc_SocieteGenerale_22.js

63.250.43.137

200 OK

42 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/tc_SocieteGenerale_22.js
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65328)
Size
42 kB (42209 bytes)
Hash
fe1f9f5ef106f6941daee833ce8d3fed
f3d802305aa8828c20dd7dfff1e103a2ac2698c0
ffca0f2c478401870feb156cb93f75280062dae38fdfeb596466169950a38f1d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/js/tc_SocieteGenerale_22.js HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2024 11:43:33 GMT
vary: Accept-Encoding
etag: W/"662f87e5-39e79"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 42209
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/jQuery.min.affcbf7942d5bedb0785712.js

63.250.43.137

200 OK

44 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/jQuery.min.affcbf7942d5bedb0785712.js
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (585)
Size
44 kB (44439 bytes)
Hash
0788a8f61b6fefd5e24be8ee105ccbfe
913ab146281c5f797c7213989674694896b198d8
3895b1ae68326e2f741061e13771b1c944097c408f33c99699655e0364313076

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/js/jQuery.min.affcbf7942d5bedb0785712.js HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2024 11:43:33 GMT
vary: Accept-Encoding
etag: W/"662f87e5-25b64"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 44439
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/pictos-fonctionnels_20230510173629.svg

63.250.43.137

404 Not Found

146 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/pictos-fonctionnels_20230510173629.svg
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/pictos-fonctionnels_20230510173629.svg HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 30 Apr 2024 16:26:53 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/new_sprite.png

63.250.43.137

200 OK

10 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/new_sprite.png
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
PNG image data, 312 x 104, 8-bit/color RGBA, non-interlaced
Size
10 kB (9961 bytes)
Hash
675d3d69bb78ed155d9d443bef4cccd8
8266846da238de6218a75a11744f35f821baff74
0d477834d11f75ff989d2b6bfbcbaaed80a8e4f8efe65569f4cee2ad603a73af

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/new_sprite.png HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/scss/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:54 GMT
content-type: image/png
content-length: 9961
last-modified: Mon, 29 Apr 2024 11:42:52 GMT
etag: "662f87bc-26e9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 29218
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/spriteV4.png

63.250.43.137

200 OK

56 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/spriteV4.png
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
PNG image data, 880 x 650, 8-bit/color RGBA, non-interlaced
Size
56 kB (56012 bytes)
Hash
2489b1de4b742de1d025c2751296143e
ca790ae20b4603ce6595ab1a0384dd217105306c
fdffcd1a92a88cf374901faf2ec466c6d16c0baa8b1f92426a24424743b65ab4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/spriteV4.png HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/scss/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:54 GMT
content-type: image/png
content-length: 56012
last-modified: Mon, 29 Apr 2024 11:43:33 GMT
etag: "662f87e5-dacc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 29218
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/print_20220624163857.min.css

63.250.43.137

200 OK

874 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/print_20220624163857.min.css
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (3067), with no line terminators
Size
874 B (874 bytes)
Hash
e4d358e525d052a0377f57af7a5f5a82
f1dc2890a644a2bd2daba774933381739698c036
cbf2f9788fa5b22dd4c4428843fdd3ea68595db536cf347517da7d048d3bedcf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/css/print_20220624163857.min.css HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2024 11:42:36 GMT
vary: Accept-Encoding
etag: W/"662f87ac-bfb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 874
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-regular.eot

63.250.43.137

200 OK

88 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-regular.eot
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
Embedded OpenType (EOT), Source Sans Pro family
Size
88 kB (88022 bytes)
Hash
1d71438462d532b62b05cdd7e6d7197d
7af727da3afd23b74b0c0856d62634e62a0e646f
dce8869d25c3abcecb33a3486a3c70bb76aed17c21a74069ee83949b1d209c9b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-regular.eot HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/scss/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:33:52 GMT
content-type: application/vnd.ms-fontobject
last-modified: Mon, 29 Apr 2024 11:42:52 GMT
vary: Accept-Encoding
etag: W/"662f87bc-15806"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 28381
accept-ranges: bytes
x-cache: HIT
content-length: 88022
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/scss/style.css

63.250.43.137

200 OK

90 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/scss/style.css
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
Embedded OpenType (EOT), Source Sans Pro Semibold family
Size
90 kB (89828 bytes)
Hash
0f3da1edf1b5c6a94a6ad948a7664451
368b1edf8f8d0bbc955ce6a16abb9084c79b9d75
ebb8918da92bae172dfe322a3947929b3df2330dccc6f13c7d8e8ed3815e1696

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/scss/style.css HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2024 11:43:13 GMT
vary: Accept-Encoding
etag: W/"662f87d1-2c10f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 28257
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-bold.eot

63.250.43.137

404 Not Found

146 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-bold.eot
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-bold.eot HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/scss/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Tue, 30 Apr 2024 16:26:53 GMT
content-type: text/html
content-length: 146
age: 0
x-cache: MISS
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/pictos-fonctionnels.svg

63.250.43.137

200 OK

97 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/pictos-fonctionnels.svg
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
97 kB (97318 bytes)
Hash
f6ee60fa11e80d9b378d7faecf4455c7
0b55fb0aefb9c3692a30c8be08409b6d5e361527
fecc08acf64ec3863d878962e73055984b8b6fee1b16e6280230a9396ca2761e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/pictos-fonctionnels.svg HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:54 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Apr 2024 11:42:52 GMT
vary: Accept-Encoding
etag: W/"662f87bc-54f4a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29218
accept-ranges: bytes
x-cache: HIT
content-length: 97318
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/dcaweb-main.js

63.250.43.137

200 OK

20 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/js/dcaweb-main.js
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
20 kB (20337 bytes)
Hash
6cbfa181b9c98d718fedaa871b16a138
86f9f77681095d0515c0d4956094227ba49f8ffa
3347bfe437d717b3b9b3ea0cd1dd94343cf821f1e88e98da8d7de6d33c7d2468

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/js/dcaweb-main.js HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2024 11:43:33 GMT
vary: Accept-Encoding
etag: W/"662f87e5-2f7ca"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 41040
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/pictos-fonctionnels_20220315164858.svg

63.250.43.137

200 OK

97 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/pictos-fonctionnels_20220315164858.svg
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
97 kB (97318 bytes)
Hash
f6ee60fa11e80d9b378d7faecf4455c7
0b55fb0aefb9c3692a30c8be08409b6d5e361527
fecc08acf64ec3863d878962e73055984b8b6fee1b16e6280230a9396ca2761e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/pictos-fonctionnels_20220315164858.svg HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:54 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Apr 2024 11:42:52 GMT
vary: Accept-Encoding
etag: W/"662f87bc-54f4a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 97318
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/pictos-fonctionnels_20240220183513.svg

63.250.43.137

200 OK

98 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/pictos-fonctionnels_20240220183513.svg
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
98 kB (97652 bytes)
Hash
64ed0661e77d4c792544fd0a863c42f7
5bf45122cbc051b096a4328603321509eb5cf924
b961b70102da89817be16d0acc176f4c820c6bbd1bb9c20a564e10e4aa49af73

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/pictos-fonctionnels_20240220183513.svg HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:54 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Apr 2024 11:42:52 GMT
vary: Accept-Encoding
etag: W/"662f87bc-5524a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 97652
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-semibold.woff

63.250.43.137

200 OK

75 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-semibold.woff
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
Web Open Font Format, CFF, length 74996, version 0.0
Size
75 kB (74996 bytes)
Hash
f079be3e96761bf618ea2a5b314eb014
2aad9b3d874cdd21ee8496738af5f5b94c7382a0
b2106f33585940e944fac6de500dd767c4592692689c001c45c475476583404e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-semibold.woff HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/scss/style.css
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDI0MDQzMDE2LTQ1MjgyNTUyMCIsImZvcm1Db250ZXh0IjoiY29udGV4dF91bmRlZmluZWQiLCJ4dG9yIjpbXX0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: font/woff
content-length: 74996
last-modified: Mon, 29 Apr 2024 11:42:52 GMT
etag: "662f87bc-124f4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://aveyron-ec74fe.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-regular.woff

63.250.43.137

200 OK

75 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-regular.woff
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
Web Open Font Format, CFF, length 75420, version 0.0
Size
75 kB (75420 bytes)
Hash
52f5045b30343cd0e0a5acbd215a50e9
dc37d3ef1b5939ad6a5dfae601ae183c503095f2
f679efce1ea9cbed26a573aa8c8db1d01fe51abe4fcc2a77d18ab7bcb03e0bb1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-regular.woff HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/scss/style.css
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDI0MDQzMDE2LTQ1MjgyNTUyMCIsImZvcm1Db250ZXh0IjoiY29udGV4dF91bmRlZmluZWQiLCJ4dG9yIjpbXX0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: font/woff
content-length: 75420
last-modified: Mon, 29 Apr 2024 11:42:52 GMT
etag: "662f87bc-1269c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://aveyron-ec74fe.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-bold.woff

63.250.43.137

200 OK

76 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-bold.woff
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
Web Open Font Format, CFF, length 76236, version 0.0
Size
76 kB (76236 bytes)
Hash
3e7af4d251f183a9ea98bfd812016274
231ff1575fa3fdcde1fe985786c3622719653d8b
f33d4ed699473243d3304fb2ee9435043ead92e092e76c04656a6745cf00e8d4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-bold.woff HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/scss/style.css
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDI0MDQzMDE2LTQ1MjgyNTUyMCIsImZvcm1Db250ZXh0IjoiY29udGV4dF91bmRlZmluZWQiLCJ4dG9yIjpbXX0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: font/woff
content-length: 76236
last-modified: Mon, 29 Apr 2024 11:42:36 GMT
etag: "662f87ac-129cc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://aveyron-ec74fe.ingress-florina.ewp.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/vendor/composer/autoload.php?str=1

63.250.43.137

200 OK

20 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/vendor/composer/autoload.php?str=1
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/vendor/composer/autoload.php?str=1 HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDI0MDQzMDE2LTQ1MjgyNTUyMCIsImZvcm1Db250ZXh0IjoiY29udGV4dF91bmRlZmluZWQiLCJ4dG9yIjpbXX0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 16:26:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, public
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 0
x-cache: MISS
content-length: 20
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/favicon.ico

63.250.43.137

200 OK

531 B

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/favicon.ico
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 2-bit colormap, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel
Size
531 B (531 bytes)
Hash
1a98edc660c21bc5f2d4639b0f680e7f
baf258012d286e61afcdbdd0ca12cc63aba4f468
cb6030782dee2f211989f78162f64b04f1d6a5f5e219e6f1ae7b73f7258955e1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/favicon.ico HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Cookie: tc_xtors=eyJmb3JtSWQiOiIyMDI0MDQzMDE2LTQ1MjgyNTUyMCIsImZvcm1Db250ZXh0IjoiY29udGV4dF91bmRlZmluZWQiLCJ4dG9yIjpbXX0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:28:37 GMT
content-type: image/x-icon
last-modified: Mon, 29 Apr 2024 11:42:52 GMT
vary: Accept-Encoding
etag: W/"662f87bc-1860c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 28695
accept-ranges: bytes
x-cache: HIT
content-length: 531
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/style2.css

63.250.43.137

200 OK

226 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/css/style2.css
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (16082), with CRLF line terminators
Size
226 kB (226195 bytes)
Hash
697b30d18b607d4edcf9d4e654922180
4f55d0bf0eefcf065c13b01d871c59892f94d842
02a2ff236f898ce9fc1c2dc8022c81183004bb7f11eb825271a31e386cd61868

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/css/style2.css HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:53 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2024 11:42:36 GMT
vary: Accept-Encoding
etag: W/"662f87ac-37393"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 34363
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-semibold.eot

63.250.43.137

200 OK

90 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-semibold.eot
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
Embedded OpenType (EOT), Source Sans Pro Semibold family
Size
90 kB (89897 bytes)
Hash
0f3da1edf1b5c6a94a6ad948a7664451
368b1edf8f8d0bbc955ce6a16abb9084c79b9d75
ebb8918da92bae172dfe322a3947929b3df2330dccc6f13c7d8e8ed3815e1696

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/fonts/sourcesanspro-semibold.eot HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/scss/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:33:52 GMT
content-type: application/vnd.ms-fontobject
last-modified: Mon, 29 Apr 2024 11:42:52 GMT
vary: Accept-Encoding
etag: W/"662f87bc-15f29"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 28381
accept-ranges: bytes
x-cache: HIT
content-length: 89828
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/6cbfa181b9c98d718fedaa871b16a138.svg

63.250.43.137

200 OK

72 kB

URL GET HTTP/2
aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/assets/img/6cbfa181b9c98d718fedaa871b16a138.svg
IP
63.250.43.137:443
ASN
#22612 NAMECHEAP-NET

Requested by
https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
Certificate
IssuerSectigo Limited
Subject*.ingress-florina.ewp.live
Fingerprint0D:5E:1B:E1:CD:1D:86:42:F1:C6:F8:49:15:77:C5:99:65:DD:15:41
ValidityTue, 30 Apr 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type

Size
72 kB (72058 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale

HTTP Headers

GET /wp-content/plugins/sgsanscc/assets/img/6cbfa181b9c98d718fedaa871b16a138.svg HTTP/1.1
Host: aveyron-ec74fe.ingress-florina.ewp.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aveyron-ec74fe.ingress-florina.ewp.live/wp-content/plugins/sgsanscc/pages/index.php?lsg
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 30 Apr 2024 08:19:54 GMT
content-type: image/svg+xml
last-modified: Mon, 29 Apr 2024 11:42:52 GMT
vary: Accept-Encoding
etag: W/"662f87bc-1197a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 29219
accept-ranges: bytes
x-cache: HIT
content-length: 20337
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML