Report - fintanol.fr/

Report Overview

Visited public
2023-12-05 07:49:46
Tags
societe_generale financial phishing dyndns
URL
fintanol.fr/
Finishing URL
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
IP / ASN
185.135.132.48
#16347 ADISTA SAS
Title
Société Générale | Connexion
Phishing - Societe Generale
Suspicious - DynDNS domain

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fintanol.fr	unknown	2023-10-24	2023-10-24 13:53:25	2023-10-24 13:53:26	478 B	506 B	185.135.132.48
daomio.ddns.net	unknown	unknown	No data	No data	17 kB	1.6 MB	172.98.14.56

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-05 07:49:33	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:33	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:35	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:35	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:36	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net
2023-12-05 07:49:38	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.ddns .net

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU= IP 172.98.14.56 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 04:54 Times Seen4634037 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/j.min.js	ScriptElement	88 kB	2023-03-07	2025-05-07
Pretty URL daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/j.min.js IP 172.98.14.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 21:25 Times Seen3657 Hash 2f772fed444d5489079f275bd01e26cc a8927ac2830b2fdd4a729eb0eb7f80923539ceb9 2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a Loading...

	daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/p.min.js	ScriptElement	20 kB	2023-03-07	2025-05-07
Pretty URL daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/p.min.js IP 172.98.14.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-07 22:46 Times Seen1698 Hash 5644e6835941af44dcb5cead916c2b79 6eb1840d55338895ce6ecc3eab56132b1d152b93 315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58 Loading...

	daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/b.min.js	ScriptElement	59 kB	2023-03-07	2025-04-22
Pretty URL daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/b.min.js IP 172.98.14.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33 Last Seen2025-04-22 11:03 Times Seen542 Hash 0f9ea8d6bb66dbed6e0966f9da35b7fd 8095a33f75ca53aa5409b8bf00ea30372755092d 306ab8dd287ef041231a510b7e4c027a11e28b20c3408a9185d895c091dc72a4 Loading...

	daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/f.min.js	ScriptElement	1.1 MB	2023-03-07	2025-05-04
Pretty URL daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/f.min.js IP 172.98.14.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-04 18:06 Times Seen1371 Hash a6756b0b8637e62f56d9d794b154ca12 5cd7e758e41375d85cef812d4578d5cd9b949ea7 21bd54c766f0a1385f24f0b9a074e83881d82288d9d31bab0e3076721121f52e Loading...

	daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/m.js	ScriptElement	5.1 kB	2023-03-09	2024-08-20
Pretty URL daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/m.js IP 172.98.14.56 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 16:52 Last Seen2024-08-20 16:43 Times Seen3 Hash 4ca3c85bd9126877022e9438ac532a81 31690ee1f599fd11d7edf7ef2fb219e4d0c5a293 e3fba4f4e0f99aa9cccd30ed0591e52aba8fe2bb67a4ce3cb584c7bed01ffa8d Loading...

	daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU= IP 172.98.14.56 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 04:54 Times Seen4634037 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (27)

URL IP Response Size

fintanol.fr/

185.135.132.48

313 B

URL
fintanol.fr/
IP
185.135.132.48:0
ASN
#16347 ADISTA SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
313 B (313 bytes)
Hash
20e27483648de8109d1080cd99ede695
643d877d597078cad4a4b9a242cdfdeb470bae18
9a1216341f06628d5daae28f22cbb809a1a4d55d6fab0adeb057dc4724cda2a6

HTTP Headers

GET / HTTP/1.1
Host: fintanol.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Tue, 05 Dec 2023 07:49:27 GMT
content-type: text/html; charset=iso-8859-1
content-length: 313
location: https://daomio.ddns.net/JOR/
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/

172.98.14.56

108 B

URL
daomio.ddns.net/JOR/
IP
172.98.14.56:0
ASN
#0

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
108 B (108 bytes)
Hash
cd1bc359900d0b804061da043cc1599b
32702bd2a03ec8117a0b1d9cd8e9668d1e21d337
0efae8927c3a86e353d09d08ec7f30d5e18260295b589d68c66a24dff5ba944a

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/ HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:28 GMT
content-type: text/html; charset=UTF-8
content-length: 108
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/

172.98.14.56

302 Found

4 B

URL User Request GET HTTP/2
daomio.ddns.net/JOR/home/
IP
172.98.14.56:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
0cf31b2c283ce3431794586df7b0996d
65aea98c57dcd2a1ffb0d35ca20603caaf7d9f03
1a0f564ddc6039457b2fb26b3d6a316c15eba20a886449847c3210c35821a693

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/ HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
server: nginx
date: Tue, 05 Dec 2023 07:49:30 GMT
content-type: text/html; charset=UTF-8
content-length: 4
location: ); or ' = Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=

172.98.14.56

200 OK

2.1 kB

URL User Request GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
IP
172.98.14.56:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.1 kB (2110 bytes)
Hash
c435e518863d2098fa40b1d621835457
b82a168b31877f5baac9161bf9a8b891cb3eabc4
549f2e74db3ebf4bf0a92f307cbd43499df80adf8887d6204fcaf4cb4838ef12

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU= HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:30 GMT
content-type: text/html; charset=UTF-8
content-length: 2110
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PHP/7.4.33, PleskLin
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/footer-links2.png

172.98.14.56

200 OK

7.8 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/footer-links2.png
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
PNG image data, 143 x 193, 8-bit/color RGB, non-interlaced\012- data
Size
7.8 kB (7765 bytes)
Hash
73d8f36e38c0e2bf8b369cfd72f6f8f1
5100afd98867c52d7c01fb6cbaa50a8af9476e62
7c3bdc670b04048dc2d7516878af352dcc5d2a377e384c6c8c183a36133ca076

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/footer-links2.png HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/png
content-length: 7765
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-1e55"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/footer-info.png

172.98.14.56

200 OK

7.6 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/footer-info.png
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
PNG image data, 792 x 30, 8-bit/color RGB, non-interlaced\012- data
Size
7.6 kB (7592 bytes)
Hash
b4dd3961b8377bae8ba5024cfe80be66
9b36d135212fc15883cc080feb1ffc1be31690e2
95d316972cfd6654daf6d407fb1334f4f7aff938e389b010291d241d8d57ad4f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/footer-info.png HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/png
content-length: 7592
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-1da8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/footer-info2.png

172.98.14.56

200 OK

9.0 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/footer-info2.png
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
PNG image data, 346 x 187, 8-bit/color RGB, non-interlaced\012- data
Size
9.0 kB (8977 bytes)
Hash
b065809f2face89f453b75d954cdb1ea
8aea05cfed6a0e5f146de91f1610b0b5fc49a724
0607cd016f97fa4c139040c64dbc900d4d3e11676f1c00897c88fbb84850a083

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/footer-info2.png HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/png
content-length: 8977
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-2311"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/index-content2.png

172.98.14.56

200 OK

36 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/index-content2.png
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
PNG image data, 460 x 455, 8-bit/color RGB, non-interlaced\012- data
Size
36 kB (36228 bytes)
Hash
a6e1f764ffba84d8c87d5c6ff580567d
e2711a90ac191e0c595f3cd7de89cec9de32242a
8b51f84ac604efc8feee2300fdddb1da05829fffad58b827063b178846a5d4e8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/index-content2.png HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/png
content-length: 36228
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-8d84"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/social.png

172.98.14.56

200 OK

1.1 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/social.png
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
PNG image data, 154 x 30, 8-bit/color RGB, non-interlaced\012- data
Size
1.1 kB (1116 bytes)
Hash
8c6df0e9f76dfa34c82c796fb0614e08
aaaec6b398f9be853f693da4556856b010d2ef22
cda417f25f0b74a3b88979725a4bd5bcba224008dc354277ef48bbefdb96f24d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/social.png HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/png
content-length: 1116
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-45c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/footer-links.jpg

172.98.14.56

200 OK

8.4 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/footer-links.jpg
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2019:11:08 21:40:28], baseline, precision 8, 713x16, components 3\012- data
Size
8.4 kB (8378 bytes)
Hash
12962121b758a6679970b22c02e978a2
c8af650f6bcefbc374ea21ddf2e54ecd67c8811a
f6f7e0611ba3d6ba2268c51b20205b322d51d1cee76bdd6911b49f1d12b4f05a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/footer-links.jpg HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/jpeg
content-length: 8378
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-20ba"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/logo.jpg

172.98.14.56

200 OK

3.8 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/logo.jpg
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2019:11:08 21:35:13], baseline, precision 8, 160x33, components 3\012- data
Size
3.8 kB (3772 bytes)
Hash
f85385da3d92ffbf4a5f706ec6f6b1fe
c6321ff15f1d136f6c04728b8c058d301ca66c3d
04690f1deb47cc41bcb7fbc072a9fdc7893c279a2857bea2d0fdfb90f5aebf17

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/logo.jpg HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/jpeg
content-length: 3772
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-ebc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/index-content.png

172.98.14.56

200 OK

44 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/index-content.png
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
PNG image data, 593 x 592, 8-bit/color RGB, non-interlaced\012- data
Size
44 kB (43528 bytes)
Hash
f4c403921310dd027d80bee277a07894
45807a9a77230206cb0834c30ddceeae64850f59
f3aa0dd5b1e3d5f830cf26f58f5cfa81ab131fe433715ea0b6feb0264049c689

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/index-content.png HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/png
content-length: 43528
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-aa08"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/valider.png

172.98.14.56

200 OK

1.8 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/valider.png
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
PNG image data, 230 x 44, 8-bit/color RGB, non-interlaced\012- data
Size
1.8 kB (1808 bytes)
Hash
25513691f92b8ccb0190e5c2dfbb48e9
d5251fab777fe48e33cd5fdd59467b7a0af7acd7
23882f29cd743d1e0058ac22d2a791196952dab003f83df83d186e94b175119d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/valider.png HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/png
content-length: 1808
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-710"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/remember.jpg

172.98.14.56

200 OK

3.3 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/remember.jpg
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2019:11:08 21:41:22], baseline, precision 8, 232x26, components 3\012- data
Size
3.3 kB (3349 bytes)
Hash
749caf8b2ee7d53e19e9aefc264f1edd
6e47816ee429dce1b7bc90d3c4e7077f7717abef
523f01e171ebf63770e025487bdcfe986841d4ec2da50c1486d2632066eacd5f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/remember.jpg HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/jpeg
content-length: 3349
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-d15"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/new-account.png

172.98.14.56

200 OK

2.5 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/new-account.png
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
PNG image data, 171 x 44, 8-bit/color RGB, non-interlaced\012- data
Size
2.5 kB (2487 bytes)
Hash
b622349d9f97e5c39d581e873857edf2
a37280d3e63eb4cf4ae734f2e08e5dd61025bb80
12151d5190ac2f09ed928c16b833c8f4ab3daab155cf9c7c00fcd2466b6012bd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/new-account.png HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/png
content-length: 2487
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-9b7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/logo.png

172.98.14.56

200 OK

2.5 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/logo.png
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
PNG image data, 192 x 26, 8-bit/color RGB, non-interlaced\012- data
Size
2.5 kB (2487 bytes)
Hash
07d389f224c55f59359aa8ab746a31d1
ff3281d7db9e03ecba345c2b4b57d617dfd11926
19b11e9d230e5fc6e11924e8c07f604d7884a4107794810bc70eec129b915795

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/logo.png HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/png
content-length: 2487
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-9b7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/logo2.jpg

172.98.14.56

200 OK

1.3 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/logo2.jpg
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=PhotoFiltre Studio X, datetime=2019:11:09 02:50:21], baseline, precision 8, 30x30, components 3\012- data
Size
1.3 kB (1258 bytes)
Hash
faae31dc56abb70d92d5802d5397ecfd
20ea10febe43d77f015205993a7941dc49ac6d57
3dc3d4f09a6caa938a754adf03cb9f7661ebffa085a55de8f04d2b52e1e5e46b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/logo2.jpg HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: image/jpeg
content-length: 1258
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "61154710-4ea"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/favicon.ico

172.98.14.56

200 OK

318 B

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/favicon.ico
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors\012- data
Size
318 B (318 bytes)
Hash
ca10c09aeaf43460d3760f50c608eb51
f2ed2a4fe0e1eadb7dd28444ea6b7a04abf0d38e
daf58b06a09d467436ee5fd10eefbeadac3cf6ecaef1eca1884ef8330f561642

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/favicon.ico HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:32 GMT
content-type: image/vnd.microsoft.icon
content-length: 318
x-accel-version: 0.01
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: "13e-5c95eeb93e400"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/b.min.js

172.98.14.56

200 OK

59 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/b.min.js
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
ASCII text, with very long lines (59058), with no line terminators
Size
59 kB (59058 bytes)
Hash
0f9ea8d6bb66dbed6e0966f9da35b7fd
8095a33f75ca53aa5409b8bf00ea30372755092d
306ab8dd287ef041231a510b7e4c027a11e28b20c3408a9185d895c091dc72a4

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/b.min.js HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: application/javascript
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: W/"61154710-e6b2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/f.min.js

172.98.14.56

200 OK

1.1 MB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/f.min.js
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type

Size
1.1 MB (1061198 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/f.min.js HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: application/javascript
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: W/"61154710-10314e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/p.min.js

172.98.14.56

200 OK

20 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/p.min.js
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
ASCII text, with very long lines (20164), with CRLF line terminators
Size
20 kB (20340 bytes)
Hash
5644e6835941af44dcb5cead916c2b79
6eb1840d55338895ce6ecc3eab56132b1d152b93
315ac5479007d2e864a4b51f505fd0785ebbbe931a6b511467fa49504a082c58

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/p.min.js HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: application/javascript
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: W/"61154710-4f74"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/j.min.js

172.98.14.56

200 OK

88 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/j.min.js
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
88 kB (88145 bytes)
Hash
2f772fed444d5489079f275bd01e26cc
a8927ac2830b2fdd4a729eb0eb7f80923539ceb9
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/j.min.js HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: application/javascript
last-modified: Fri, 08 Oct 2021 08:37:34 GMT
etag: W/"6160034e-15851"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/h.css

172.98.14.56

200 OK

42 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/h.css
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
ASCII text, with very long lines (41750), with CRLF line terminators
Size
42 kB (41752 bytes)
Hash
fd877f138d23d5a790645eb95167aec3
ee2f01ca01c5f7e6f674ad79a9fea30f78a66f2c
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Societe Generale
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/h.css HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: text/css
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: W/"61154710-a318"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/m.js

172.98.14.56

200 OK

5.1 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/m.js
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with very long lines (5442), with no line terminators
Size
5.1 kB (5115 bytes)
Hash
8de8ef671248d1277d7513ce6671f585
a1c30dd3594352a32954fc079909a3dc2a28145c
9fb86436fdd90b95a394d3b5d1678c960e162d5dc70bbc7b7e01aea32a296508

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/m.js HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: application/javascript
last-modified: Thu, 12 Aug 2021 16:06:40 GMT
etag: W/"61154710-13fb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/f.css

172.98.14.56

200 OK

3.7 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/f.css
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
ASCII text, with very long lines (3838), with no line terminators
Size
3.7 kB (3686 bytes)
Hash
b62de7a99a951768265e51971a78f5bc
740b9d83409aeaa4e52783123e4f5b780adaa54d
c91fbce12d72ce9f7a835faa556403fafba02580f567719679b49be45dd1d5fb

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/f.css HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: text/css
last-modified: Thu, 25 Nov 2021 02:36:00 GMT
etag: W/"619ef690-e66"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/m.css

172.98.14.56

200 OK

5.6 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/m.css
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
ASCII text, with very long lines (5615), with no line terminators
Size
5.6 kB (5611 bytes)
Hash
d6f983ffe6c8bb1c9da60d80aba1e4ae
1be937dbb5b5320d7c4622883a64f6a4e269ecdb
08e9ccc37d2a5b66ea952d02ebf1e6031313332f8ee3821d07944b5b99bfb02b

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/m.css HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: text/css
last-modified: Thu, 25 Nov 2021 02:37:08 GMT
etag: W/"619ef6d4-15eb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/b.min.css

172.98.14.56

200 OK

156 kB

URL GET HTTP/2
daomio.ddns.net/JOR/home/);%20or%20'%20=%20Soc_files/b.min.css
IP
172.98.14.56:443
ASN
#0

Requested by
https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Certificate
IssuerLet's Encrypt
Subjectdaomio.ddns.net
FingerprintC1:26:D7:C1:AE:A4:B5:43:27:DB:A3:9A:7A:A3:69:92:CD:3B:AB:47
ValidityMon, 04 Dec 2023 23:03:41 GMT - Sun, 03 Mar 2024 23:03:40 GMT

File type
ASCII text, with very long lines (65324)
Size
156 kB (155750 bytes)
Hash
167e164e05cbee8db667324d791bc42c
692deea092aade9163b536d91c23aefeff6a3394
7c9c65ec53e27e417bf3e0e2549b19c96c73fc0adf4430bb2b6feade14c762e2

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /JOR/home/);%20or%20'%20=%20Soc_files/b.min.css HTTP/1.1
Host: daomio.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://daomio.ddns.net/JOR/home/);%20or%20'%20=%20Sg-log.php?token=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTA1LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTA1LjA5MS45MC40Mi4xNTQyMDIzOkRlYzpUdWU=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 05 Dec 2023 07:49:31 GMT
content-type: text/css
last-modified: Thu, 25 Nov 2021 02:38:48 GMT
etag: W/"619ef738-26066"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (27)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP