windysblog.com Open in urlscan Pro
207.55.244.15 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://windysblog.com/kkk/jutesza/sms.php
Submission: On March 30 via api (March 30th 2023, 6:31:17 pm UTC) from US — Scanned from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 207.55.244.15, located in United States and belongs to WEBINT, US. The main domain is windysblog.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 10th 2022. Valid for: a year.

This is the only time windysblog.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Agricole (Banking) Societe Generale (Banking)

Domain & IP information

	IP Address		AS Autonomous System
14	207.55.244.15 207.55.244.15		11989 (WEBINT) (WEBINT)
14	1

14 207.55.244.15 (United States)

ASN11989 (WEBINT, US)
PTR: cp34.deluxehosting.com

windysblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	windysblog.com windysblog.com	334 KB
14	1

	Domain	Requested by
14	windysblog.com	windysblog.com
14	1

This site contains no links.

Subject Issuer	Validity	Valid
www.windysblog.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-10` - `2023-12-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://windysblog.com/kkk/jutesza/sms.php
Frame ID: 763F60CE942679F1FE4BBF81525114A0
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Société Générale | ConnexionConnexion - Espace client

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

334 kB
Transfer

757 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request sms.php Show response windysblog.com/kkk/jutesza/	14 KB 15 KB	191ms 100ms	Document text/html	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Full URL https://windysblog.com/kkk/jutesza/sms.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `d1cea8eb664fbe5af044e680ed885a8db6cb5c4ec7fd963490639e8671023701` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Thu, 30 Mar 2023 18:30:55 GMT Keep-Alive timeout=30, max=100 Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 Transfer-Encoding chunked
GET H/1.1	200 OK	index_20190723161948.min.css windysblog.com/kkk/jutesza/files/css/	261 KB 71 KB	42ms 30ms	Stylesheet text/css	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Full URL https://windysblog.com/kkk/jutesza/files/css/index_20190723161948.min.css Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/sms.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `f513229e1ccc5679b510e10814c2dcb9431574dfcdf2ad7d0e24a67c8344c9cd` Request headers accept-language en-US,en;q=0.9 Referer https://windysblog.com/kkk/jutesza/sms.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Content-Encoding gzip Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa07f2-41496-5f7de35a11cb8-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=99
GET H/1.1	200 OK	spec56_btn_gsm_all_gcd_20190320190559.min.css windysblog.com/kkk/jutesza/files/css/	924 B 717 B	56ms 18ms	Stylesheet text/css	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Full URL https://windysblog.com/kkk/jutesza/files/css/spec56_btn_gsm_all_gcd_20190320190559.min.css Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/sms.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `31525381d30528a71a4c4419b0ee495b4053428b061e75ac0e9556b00d56d1e4` Request headers accept-language en-US,en;q=0.9 Referer https://windysblog.com/kkk/jutesza/sms.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Content-Encoding gzip Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa07f5-39c-5f7de35a11cb8-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=100 Content-Length 340
GET H/1.1	200 OK	inbenta.css windysblog.com/kkk/jutesza/files/css/	138 KB 30 KB	67ms 29ms	Stylesheet text/css	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Full URL https://windysblog.com/kkk/jutesza/files/css/inbenta.css Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/sms.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `7a0960947283e10fd527c3b96b64ab4781f68c3c7f820cd0f1e9a42b96bae233` Request headers accept-language en-US,en;q=0.9 Referer https://windysblog.com/kkk/jutesza/sms.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Content-Encoding gzip Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa07f0-2268a-5f7de35a11100-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=100
GET H/1.1	200 OK	style.css windysblog.com/kkk/jutesza/files/css/	176 KB 51 KB	68ms 27ms	Stylesheet text/css	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Full URL https://windysblog.com/kkk/jutesza/files/css/style.css Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/sms.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `1f553a143ee858f8c7002b84160ec73dedbedb8377937ca593efda6a4f468a27` Request headers accept-language en-US,en;q=0.9 Referer https://windysblog.com/kkk/jutesza/sms.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Content-Encoding gzip Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa07f7-2c10f-5f7de35a120a0-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=100
GET H/1.1	200 OK	logo-sg.svg windysblog.com/kkk/jutesza/files/img/	3 KB 3 KB	17ms 16ms	Image image/svg+xml	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Show image Full URL https://windysblog.com/kkk/jutesza/files/img/logo-sg.svg Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/sms.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `2e19511d9133c826bfd5555070b89ac5cb3d108828b9e49c72d2d3ddbcbfe9ab` Request headers accept-language en-US,en;q=0.9 Referer https://windysblog.com/kkk/jutesza/sms.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa081d-a6a-5f7de35a15b38" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=98 Content-Length 2666
GET H/1.1	200 OK	logo-sg-muet.svg windysblog.com/kkk/jutesza/files/img/	402 B 731 B	17ms 16ms	Image image/svg+xml	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Show image Full URL https://windysblog.com/kkk/jutesza/files/img/logo-sg-muet.svg Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/sms.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `38f90a05ed700e9adb2b37d23337eee3be2c658bdb1f38f258c15920b36d1676` Request headers accept-language en-US,en;q=0.9 Referer https://windysblog.com/kkk/jutesza/sms.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa081b-192-5f7de35a15b38" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=99 Content-Length 402
GET H/1.1	200 OK	loader.gif windysblog.com/kkk/jutesza/files/img/	1 KB 2 KB	18ms 17ms	Image image/gif	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Show image Full URL https://windysblog.com/kkk/jutesza/files/img/loader.gif Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/sms.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `31bf10d91090efb0932a4560d50ce0ed40e9d961374175331b008be7865142d6` Request headers accept-language en-US,en;q=0.9 Referer https://windysblog.com/kkk/jutesza/sms.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa081a-563-5f7de35a15b38" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=98 Content-Length 1379
GET H/1.1	200 OK	print_20190320190559.min.css windysblog.com/kkk/jutesza/files/css/	3 KB 1 KB	23ms 22ms	Stylesheet text/css	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Full URL https://windysblog.com/kkk/jutesza/files/css/print_20190320190559.min.css Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/sms.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `cbf2f9788fa5b22dd4c4428843fdd3ea68595db536cf347517da7d048d3bedcf` Request headers accept-language en-US,en;q=0.9 Referer https://windysblog.com/kkk/jutesza/sms.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Content-Encoding gzip Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa07f3-bfb-5f7de35a11cb8-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=99 Content-Length 1062
GET H/1.1	200 OK	logo-sg-seul.svg windysblog.com/kkk/jutesza/files/img/	3 KB 3 KB	17ms 16ms	Image image/svg+xml	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Show image Full URL https://windysblog.com/kkk/jutesza/files/img/logo-sg-seul.svg Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/sms.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3` Request headers accept-language en-US,en;q=0.9 Referer https://windysblog.com/kkk/jutesza/sms.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa081c-be2-5f7de35a15b38" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=97 Content-Length 3042
GET H/1.1	200 OK	trame.png windysblog.com/kkk/jutesza/files/img/	208 B 532 B	16ms 15ms	Image image/png	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Show image Full URL https://windysblog.com/kkk/jutesza/files/img/trame.png Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/files/css/index_20190723161948.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `d41b3311daa52ffdfb112169926c6b68fee615ea6c72abac25fa1dbe799131d5` Request headers accept-language en-US,en;q=0.9 Referer https://windysblog.com/kkk/jutesza/files/css/index_20190723161948.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa0827-d0-5f7de35a17691" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=97 Content-Length 208
GET H/1.1	200 OK	sourcesanspro-regular.woff windysblog.com/kkk/jutesza/files/fonts/	74 KB 74 KB	17ms 16ms	Font font/woff	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Full URL https://windysblog.com/kkk/jutesza/files/fonts/sourcesanspro-regular.woff Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/files/css/index_20190723161948.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `f679efce1ea9cbed26a573aa8c8db1d01fe51abe4fcc2a77d18ab7bcb03e0bb1` Request headers Referer https://windysblog.com/kkk/jutesza/files/css/index_20190723161948.min.css Origin https://windysblog.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa0806-1269c-5f7de35a13810" Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=96 Content-Length 75420
GET H/1.1	200 OK	new_sprite.png windysblog.com/kkk/jutesza/files/img/	10 KB 10 KB	16ms 16ms	Image image/png	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Show image Full URL https://windysblog.com/kkk/jutesza/files/img/new_sprite.png Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/files/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `0d477834d11f75ff989d2b6bfbcbaaed80a8e4f8efe65569f4cee2ad603a73af` Request headers accept-language en-US,en;q=0.9 Referer https://windysblog.com/kkk/jutesza/files/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa081f-26e9-5f7de35a15f20" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=98 Content-Length 9961
GET H/1.1	200 OK	sourcesanspro-semibold.woff windysblog.com/kkk/jutesza/files/fonts/	73 KB 74 KB	17ms 17ms	Font font/woff	207.55.244.15 WEBINT
General Check archive.org Show headers Download Go to Full URL https://windysblog.com/kkk/jutesza/files/fonts/sourcesanspro-semibold.woff Requested by Host: windysblog.com URL: https://windysblog.com/kkk/jutesza/files/css/index_20190723161948.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 207.55.244.15 , United States, ASN11989 (WEBINT, US), Reverse DNS cp34.deluxehosting.com Software Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 / Resource Hash `b2106f33585940e944fac6de500dd767c4592692689c001c45c475476583404e` Request headers Referer https://windysblog.com/kkk/jutesza/files/css/index_20190723161948.min.css Origin https://windysblog.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Thu, 30 Mar 2023 18:30:55 GMT Last-Modified Mon, 27 Mar 2023 09:17:18 GMT Server Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 ETag "aa0809-124f4-5f7de35a13fe0" Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=96 Content-Length 74996

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Agricole (Banking) Societe Generale (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

windysblog.com
207.55.244.15
0d477834d11f75ff989d2b6bfbcbaaed80a8e4f8efe65569f4cee2ad603a73af
1f553a143ee858f8c7002b84160ec73dedbedb8377937ca593efda6a4f468a27
2e19511d9133c826bfd5555070b89ac5cb3d108828b9e49c72d2d3ddbcbfe9ab
31525381d30528a71a4c4419b0ee495b4053428b061e75ac0e9556b00d56d1e4
31bf10d91090efb0932a4560d50ce0ed40e9d961374175331b008be7865142d6
38f90a05ed700e9adb2b37d23337eee3be2c658bdb1f38f258c15920b36d1676
4d5f7f9cf24e66420cd0f39be3d181b4566ff8dcc8e699731c88787e511befd3
7a0960947283e10fd527c3b96b64ab4781f68c3c7f820cd0f1e9a42b96bae233
b2106f33585940e944fac6de500dd767c4592692689c001c45c475476583404e
cbf2f9788fa5b22dd4c4428843fdd3ea68595db536cf347517da7d048d3bedcf
d1cea8eb664fbe5af044e680ed885a8db6cb5c4ec7fd963490639e8671023701
d41b3311daa52ffdfb112169926c6b68fee615ea6c72abac25fa1dbe799131d5
f513229e1ccc5679b510e10814c2dcb9431574dfcdf2ad7d0e24a67c8344c9cd
f679efce1ea9cbed26a573aa8c8db1d01fe51abe4fcc2a77d18ab7bcb03e0bb1

windysblog.com Open in urlscan Pro 207.55.244.15 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

334 kBTransfer

757 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

windysblog.com Open in urlscan Pro
207.55.244.15 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

334 kB
Transfer

757 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!