rricrosoft-office.com Open in urlscan Pro
20.50.64.14 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c
Effective URL:
https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
Submission: On July 31 via api (July 31st 2024, 4:21:43 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 20.50.64.14, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is rricrosoft-office.com.
TLS certificate: Issued by R11 on June 21st 2024. Valid for: 3 months.

This is the only time rricrosoft-office.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address		AS Autonomous System
13	20.50.64.14 20.50.64.14		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	1

13 20.50.64.14 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rricrosoft-office.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	rricrosoft-office.com rricrosoft-office.com	810 KB
13	1

	Domain	Requested by
13	rricrosoft-office.com	rricrosoft-office.com
13	1

This site contains no links.

Subject Issuer	Validity	Valid
*.rricrosoft-office.com R11	`2024-06-21` - `2024-09-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
Frame ID: 15C54FFC4A65294D5A71BA452765C0E3
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft

Page URL History Show full URLs

http://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c HTTP 307
https://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c Page URL
https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

810 kB
Transfer

1394 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c HTTP 307
https://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c Page URL
https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c HTTP 307
https://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

abb198357809a438086d6854f580cfe3c
rricrosoft-office.com/i/
Redirect Chain

http://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c
https://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c

286 B
1 KB

829ms
211ms

Document
text/html

20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 350
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Jul 2024 16:21:34 GMT
Permissions-Policy: geolocation=()
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block

Redirect headers

Location: https://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK Primary Request abb198357809a438086d6854f580cfe3c Show response
rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/ 208 KB
53 KB 1123ms
1122ms Document
text/html 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c

Requested by

Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fac0d506fe1689932eea128059decd1ee86e0ce5366a368035bba6e393fff2a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rricrosoft-office.com/i/abb198357809a438086d6854f580cfe3c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 53670
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Jul 2024 16:21:36 GMT
Permissions-Policy: geolocation=()
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.css
rricrosoft-office.com/common/bootstrap/css/ 169 KB
23 KB 559ms
192ms Stylesheet
text/css 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rricrosoft-office.com/common/bootstrap/css/bootstrap.css

Requested by

Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

2797160125a75dddc44d8cbee398bad6770dbfe2f57479ca65c3f4142e1a9df0

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 16:21:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 23025
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 05 Oct 2023 13:59:20 GMT
Server: Microsoft-IIS/10.0
ETag: "0ec152394f7d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-ui.min.css
rricrosoft-office.com/common/jqueryui/ 31 KB
11 KB 795ms
220ms Stylesheet
text/css 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rricrosoft-office.com/common/jqueryui/jquery-ui.min.css

Requested by

Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b0b53ea606e7397f37666242cd8d63d17186b3cc8513d49a9852bf4828a1fc46

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 16:21:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 9859
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 20 Oct 2022 16:30:38 GMT
Server: Microsoft-IIS/10.0
ETag: "d139149a1e4d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-ui.structure.min.css
rricrosoft-office.com/common/jqueryui/ 15 KB
7 KB 770ms
193ms Stylesheet
text/css 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rricrosoft-office.com/common/jqueryui/jquery-ui.structure.min.css

Requested by

Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4e2ec0490ffa766a812249114b99f7b2b578c750619f3175d948be265f07af11

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 16:21:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 6263
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 20 Oct 2022 16:30:38 GMT
Server: Microsoft-IIS/10.0
ETag: "1799149a1e4d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-ui.theme.min.css
rricrosoft-office.com/common/jqueryui/ 14 KB
4 KB 801ms
216ms Stylesheet
text/css 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rricrosoft-office.com/common/jqueryui/jquery-ui.theme.min.css

Requested by

Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

11e1cf2b2ee76191e1556d414a6eebb8e9a357b5930ebbc06858162174b1683d

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 16:21:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 2971
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 20 Oct 2022 16:30:38 GMT
Server: Microsoft-IIS/10.0
ETag: "11a09149a1e4d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK rp_bubbles.css
rricrosoft-office.com/common/css/ 12 KB
4 KB 792ms
207ms Stylesheet
text/css 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rricrosoft-office.com/common/css/rp_bubbles.css

Requested by

Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4bc5a823bc0d699486b8da7c703f02935d4e050fdf7e139ca77c6e744f9899f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 16:21:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 3119
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 20 Oct 2022 16:30:38 GMT
Server: Microsoft-IIS/10.0
ETag: "29568f49a1e4d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK rp_tooltips.css
rricrosoft-office.com/common/css/ 13 KB
4 KB 792ms
206ms Stylesheet
text/css 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rricrosoft-office.com/common/css/rp_tooltips.css

Requested by

Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9bddcf9a5fc7baf7e7bdfe849437591ee53dca4206b1b8af6a705ada50fbadba

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 16:21:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 3325
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 20 Oct 2022 16:30:38 GMT
Server: Microsoft-IIS/10.0
ETag: "29568f49a1e4d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK microsoftlogo.png
rricrosoft-office.com/media/a/cmedia_cfe24d03274f44bb86e2f2db5312a8c8/ 5 KB
6 KB 193ms
193ms Image
image/png 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rricrosoft-office.com/media/a/cmedia_cfe24d03274f44bb86e2f2db5312a8c8/microsoftlogo.png

Requested by

Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8ba923aece3e1731b7cdf398d30eee632b285a5cc91f3e6a062bb72713f38644

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-UA-Compatible: IE=edge
Date: Wed, 31 Jul 2024 16:21:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Last-Modified: Wed, 31 Jul 2024 15:40:24 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=1127
Permissions-Policy: geolocation=()
Content-Length: 5135
X-XSS-Protection: 1; mode=block
Expires: Wed, 31 Jul 2024 16:40:24 GMT

GET
H/1.1 200
OK jquery.min.js Show response
rricrosoft-office.com/common/jquery/ 87 KB
40 KB 461ms
217ms Script
application/x-javascript 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rricrosoft-office.com/common/jquery/jquery.min.js?tn=2472463718

Requested by

Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 16:21:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 39759
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 05 Oct 2023 13:59:21 GMT
Server: Microsoft-IIS/10.0
ETag: "2c90bb2394f7d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK bootstrap.min.js Show response
rricrosoft-office.com/common/bootstrap/js/ 39 KB
15 KB 196ms
195ms Script
application/x-javascript 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rricrosoft-office.com/common/bootstrap/js/bootstrap.min.js?tn=2472463718

Requested by

Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a915d483b99af421f4813e6b60599b4e39faff120e54b5e9838386d4ae1a4c60

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 16:21:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length: 14370
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Thu, 20 Oct 2022 16:30:38 GMT
Server: Microsoft-IIS/10.0
ETag: "152f8f49a1e4d81:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery-ui.min.js Show response
rricrosoft-office.com/common/jqueryui/ 249 KB
90 KB 204ms
203ms Script
application/x-javascript 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://rricrosoft-office.com/common/jqueryui/jquery-ui.min.js?tn=2472463718

Requested by

Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 16:21:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 18 Jul 2023 16:07:34 GMT
Server: Microsoft-IIS/10.0
ETag: "1f7bff691b9d91:0"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Permissions-Policy: geolocation=()
Accept-Ranges: bytes

GET
H/1.1 200
OK bg.png
rricrosoft-office.com/media/a/tgmedia_deaa84b8b60748c0af330255c1ebb10c/ 550 KB
551 KB 928ms
928ms Image
image/png 20.50.64.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rricrosoft-office.com/media/a/tgmedia_deaa84b8b60748c0af330255c1ebb10c/bg.png

Requested by

Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f81c019e41f15c9c15df268401adce6cd2514daa88de8a300d22475a3dd427a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-UA-Compatible: IE=edge
Date: Wed, 31 Jul 2024 16:21:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Last-Modified: Wed, 31 Jul 2024 16:21:37 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=3600
Permissions-Policy: geolocation=()
Content-Length: 563694
X-XSS-Protection: 1; mode=block
Expires: Wed, 31 Jul 2024 17:21:37 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://rricrosoft-office.com/index/f56945a39a3648279ca7733a75ad3fcc/abb198357809a438086d6854f580cfe3c Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rricrosoft-office.com
20.50.64.14
11e1cf2b2ee76191e1556d414a6eebb8e9a357b5930ebbc06858162174b1683d
2797160125a75dddc44d8cbee398bad6770dbfe2f57479ca65c3f4142e1a9df0
4bc5a823bc0d699486b8da7c703f02935d4e050fdf7e139ca77c6e744f9899f6
4e2ec0490ffa766a812249114b99f7b2b578c750619f3175d948be265f07af11
8ba923aece3e1731b7cdf398d30eee632b285a5cc91f3e6a062bb72713f38644
9bddcf9a5fc7baf7e7bdfe849437591ee53dca4206b1b8af6a705ada50fbadba
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
a915d483b99af421f4813e6b60599b4e39faff120e54b5e9838386d4ae1a4c60
b0b53ea606e7397f37666242cd8d63d17186b3cc8513d49a9852bf4828a1fc46
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
f81c019e41f15c9c15df268401adce6cd2514daa88de8a300d22475a3dd427a4
fac0d506fe1689932eea128059decd1ee86e0ce5366a368035bba6e393fff2a3

rricrosoft-office.com Open in urlscan Pro 20.50.64.14 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

810 kBTransfer

1394 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

rricrosoft-office.com Open in urlscan Pro
20.50.64.14 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

810 kB
Transfer

1394 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!