mslookupmicrosoft-44492902.hubspotpagebuilder.com Open in urlscan Pro
2606:4700:4400::ac40:9968 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
Effective URL:
https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
Submission: On December 14 via api (December 14th 2023, 12:46:32 am UTC) from BE — Scanned from DE

Summary HTTP 21 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 21 HTTP transactions. The main IP is 2606:4700:4400::ac40:9968, located in United States and belongs to CLOUDFLARENET, US. The main domain is mslookupmicrosoft-44492902.hubspotpagebuilder.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 5th 2023. Valid for: a year.

This is the only time mslookupmicrosoft-44492902.hubspotpagebuilder.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 5	2606:4700:440... 2606:4700:4400::ac40:9968	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
2	2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef	15133 (EDGECAST) (EDGECAST)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700::68... 2606:4700::6812:5ffd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	167.250.5.47 167.250.5.47	264649 (NUT HOST SRL) (NUT HOST SRL)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:579a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4fba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:c07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	11

5 2606:4700:4400::ac40:9968 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mslookupmicrosoft-44492902.hubspotpagebuilder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:5ffd (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.250.5.47 (Argentina)

ASN264649 (NUT HOST SRL, AR)
PTR: nb47.servidoraweb.net

presbibelgrano.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:579a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	hubspotpagebuilder.com 1 redirects mslookupmicrosoft-44492902.hubspotpagebuilder.com	81 KB
3	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4699 app.hubspot.com — Cisco Umbrella Rank: 5546 track.hubspot.com — Cisco Umbrella Rank: 2246	2 KB
3	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5536	8 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4726 forms.hscollectedforms.net — Cisco Umbrella Rank: 4810	26 KB
2	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 961	2 KB
2	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 974	3 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4435	1016 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2128	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2129	19 KB
1	presbibelgrano.org presbibelgrano.org	190 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	30 KB
21	11

	Domain	Requested by
5	mslookupmicrosoft-44492902.hubspotpagebuilder.com	1 redirects mslookupmicrosoft-44492902.hubspotpagebuilder.com
3	static.hsappstatic.net	mslookupmicrosoft-44492902.hubspotpagebuilder.com
2	aadcdn.msauth.net	mslookupmicrosoft-44492902.hubspotpagebuilder.com
2	aadcdn.msftauth.net	mslookupmicrosoft-44492902.hubspotpagebuilder.com
1	track.hubspot.com
1	forms.hsforms.com	mslookupmicrosoft-44492902.hubspotpagebuilder.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	js.hs-analytics.net	mslookupmicrosoft-44492902.hubspotpagebuilder.com
1	js.hscollectedforms.net	mslookupmicrosoft-44492902.hubspotpagebuilder.com
1	js.hs-banner.com	mslookupmicrosoft-44492902.hubspotpagebuilder.com
1	presbibelgrano.org	mslookupmicrosoft-44492902.hubspotpagebuilder.com
1	app.hubspot.com	mslookupmicrosoft-44492902.hubspotpagebuilder.com
1	api.hubspot.com	mslookupmicrosoft-44492902.hubspotpagebuilder.com
1	code.jquery.com	mslookupmicrosoft-44492902.hubspotpagebuilder.com
21	14

This site contains links to these domains. Also see Links.

Domain
passwordreset.microsoftonline.com
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-12-01` - `2024-12-01`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2023-10-29` - `2024-10-29`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
presbibelgrano.org cPanel, Inc. Certification Authority	`2023-10-03` - `2024-01-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
Frame ID: 174FFA879CE507882BB5F93A9EFFF2DE
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

http://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report HTTP 301
https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report Page URL

Detected technologies

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

91 %
IPv6

11
Domains

14
Subdomains

11
IPs

2
Countries

192 kB
Transfer

648 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSu4vTAADGm_au1zvQO0VEEeQGBxXS5tU8Kg49m0uba5LWJO0lgyVt0jyaV9u0aTIdTo43OdwkIg4nLk4iiDffdIuLoyCIgxxOiou9v8Dlgw9-fMv321jDi2QRKkL3c3ARrtzBUKysEX0KpDQcBTEKhkANQ3AQLaM4ikCwXobQydWNrQP6258nN7_Sr3efvnn1-fzvMXDbiqJwWimV4jguBsOhPTCKg8AruZqv2775HgDOAOA7ABxlVw0flMXj7BRHCRzFSJzCcQzBYAinigrCJbzE2mqXjlSmjSgJBPEevWhKZswz7YhH5ITzOJj3VFeoWY66ZHlGhjlmyTs0xj1a8qluNbuspUijiPd4m5eqsSApy53O6Et2U6jOIgu5iGBip8av7PowmHi9MJhGR7nn2YlpRA1nFOm2WWtFCian7LSh2qbLNxGQjOtE0yL0RJtbLT1g91TIjljHpgYttGeIC7_pDQfueMF1zJDSGMVE6WqDEXFWwtvKUBLS_VQQSXjIk464GzHJqDkLU6xOmi5EJCEqzOmpk87mCYmEYrutN4ZUn9ujPTcZDagIdvpwYKhpDZwlrTFIWb3I1H1kZIug2yCEMcu0SEXq-QuC1z153JrLUoDAEYjUFTFs99vYXOt03J2eXN-btYxJzbGZVNUbEJ4ws2RB7ldHeNmtph6PonKP6gwm83A6ZQPJEbvxu1x-eaYX-Ke5y0Fo-La-HU6Coe0aZyvAj5XrhfxW4UZmO3P3GpSrFAobW5mL9nsFeLm6tEU-qDz4ufmRfvvi3q2TT4eZ09VSXVW7jiA1-qQSsIsBYcCxxPnCTuQmlkSNISTAm_N-jdEI7CFcgQ_zwGE-f5q_0qj1eFoSpSpfqz6uIT3oPA88W8t8WP-PfyeXMv8A0&mkt=en-US&hosted=0&device_platform=Windows+10
Title: Forgot my password

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-US/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report HTTP 301
https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request report Show response
mslookupmicrosoft-44492902.hubspotpagebuilder.com/
Redirect Chain

http://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report

114 KB
22 KB

80ms
57ms

Document
text/html

2606:4700:4400::ac40:9968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a04884cacaf399c18a773f75d803b797392638fbd298cb842b0e2a5e584366f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 83526e10bef290dd-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 00:46:28 GMT
edge-cache-tag: CT-148420992619,P-44492902,E-148423586943,PGS-ALL,SW-0
etag: W/"523c833139851d554f58c5e48fdf5a14"
last-modified: Tue, 12 Dec 2023 04:34:36 GMT
link: </hs/hsstatic/cms-free-branding-lib/static-1.267/js/index.js>; rel=preload; as=script
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-content-id: 148420992619
x-hs-hub-id: 44492902
x-hs-prerendered: Tue, 12 Dec 2023 04:34:36 GMT

Redirect headers

CF-RAY: 83526e103cd2360c-FRA
Cache-Control: s-maxage=3600,max-age=120
Connection: keep-alive
Content-Length: 0
Date: Thu, 14 Dec 2023 00:46:27 GMT
Location: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
Server: cloudflare
Vary: Accept-Encoding
X-Hs-Https-Only: worker
alt-svc: h3=":443"; ma=86400

GET
H2 200 index.js Show response
mslookupmicrosoft-44492902.hubspotpagebuilder.com/hs/hsstatic/cms-free-branding-lib/static-1.267/js/ 215 KB
53 KB 30ms
30ms Script
application/javascript 2606:4700:4400::ac40:9968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/hs/hsstatic/cms-free-branding-lib/static-1.267/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4acf3b09dbd633e9ba6b526baa8173e9c80b633f7533c38c38d85d89b3f11e36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
age: 1797859
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: L2TkdNdRM2DRHSlaSdRUQBAEeQU2mzUJ
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 May 2023 13:21:39 GMT
server: cloudflare
etag: W/"f3b3bcda4da7f051caeca57d86f0de11"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83526e111f1090dd-FRA
x-amz-cf-id: LSjlDi8WWwTPURSTSq9-RH3x_2rn_VQM3UrpaKlxpP_br2-gjj-i9A==
expires: Fri, 13 Dec 2024 00:46:28 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 30ms
7ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.min.js
Requested by: Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 7714186
x-cache: HIT, HIT
content-length: 30070
x-served-by: cache-lga21947-LGA, cache-fra-eddf8230047-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1702514788.039261,VS0,VE0
etag: W/"28feccc0-152b5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 93, 287305

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
2 KB 74ms
17ms Image
image/svg+xml 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Requested by: Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/4894) /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:28 GMT
content-encoding: gzip
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
age: 429341
x-cache: HIT
content-length: 1435
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (ama/4894)
etag: 0x8D79A1B9F5E121A
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: fa97e4c9-101e-00ae-403f-2a3e5d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
aadcdn.msauth.net/shared/1.0/content/images/ 513 B
796 B 105ms
9ms Image
image/svg+xml 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
Requested by: Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:28 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 276
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 19:28:34 GMT
etag: 0x8D79B8371B97A82
x-azure-ref: 20231214T004628Z-6aafgasyz11qz7q4698t9kvsu400000004tg0000000048c1
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1a3f19ae-201e-0069-6b6b-2b0642000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ 2 KB
1 KB 59ms
7ms Image
image/svg+xml 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Requested by: Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:28 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 621
x-ms-lease-status: unlocked
last-modified: Tue, 10 Nov 2020 03:41:24 GMT
etag: 0x8D8852A7FA6B761
x-azure-ref: 20231214T004628Z-6aafgasyz11qz7q4698t9kvsu400000004tg0000000048c2
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c8b4a82c-901e-0086-0889-2a9a2a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.388/ 14 KB
6 KB 43ms
21ms Script
application/javascript 2606:4700::6812:5ffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

Requested by

Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5ffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
x-amz-version-id: GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via: 1.1 fc486e72455da7c1d3be4472dd5ba8b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 1189535
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 15 Aug 2023 19:48:57 GMT
server: cloudflare
etag: W/"8741985292d64b839be39c64b14f3783"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkZoIsRd9kXXXopjO0NsXbry0O3IVlswCA8UgtmSyZSrT9ZcUpwcFi7kBvMMsGWlD%2BiE2zJxnGvpSEEiaJrLawimnLvcDCEfnsHqOu69g66UcmWm27QBuA5AeZtDfLjSJJR3bI%2FUA0hv94tjzNhx5YyQPw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83526e118d482bb6-FRA
x-amz-cf-id: aBSQ1kI-mQ_eEY62oKN6THNwB_spe_PubU77n29TgvkHHQG4zQuHSQ==
expires: Fri, 13 Dec 2024 00:46:28 GMT

GET
H3 200 44492902.js Show response
mslookupmicrosoft-44492902.hubspotpagebuilder.com/hs/scriptloader/ 1 KB
1 KB 144ms
144ms Script
application/javascript 2606:4700:4400::ac40:9968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/hs/scriptloader/44492902.js

Requested by

Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47cb42d7bce4ba8e2903ac2bcc61720829d307be96afa375b23ca2f4bd1ee6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9b38ec4e-59bb-4ef6-9f65-db0890574d33
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9b38ec4e-59bb-4ef6-9f65-db0890574d33
last-modified: Tue, 12 Dec 2023 22:10:46 GMT
server: cloudflare
x-trace: 2BEB5AD5CB11002B1EDFD3D65558DC34F4853700FA000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-57d4fb94bb-bb2t9
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 83526e1168609b22-FRA
expires: Thu, 14 Dec 2023 00:47:28 GMT

GET
H3 200 index.js Show response
mslookupmicrosoft-44492902.hubspotpagebuilder.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 11 KB
4 KB 41ms
41ms Script
application/javascript 2606:4700:4400::ac40:9968
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Requested by

Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9968 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
via: 1.1 04a40fe66992666426f66bb0ade3912a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
age: 3611667
x-amz-cf-pop: TXL50-P4
x-amz-server-side-encryption: AES256
x-amz-version-id: inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 15:17:56 GMT
server: cloudflare
etag: W/"0bbd63c0750f141fd5cec04a9393647e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 83526e1168619b22-FRA
x-amz-cf-id: 8NRs2Wm2ubi5t9HUvpgx9SMwAJYAnsUpgxBkSQl1rau6_0XB0E7nLw==
expires: Fri, 13 Dec 2024 00:46:28 GMT

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 2 KB
1 KB 27ms
16ms Image
image/svg+xml 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Requested by: Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D1) /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Dec 2023 00:46:28 GMT
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
age: 429009
x-cache: HIT
content-length: 673
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ama/48D1)
etag: 0x8D7B007297AE131
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b5bf7475-201e-00f1-4640-2ad471000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 hsCmsFreeBranding.css
static.hsappstatic.net/cms-free-branding-lib/static-1.267/css/ 3 KB
2 KB 25ms
20ms Stylesheet
text/css 2606:4700::6812:5ffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/cms-free-branding-lib/static-1.267/css/hsCmsFreeBranding.css

Requested by

Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/hs/hsstatic/cms-free-branding-lib/static-1.267/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5ffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7467ee7ee02f3aa9315588ffca1f25123849baf48abd814404c89af775eaf82e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
x-amz-version-id: liuCa0WKJaBhWA08H.M39PkLAM0Vt61Y
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1205399
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 May 2023 13:21:39 GMT
server: cloudflare
etag: W/"26f09062404909581ed9ffed337391c0"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66Eh1FzmSVmtHX215fSNWyyM%2BMU%2BpWlKleFK2MFAebJhbdlfYHYpLbMI6MAtGbHM5Juh8nFThlWt16HDpcLG5PpK0A2NsNUTQqwbfnhXtOIIhnZWXlsiUHbOYbNOn8wU88r7XYvh2fLgMduU3Ccr7pI7iuY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 83526e118d442bb6-FRA
x-amz-cf-id: zTOP7S09luoUi0f1_5T7f354pe3ukjyjKFh8k25FLJkxu4zfIqo--Q==
expires: Fri, 13 Dec 2024 00:46:28 GMT

GET
H2 200 tracking
api.hubspot.com/viral-links/v1/ 45 B
1 KB 146ms
131ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.hubspot.com/viral-links/v1/tracking?deviceId=ed2a9b64-d635-4150-8127-0722159c8b7e&viralLinkType=builder

Requested by

Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 49c3bd5c-5479-48f8-b7ba-2ac9f17f7d80
x-envoy-upstream-service-time: 6
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 49c3bd5c-5479-48f8-b7ba-2ac9f17f7d80
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hS518RzjlAmfkM32EZ008c%2FNthGBLifAiuPFOvP0C3ipe3ToDZDunOuZt%2FC4xsq6oqKgXboslhzmsM1Hum8pjKWlaJKqPLa3F84av0ebN7TmGb9lf%2B0uJoRwKlO9WaOHlYSaCt33Wr36lYJ4gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-57d4fb94bb-jjszq
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 83526e119b2a4dbe-FRA

GET
H2 200 sprocket_white.svg
static.hsappstatic.net/cms-free-branding-lib/static-1.267/assets/ 2 KB
1 KB 27ms
22ms Image
image/svg+xml 2606:4700::6812:5ffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.hsappstatic.net/cms-free-branding-lib/static-1.267/assets/sprocket_white.svg

Requested by

Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:5ffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

664f3bc9bdc5e9833b03897e75cd2ae873a24a3336c9b4ecb8b2f98afba6b31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
x-amz-version-id: wngOXK.XTI7_Yosx2TVt6v1tkjNxl4pU
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1280749
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 29 May 2023 13:21:39 GMT
server: cloudflare
etag: W/"189f8c13bfdaaeea348c2c00c8300170"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hBBTeh%2BUvwS7nK9LqeZzc23XCEp%2FDvH56zKVKyx6YBckjssejNT9OTfgG8iuTJnXH42chiHcn0tcZa5jjjofGcF4WyWk0NKpEBCJHsAggai5CZVoG3DdybCGhK%2BLxhuqStiI%2FimwQpHBpn6b8HAn0BgvZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 83526e118d462bb6-FRA
x-amz-cf-id: 5aetgffmRfNcHC6WIgXurs-oyAdZNOWgukfYFODwuTXN_UsX0mh-ew==
expires: Fri, 13 Dec 2024 00:46:28 GMT

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
746 B 185ms
176ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=44492902&callback=jsonpHandler

Requested by

Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 11d3cf97-7cc8-4d49-b450-9381abcbb876
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=83526e11bb3f4dbe&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 11d3cf97-7cc8-4d49-b450-9381abcbb876
server: cloudflare
x-trace: 2B792A9456CB4AA4CEBFDACD8131772610882F9D85B8BCB2AE0EE62A3A01
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-h8t9m
x-evy-trace-virtual-host: all
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 83526e11bb3f4dbe-FRA

GET
H2 200 prv.php Show response
presbibelgrano.org/zemont/ 0
190 B 1434ms
237ms XHR
text/html 167.250.5.47
NUT HOST SRL

General

Check archive.org

Show headers Download Go to

Full URL: https://presbibelgrano.org/zemont/prv.php
Requested by: Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.250.5.47 , Argentina, ASN264649 (NUT HOST SRL, AR),
Reverse DNS: nb47.servidoraweb.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Dec 2023 00:46:30 GMT
server: Apache
access-control-allow-headers: x-test-header, Origin, X-Requested-With, Content-Type, Accept
content-length: 0
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/44492902/ 60 KB
19 KB 433ms
416ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/44492902/banner.js
Requested by: Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/hs/scriptloader/44492902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 421f4176db129440271c8e933843f728095b8033d4b777fae011b2ce19ef2bc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
x-amz-version-id: RWx5J2GKX.56Z97t2KHVhEX9AnXPQHIY
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: BG20RCWKQRVNAERE
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 0e0615d0-a4c7-4a4a-8ad2-588ffc718f5f
x-envoy-upstream-service-time: 21
x-amz-id-2: AdiZJis0U3yB7rzr+I3FbF0iEjJqlUMTRRh0NLSS8N8jQChPEu5eHB+unyA4r+JVOnInpc2mT6w=
x-evy-trace-listener: listener_https
x-request-id: 0e0615d0-a4c7-4a4a-8ad2-588ffc718f5f
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 24 Nov 2023 00:24:17 GMT
server: cloudflare
etag: W/"135d10e4ff8cc5c0ad86f55245a989e7"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-55f4f74954-gwcrj
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 83526e126c6f190d-FRA
expires: Thu, 14 Dec 2023 00:51:28 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 136ms
117ms Script
application/javascript 2606:4700::6811:579a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/hs/scriptloader/44492902.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
Origin: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
x-amz-version-id: qOShuUL.zI.RMIWwukZE0taADNX_1wuf
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: b1b8be80-b2a7-4d27-bccd-ac5c7ee53bfd
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.444/bundles/project.js&cfRay=83526e1278f75d99-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b1b8be80-b2a7-4d27-bccd-ac5c7ee53bfd
last-modified: Mon, 04 Dec 2023 12:10:50 UTC
server: cloudflare
etag: W/"109b7665e389a0b17fbf732bf7a02089"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-9gm2w
cf-ray: 83526e1278f75d99-FRA
x-amz-cf-id: bBysZjIz_17dvYJpSLUWyWYVqyf2wFUsjOmVsszz5ir-Sn70Zj-RJA==
x-hs-target-asset: collected-forms-embed-js/static-1.444/bundles/project.js

GET
H2 200 44492902.js Show response
js.hs-analytics.net/analytics/1702514700000/ 66 KB
21 KB 169ms
145ms Script
text/javascript 2606:4700::6810:4fba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1702514700000/44492902.js
Requested by: Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/hs/scriptloader/44492902.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52439659ee1b5a8aa87f321c17ea529b193134ac34081ce6949e5b3ee80d97f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: BG26RMAT1CBJ05B6
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 3118eb3d-7040-41a9-a838-912d5adde2b3
x-envoy-upstream-service-time: 24
x-amz-id-2: ptcKNVy/qJsoQhUoLJZ7zOUMQvnjxTPzqIeWUSxbTRa3brZybcmI0PSZYh8dpVGqw8t/zUf4XIE=
x-evy-trace-listener: listener_https
x-request-id: 3118eb3d-7040-41a9-a838-912d5adde2b3
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 24 Nov 2023 00:24:20 GMT
server: cloudflare
etag: W/"9367136c89a6858c17c0b6eadcf69d1a"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-55f4f74954-qdt7s
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 83526e127e1465c6-FRA
expires: Thu, 14 Dec 2023 00:51:28 GMT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 116 B
424 B 121ms
120ms XHR
application/json 2606:4700::6811:579a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=44492902&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:579a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba1734b34a9a5b63a9a429a49a27780665544706141b3252c03ac1e397bc0ff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ba72c6bd-a3d5-41c4-80a7-d2af9de37b80
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ba72c6bd-a3d5-41c4-80a7-d2af9de37b80
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-9gm2w
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 83526e1359545d99-FRA

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1016 B 139ms
121ms Image
image/gif 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: mslookupmicrosoft-44492902.hubspotpagebuilder.com
URL: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 00:46:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: c41ef064-09ef-4a4e-976d-322ccec0974c
x-envoy-upstream-service-time: 5
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c41ef064-09ef-4a4e-976d-322ccec0974c
Server: cloudflare
X-Trace: 2B3D71307C669884BA4C294C033C40AC320116B027000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-rgjzk
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 83526e143d349004-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
489 B 138ms
137ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=166273013&v=1.1&a=44492902&pi=148420992619&ct=standard-page&ccu=https%3A%2F%2Fmslookupmicrosoft-44492902.hubspotpagebuilder.com%2Freport&cpi=148420992619&lpi=148420992619&lvi=148420992619&pu=https%3A%2F%2Fmslookupmicrosoft-44492902.hubspotpagebuilder.com%2Freport&t=Sign+in+to+your+account&cts=1702514788649&vi=8ea8ef8b9c598915008015ffa0513a41&nc=true&u=224894981.8ea8ef8b9c598915008015ffa0513a41.1702514788646.1702514788646.1702514788646.1&b=224894981.1.1702514788647&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mslookupmicrosoft-44492902.hubspotpagebuilder.com/report
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:46:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e7595647-3b24-4e19-88b7-c67b2ad72231
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e7595647-3b24-4e19-88b7-c67b2ad72231
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVmbZAYSmZg%2FPsFplbEVJzEOhJekGjeI%2B531P%2BHNo583idoP3JUj0qFA5OrAfo1BKhzbupFCqw7fOmcRoehumAw%2BbDWW1O6nSxybNCDaQRDnU3xZXP0Z8NLPlRYyWytN4qBD%2B8WlD%2F3bEAHfFDVu"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7484b4bf59-xgqx5
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 83526e151d9d4dbe-FRA
x-robots-tag: none

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hubspot.com/	1970-01-20 16:55:16	Name: __cf_bm Value: aKKHUccI21BU1Lt8bq2lj.5kWXPoSagrpQx14qYsyFg-1702514788-1-AWDRp0qELshVfzWJ8MbmSI0EqRKRUGZIRA+nVwClOeGeYWvAlDqZwG+RirJPMH+zQpCWu+VeZmAJIIRv//PuBgo=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: uGyLomB79UziWBjQ4vWJlDckdQxMt98nVnwD6b87WEM-1702514788286-0-604800000
.hubspotpagebuilder.com/	1970-01-20 21:14:26	Name: __hstc Value: 224894981.8ea8ef8b9c598915008015ffa0513a41.1702514788646.1702514788646.1702514788646.1
.hubspotpagebuilder.com/	1970-01-20 21:14:26	Name: hubspotutk Value: 8ea8ef8b9c598915008015ffa0513a41
.hubspotpagebuilder.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.hubspotpagebuilder.com/	1970-01-20 16:55:16	Name: __hssc Value: 224894981.1.1702514788647

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
api.hubspot.com
app.hubspot.com
code.jquery.com
forms.hscollectedforms.net
forms.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
mslookupmicrosoft-44492902.hubspotpagebuilder.com
presbibelgrano.org
static.hsappstatic.net
track.hubspot.com
167.250.5.47
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2606:4700:4400::ac40:991b
2606:4700:4400::ac40:9968
2606:4700::6810:4fba
2606:4700::6811:579a
2606:4700::6812:5ffd
2606:4700::6812:c07d
2606:4700::6813:9a53
2620:1ec:bdf::45
2a04:4e42::649
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
421f4176db129440271c8e933843f728095b8033d4b777fae011b2ce19ef2bc0
4acf3b09dbd633e9ba6b526baa8173e9c80b633f7533c38c38d85d89b3f11e36
52439659ee1b5a8aa87f321c17ea529b193134ac34081ce6949e5b3ee80d97f8
664f3bc9bdc5e9833b03897e75cd2ae873a24a3336c9b4ecb8b2f98afba6b31e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7467ee7ee02f3aa9315588ffca1f25123849baf48abd814404c89af775eaf82e
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a04884cacaf399c18a773f75d803b797392638fbd298cb842b0e2a5e584366f
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
ba1734b34a9a5b63a9a429a49a27780665544706141b3252c03ac1e397bc0ff7
c47cb42d7bce4ba8e2903ac2bcc61720829d307be96afa375b23ca2f4bd1ee6f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2

mslookupmicrosoft-44492902.hubspotpagebuilder.com Open in urlscan Pro 2606:4700:4400::ac40:9968 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

91 %IPv6

11 Domains

14 Subdomains

11 IPs

2 Countries

192 kBTransfer

648 kBSize

6 Cookies

3 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

21 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

mslookupmicrosoft-44492902.hubspotpagebuilder.com Open in urlscan Pro
2606:4700:4400::ac40:9968 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

91 %
IPv6

11
Domains

14
Subdomains

11
IPs

2
Countries

192 kB
Transfer

648 kB
Size

6
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!