rricrosoft-office.com Open in urlscan Pro
20.50.64.14  Malicious Activity! Public Scan

Submitted URL: http://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3
Effective URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Submission: On July 31 via manual from US — Scanned from US

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 20.50.64.14, located in Dublin, Ireland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is rricrosoft-office.com.
TLS certificate: Issued by R11 on June 21st 2024. Valid for: 3 months.
This is the only time rricrosoft-office.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
13 20.50.64.14 8075 (MICROSOFT...)
13 1
Apex Domain
Subdomains
Transfer
13 rricrosoft-office.com
rricrosoft-office.com
187 KB
13 1
Domain Requested by
13 rricrosoft-office.com rricrosoft-office.com
13 1

This site contains no links.

Subject Issuer Validity Valid
*.rricrosoft-office.com
R11
2024-06-21 -
2024-09-19
3 months crt.sh

This page contains 1 frames:

Primary Page: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Frame ID: 8728BF4AD93E266675DEB62459C32DDF
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

Microsoft

Page URL History Show full URLs

  1. http://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3 HTTP 307
    https://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3 Page URL
  2. https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

187 kB
Transfer

648 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3 HTTP 307
    https://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3 Page URL
  2. https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3 HTTP 307
  • https://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
a72484622afb840bc963748d30950c5a3
rricrosoft-office.com/i/
Redirect Chain
  • http://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3
  • https://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3
285 B
1 KB
Document
General
Full URL
https://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
348
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jul 2024 22:34:31 GMT
Permissions-Policy
geolocation=()
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block

Redirect headers

Location
https://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3
Non-Authoritative-Reason
HttpsUpgrades
Primary Request a72484622afb840bc963748d30950c5a3
rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/
8 KB
4 KB
Document
General
Full URL
https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Requested by
Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c17157bc8b42d53ae7e5ce0fc03d1158c7d1321ffbe26557b8ca2ee8d46d918b
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rricrosoft-office.com/i/a72484622afb840bc963748d30950c5a3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
3542
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jul 2024 22:34:31 GMT
Permissions-Policy
geolocation=()
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
bootstrap.css
rricrosoft-office.com/common/bootstrap/css/
169 KB
23 KB
Stylesheet
General
Full URL
https://rricrosoft-office.com/common/bootstrap/css/bootstrap.css
Requested by
Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2797160125a75dddc44d8cbee398bad6770dbfe2f57479ca65c3f4142e1a9df0
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:34:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length
23025
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 05 Oct 2023 13:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0ec152394f7d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=()
Accept-Ranges
bytes
jquery-ui.min.css
rricrosoft-office.com/common/jqueryui/
31 KB
11 KB
Stylesheet
General
Full URL
https://rricrosoft-office.com/common/jqueryui/jquery-ui.min.css
Requested by
Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b0b53ea606e7397f37666242cd8d63d17186b3cc8513d49a9852bf4828a1fc46
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:34:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length
9859
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 20 Oct 2022 16:30:38 GMT
Server
Microsoft-IIS/10.0
ETag
"d139149a1e4d81:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=()
Accept-Ranges
bytes
jquery-ui.structure.min.css
rricrosoft-office.com/common/jqueryui/
15 KB
6 KB
Stylesheet
General
Full URL
https://rricrosoft-office.com/common/jqueryui/jquery-ui.structure.min.css
Requested by
Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e2ec0490ffa766a812249114b99f7b2b578c750619f3175d948be265f07af11
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:34:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length
4962
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 20 Oct 2022 16:30:38 GMT
Server
Microsoft-IIS/10.0
ETag
"04b6a49a1e4d81:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=()
Accept-Ranges
bytes
jquery-ui.theme.min.css
rricrosoft-office.com/common/jqueryui/
14 KB
4 KB
Stylesheet
General
Full URL
https://rricrosoft-office.com/common/jqueryui/jquery-ui.theme.min.css
Requested by
Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
11e1cf2b2ee76191e1556d414a6eebb8e9a357b5930ebbc06858162174b1683d
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:34:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length
2971
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 20 Oct 2022 16:30:38 GMT
Server
Microsoft-IIS/10.0
ETag
"11a09149a1e4d81:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=()
Accept-Ranges
bytes
rp_bubbles.css
rricrosoft-office.com/common/css/
12 KB
4 KB
Stylesheet
General
Full URL
https://rricrosoft-office.com/common/css/rp_bubbles.css
Requested by
Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4bc5a823bc0d699486b8da7c703f02935d4e050fdf7e139ca77c6e744f9899f6
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:34:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length
3119
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 20 Oct 2022 16:30:38 GMT
Server
Microsoft-IIS/10.0
ETag
"29568f49a1e4d81:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=()
Accept-Ranges
bytes
rp_tooltips.css
rricrosoft-office.com/common/css/
13 KB
4 KB
Stylesheet
General
Full URL
https://rricrosoft-office.com/common/css/rp_tooltips.css
Requested by
Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9bddcf9a5fc7baf7e7bdfe849437591ee53dca4206b1b8af6a705ada50fbadba
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:34:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length
3325
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 20 Oct 2022 16:30:38 GMT
Server
Microsoft-IIS/10.0
ETag
"29568f49a1e4d81:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Permissions-Policy
geolocation=()
Accept-Ranges
bytes
microsoftlogolp.jpg
rricrosoft-office.com/media/a/cmedia_c3f780e16dec4699a584643b5f4bd7d0/
9 KB
10 KB
Image
General
Full URL
https://rricrosoft-office.com/media/a/cmedia_c3f780e16dec4699a584643b5f4bd7d0/microsoftlogolp.jpg
Requested by
Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5009eba6a7af3785547ba94d9de0e22cb20c6b9facbe167512052b82a0fe5a25
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-UA-Compatible
IE=edge
Date
Wed, 31 Jul 2024 22:34:32 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Last-Modified
Wed, 31 Jul 2024 22:34:32 GMT
Referrer-Policy
strict-origin-when-cross-origin
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=3600
Permissions-Policy
geolocation=()
Content-Length
9188
X-XSS-Protection
1; mode=block
Expires
Wed, 31 Jul 2024 23:34:32 GMT
arrowtransparent.png
rricrosoft-office.com/media/a/tgmedia_ee76deff1d9b49c9a7325f2019d978c3/
278 B
1 KB
Image
General
Full URL
https://rricrosoft-office.com/media/a/tgmedia_ee76deff1d9b49c9a7325f2019d978c3/arrowtransparent.png
Requested by
Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
080d4a01d767c80f09377328ac26cb03817a53447a257be06754ed2463168e82
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

X-UA-Compatible
IE=edge
Date
Wed, 31 Jul 2024 22:34:32 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Last-Modified
Wed, 31 Jul 2024 22:34:32 GMT
Referrer-Policy
strict-origin-when-cross-origin
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=3600
Permissions-Policy
geolocation=()
Content-Length
278
X-XSS-Protection
1; mode=block
Expires
Wed, 31 Jul 2024 23:34:32 GMT
jquery.min.js
rricrosoft-office.com/common/jquery/
87 KB
40 KB
Script
General
Full URL
https://rricrosoft-office.com/common/jquery/jquery.min.js?tn=2472463718
Requested by
Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:34:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length
39744
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 05 Oct 2023 13:59:21 GMT
Server
Microsoft-IIS/10.0
ETag
"2c90bb2394f7d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Permissions-Policy
geolocation=()
Accept-Ranges
bytes
bootstrap.min.js
rricrosoft-office.com/common/bootstrap/js/
39 KB
12 KB
Script
General
Full URL
https://rricrosoft-office.com/common/bootstrap/js/bootstrap.min.js?tn=2472463718
Requested by
Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a915d483b99af421f4813e6b60599b4e39faff120e54b5e9838386d4ae1a4c60
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:34:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length
10945
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 20 Oct 2022 16:30:38 GMT
Server
Microsoft-IIS/10.0
ETag
"04b6a49a1e4d81:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Permissions-Policy
geolocation=()
Accept-Ranges
bytes
jquery-ui.min.js
rricrosoft-office.com/common/jqueryui/
249 KB
67 KB
Script
General
Full URL
https://rricrosoft-office.com/common/jqueryui/jquery-ui.min.js?tn=2472463718
Requested by
Host: rricrosoft-office.com
URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.50.64.14 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9d9b75e6bf99296f7797ed12f73137f52966dbb02180ff054c6c01680c7bdb1d
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:34:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Content-Length
67989
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 18 Jul 2023 16:07:34 GMT
Server
Microsoft-IIS/10.0
ETag
"0e76ef691b9d91:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Permissions-Policy
geolocation=()
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

0 Cookies

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://rricrosoft-office.com/page/0523c1b2a089443fad38da09bf4cd1fa/a72484622afb840bc963748d30950c5a3
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'unsafe-inline' 'self' https://www.youtube.com; img-src 'unsafe-inline' 'self' blob: data:; script-src 'unsafe-inline' 'unsafe-eval' 'self'; script-src-elem 'unsafe-inline' 'self' https://jquery.com; style-src 'unsafe-inline' 'self' https://fonts.googleapis.com; style-src-elem 'unsafe-inline' 'self' https://fonts.googleapis.com; font-src 'self' data: ; frame-src 'self' data: https://www.youtube.com/;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block