loonsomopgave.sfu-online.nl
Open in
urlscan Pro
52.166.181.85
Public Scan
Submitted URL: http://loonsomopgave.sfu-online.nl/
Effective URL: https://loonsomopgave.sfu-online.nl/Login/Index?ReturnUrl=%2f
Submission Tags: @ecarlesi possiblethreat phishing bitvavo Search All
Submission: On February 28 via api from IT — Scanned from NL
Effective URL: https://loonsomopgave.sfu-online.nl/Login/Index?ReturnUrl=%2f
Submission Tags: @ecarlesi possiblethreat phishing bitvavo Search All
Submission: On February 28 via api from IT — Scanned from NL
Summary
This website contacted 3 IPs
in 2 countries
across 3 domains to perform 15 HTTP transactions.
The main IP is 52.166.181.85, located in
Amsterdam, Netherlands and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is loonsomopgave.sfu-online.nl.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 2nd 2023. Valid for: a year.
This is the only time loonsomopgave.sfu-online.nl was scanned on urlscan.io!
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 2nd 2023. Valid for: a year.
This is the only time loonsomopgave.sfu-online.nl was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 14 | 52.166.181.85 52.166.181.85 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd | 15133 (EDGECAST) (EDGECAST) | |
| 2 | 20.50.88.233 20.50.88.233 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 15 | 3 |
14
52.166.181.85
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| loonsomopgave.sfu-online.nl |
1
2606:2800:133:206e:1315:22a5:2006:24fd
(United States)
ASN15133 (EDGECAST, US)
ASN15133 (EDGECAST, US)
| az416426.vo.msecnd.net |
2
20.50.88.233
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| dc.services.visualstudio.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 14 |
sfu-online.nl
2 redirects
loonsomopgave.sfu-online.nl |
555 KB |
| 2 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 749 |
204 B |
| 1 |
msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2679 |
22 KB |
| 15 | 3 |
| Domain | Requested by | |
|---|---|---|
| 14 | loonsomopgave.sfu-online.nl |
2 redirects
loonsomopgave.sfu-online.nl
|
| 2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
| 1 | az416426.vo.msecnd.net |
loonsomopgave.sfu-online.nl
|
| 15 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| loonsomopgave.sfu-online.nl DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-02 - 2024-03-07 |
a year | crt.sh |
| *.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2024-01-30 - 2025-01-30 |
a year | crt.sh |
| prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 03 |
2024-01-17 - 2025-01-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://loonsomopgave.sfu-online.nl/Login/Index?ReturnUrl=%2f
Frame ID: D9835E2412D746DD5EE55226352132FB
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
SFU LoonsomopgavePage URL History Show full URLs
-
http://loonsomopgave.sfu-online.nl/
HTTP 301
https://loonsomopgave.sfu-online.nl/ HTTP 302
https://loonsomopgave.sfu-online.nl/Login/Index?ReturnUrl=%2f Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://loonsomopgave.sfu-online.nl/
HTTP 301
https://loonsomopgave.sfu-online.nl/ HTTP 302
https://loonsomopgave.sfu-online.nl/Login/Index?ReturnUrl=%2f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
Index
loonsomopgave.sfu-online.nl/Login/ Redirect Chain
|
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.css
loonsomopgave.sfu-online.nl/Content/ |
183 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap-grid.css
loonsomopgave.sfu-online.nl/Content/ |
45 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap-reboot.css
loonsomopgave.sfu-online.nl/Content/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fontawesome-all.css
loonsomopgave.sfu-online.nl/Content/ |
46 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login.css
loonsomopgave.sfu-online.nl/Content/ |
260 B 551 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
site.css
loonsomopgave.sfu-online.nl/Content/ |
1 KB 921 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.svg
loonsomopgave.sfu-online.nl/Content/images/ |
11 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.3.1.js
loonsomopgave.sfu-online.nl/Scripts/ |
276 KB 107 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.js
loonsomopgave.sfu-online.nl/Scripts/ |
116 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
popper.js
loonsomopgave.sfu-online.nl/Scripts/ |
81 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login.jpg
loonsomopgave.sfu-online.nl/Content/images/ |
313 KB 314 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 204 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| appInsights object| AI object| Microsoft function| __extends function| _endsWith function| $ function| jQuery object| bootstrap6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .loonsomopgave.sfu-online.nl/ | Name: ARRAffinity Value: 8c454836f09d9e8eaea88e2bb82a0ec7ea70f7d7a3bf6ca6d770c793e5a8c64d |
|
| .loonsomopgave.sfu-online.nl/ | Name: ARRAffinitySameSite Value: 8c454836f09d9e8eaea88e2bb82a0ec7ea70f7d7a3bf6ca6d770c793e5a8c64d |
|
| loonsomopgave.sfu-online.nl/ | Name: ToelichtingLoonsomInloggen Value: U kunt hier inloggen om het loonsomopgaveformulier in te dienen. Wij hebben u de inloggegevens per post toegezonden. Heeft u nog vragen? Stuur ons dan een bericht via sfu@pggm.nl. Daarnaast vindt u op www.sfu-online.nl meer informatie over SFU. |
|
| loonsomopgave.sfu-online.nl/ | Name: __RequestVerificationToken Value: y8OmHAMgZcOSvVHbMdRfAAWkeomQJPdlvNQQ4qerEi1zcc6EiLBEDZCm8hvIhm3ezATXvYy9LFp0Q58X4_OSTnzCHZIpaS_X3LwFqOzjtk81 |
|
| loonsomopgave.sfu-online.nl/ | Name: ai_user Value: 52G8e|2024-02-28T04:53:37.807Z |
|
| loonsomopgave.sfu-online.nl/ | Name: ai_session Value: A358H|1709096017899.4|1709096017899.4 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az416426.vo.msecnd.net
dc.services.visualstudio.com
loonsomopgave.sfu-online.nl
20.50.88.233
2606:2800:133:206e:1315:22a5:2006:24fd
52.166.181.85
058b212649efa2ab924da4007fe0122064152676d427561995abe49415f0ed3d
231dac1cad90361850a19d738854c3c51bf779672f193def7feda773f8ea6c9e
2fcc82eafdcbc952ba223e84715edeee03684b3dcd754040050e924fc8fe95f9
33d0990bd4d1e761058466cf8d2bdd3baeed43aef3cdd4cf6f2b45c67791cd4a
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
6983423afcd9d265cb10ac81a84f19e5131042048b016bac8056545c81dfc6b5
7e9bf8ac6ec31d75275c2c866008430ced4a7addf09c14eea0d4d8f879bdc38d
8a051cd343d7193d5804bd7f29fed0632f5f3e52ea64a7041ab0aa0f3dc41432
c15647da5e2cc4fb6bc79881eb7d9da33ceb139678ab96c3417e752173000ba6
d23e23341dd9ede31799ec9c3cf354c05b51a227ce4f8b8ae3d4409d5d36fb5e
d9ffc51f09f3035c1c39f9567b590974053dddcb2bfb43d48cc122670b81c5ad
e84282a7a332b5abfde69f0b77ca0cb249e10176dc61ba710417d14b17c0784f
e8d89d1cde15b7071c84ad112b43e29b3385499d7f97a11c808109aeb0c33c06
f159e61996ec256e8a4d8590c9c441a6fa63625dbb4a84f7c6cc08bec2626f1e