www.sego-concept.fr Open in urlscan Pro
51.91.178.160 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ebtekaronline.net//admin/controller/extension/ds
Effective URL:
https://www.sego-concept.fr/modules/jmsslider/views/img/NEWSUN/do/=BWCRC&ProductGroup=BCC&ProductSubGroup=FDR/index.php
Submission: On August 06 via manual (August 6th 2020, 6:44:36 pm UTC) from US

Summary HTTP 115 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 13 domains to perform 115 HTTP transactions. The main IP is 51.91.178.160, located in France and belongs to OVH, FR. The main domain is www.sego-concept.fr.
TLS certificate: Issued by Gandi Standard SSL CA 2 on October 10th 2019. Valid for: a year.

This is the only time www.sego-concept.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 2	162.241.139.105 162.241.139.105	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
95	51.91.178.160 51.91.178.160	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3035::ac43:c763	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	167.181.46.204 167.181.46.204	25959 (SUNTRUST) (SUNTRUST)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
4	212.95.71.132 212.95.71.132	8839 (SDV-AS Sd...) (SDV-AS SdV Plurimedia)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
115	13

2 162.241.139.105 (Provo, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: ben.benaahost.com

ebtekaronline.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

95 51.91.178.160 (France)

ASN16276 (OVH, FR)
PTR: web2.press-agrum.com

www.sego-concept.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:c763 (United States)

ASN13335 (CLOUDFLARENET, US)

js-codes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.181.46.204 (United States)

ASN25959 (SUNTRUST, US)
PTR: newaccount.suntrust.com

newaccount.suntrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.95.71.132 (Westhouse, France)

ASN8839 (SDV-AS SdV Plurimedia, FR)
PTR: nameo-web2.sdv.fr

legal.press-agrum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
95	sego-concept.fr www.sego-concept.fr	2 MB
4	press-agrum.com legal.press-agrum.com	19 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	googletagmanager.com www.googletagmanager.com	26 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	suntrust.com newaccount.suntrust.com	6 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	33 KB
2	ebtekaronline.net 1 redirects ebtekaronline.net	1019 B
1	doubleclick.net stats.g.doubleclick.net	99 B
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	24 KB
1	js-codes.com js-codes.com	2 KB
0	Failed function sub() { [native code] }. Failed
115	13

	Domain	Requested by
95	www.sego-concept.fr	www.sego-concept.fr
4	legal.press-agrum.com	www.sego-concept.fr legal.press-agrum.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.sego-concept.fr
2	fonts.googleapis.com	www.sego-concept.fr
2	newaccount.suntrust.com	www.sego-concept.fr
2	maxcdn.bootstrapcdn.com	www.sego-concept.fr
2	ebtekaronline.net	1 redirects
1	stats.g.doubleclick.net	www.sego-concept.fr
1	cdnjs.cloudflare.com	www.sego-concept.fr
1	code.jquery.com	www.sego-concept.fr
1	js-codes.com	www.sego-concept.fr
0	Failed	www.sego-concept.fr
115	13

This site contains no links.

Subject Issuer	Validity	Valid
sego-concept.fr Gandi Standard SSL CA 2	`2019-10-10` - `2020-10-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-03` - `2021-08-03`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
newaccount.suntrust.com DigiCert SHA2 Secure Server CA	`2019-09-06` - `2021-09-06`	2 years	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.press-agrum.com Gandi Standard SSL CA 2	`2020-08-01` - `2021-08-01`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.sego-concept.fr/modules/jmsslider/views/img/NEWSUN/do/=BWCRC&ProductGroup=BCC&ProductSubGroup=FDR/index.php
Frame ID: 4B6BB0E5208C96751ED86F9529009341
Requests: 29 HTTP requests in this frame

Frame: https://www.sego-concept.fr/modules/jmsslider/views/img/NEWSUN/do/=BWCRC&ProductGroup=BCC&ProductSubGroup=FDR/TDOX/Assest/dest5.htm
Frame ID: FB0E1A91D6FEB23B551B91C113D70951
Requests: 40 HTTP requests in this frame

Frame: https://www.sego-concept.fr/modules/jmsslider/views/img/NEWSUN/do/=BWCRC&ProductGroup=BCC&ProductSubGroup=FDR/TDOX/Assest/storage.htm
Frame ID: 8D834C2752FC31D59851A7494B00C6EE
Requests: 45 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WXL6P2M
Frame ID: 49D36C1D506E598B23739892BA535916
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ebtekaronline.net//admin/controller/extension/ds HTTP 301
http://ebtekaronline.net/admin/controller/extension/ds/ Page URL
https://www.sego-concept.fr/modules/jmsslider/views/img/NEWSUN/do/=BWCRC&ProductGroup=BCC&ProductSubGrou... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

115
Requests

97 %
HTTPS

67 %
IPv6

13
Domains

13
Subdomains

13
IPs

5
Countries

2108 kB
Transfer

2444 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ebtekaronline.net//admin/controller/extension/ds HTTP 301
http://ebtekaronline.net/admin/controller/extension/ds/ Page URL
https://www.sego-concept.fr/modules/jmsslider/views/img/NEWSUN/do/=BWCRC&ProductGroup=BCC&ProductSubGroup=FDR/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ebtekaronline.net//admin/controller/extension/ds HTTP 301
http://ebtekaronline.net/admin/controller/extension/ds/

Request Chain 113

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=916731484&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sego-concept.fr%2Fmodules%2Fjmsslider%2Fviews%2Fimg%2FNEWSUN%2Fdo%2F%3DBWCRC%26ProductGroup%3DBCC%26ProductSubGroup%3DFDR%2FTDOX%2FAssest%2Fstorage.htm&ul=en-us&de=UTF-8&dt=Erreur%20404%20-%20La%20Chaiserie&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAEAB~&jid=646249530&gjid=1709419243&cid=520623326.1596739464&tid=UA-89856389-14&_gid=132387018.1596739464&_r=1&gtm=2wg7v1WXL6P2M&z=1581650689 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-89856389-14&cid=520623326.1596739464&jid=646249530&_gid=132387018.1596739464&gjid=1709419243&_v=j83&z=1581650689

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
ebtekaronline.net/admin/controller/extension/ds/
Redirect Chain

http://ebtekaronline.net//admin/controller/extension/ds
http://ebtekaronline.net/admin/controller/extension/ds/

536 B
743 B

155ms
155ms

Document
text/html

162.241.139.105
UNIFIEDLAYER-AS-1

General

Domain/Path	Expires	Name / Value
.sego-concept.fr/	1970-01-19 11:32:19	Name: _gat_UA-89856389-14 Value: 1
.sego-concept.fr/	1970-01-19 11:33:45	Name: _gid Value: GA1.2.132387018.1596739464
.sego-concept.fr/	1970-01-20 05:03:31	Name: _ga Value: GA1.2.520623326.1596739464
.www.sego-concept.fr/	1970-01-19 12:01:07	Name: PrestaShop-126ff24c70ca023fc498639a10b6b80a Value: Si2VE1MwVYzOsurW8yUy0V2RgbCqud18Hsp8a4P87Zq6nTq3nDqRjBHfJSul2i1NNNKcryNS%2FdQNokW9DjbS78LKLBgj9r8lwqGz8tw2XLc%3D000075
www.sego-concept.fr/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7n4u65cg4rjj7a0fbt0d8sen96

www.sego-concept.fr Open in urlscan Pro 51.91.178.160 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

115 Requests

97 %HTTPS

67 %IPv6

13 Domains

13 Subdomains

13 IPs

5 Countries

2108 kBTransfer

2444 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sego-concept.fr Open in urlscan Pro
51.91.178.160 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

97 %
HTTPS

67 %
IPv6

13
Domains

13
Subdomains

13
IPs

5
Countries

2108 kB
Transfer

2444 kB
Size

5
Cookies

115 HTTP transactions
0 data transactions