dev.rugcentrumgent.be
Open in
urlscan Pro
78.41.69.106
Malicious Activity!
Public Scan
Effective URL: http://dev.rugcentrumgent.be/wp/wp-content/uploads/1/532c41f2223f75885c77311ee6e4f756/index1.php
Submission Tags: 6753270
Submission: On September 03 via api from US
Summary
This is the only time dev.rugcentrumgent.be was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 78.41.69.106 78.41.69.106 | 8368 (BENESOL-B...) (BENESOL-BACKBONE International Backbone) | |
20 | 23.40.113.185 23.40.113.185 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
3 | 2a02:26f0:f1:... 2a02:26f0:f1:28f::356e | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2.16.186.18 2.16.186.18 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
6 | 40.77.226.250 40.77.226.250 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2a02:26f0:f1:... 2a02:26f0:f1:28f::37 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 52.76.0.165 52.76.0.165 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a02:26f0:2b0... 2a02:26f0:2b00:491::356e | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 40.90.22.183 40.90.22.183 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.190.129.24 20.190.129.24 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 52.142.114.2 52.142.114.2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 52.114.132.20 52.114.132.20 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
5 | 2606:4700::68... 2606:4700::6810:5d53 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:800::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6811:43b0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:14bf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:d4cc | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 173.208.239.244 173.208.239.244 | 32097 (WII) (WII) | |
1 | 152.199.23.37 152.199.23.37 | 15133 (EDGECAST) (EDGECAST) | |
3 | 2a00:1450:400... 2a00:1450:4001:821::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6813:9a53 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
64 | 24 |
ASN8368 (BENESOL-BACKBONE International Backbone, BE)
PTR: 78-41-69-106.powered-by.benesol.be
dev.rugcentrumgent.be |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-40-113-185.deploy.static.akamaitechnologies.com
blobs.officehome.msocdn.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-18.deploy.static.akamaitechnologies.com
statics-marketingsites-eus-ms-com.akamaized.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com |
ASN20940 (AKAMAI-ASN1, EU)
img-prod-cms-rt-microsoft-com.akamaized.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-0-165.ap-southeast-1.compute.amazonaws.com
www.apacciooutlook.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.pipe.aria.microsoft.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN32097 (WII, US)
PTR: mta5.drunkrevok.com
www.pinclipart.com |
Domain | Requested by | |
---|---|---|
20 | blobs.officehome.msocdn.com |
dev.rugcentrumgent.be
|
6 | web.vortex.data.microsoft.com |
dev.rugcentrumgent.be
blobs.officehome.msocdn.com |
5 | static.npmjs.com |
dev.rugcentrumgent.be
|
3 | fonts.googleapis.com |
static.npmjs.com
|
3 | c.s-microsoft.com |
www.microsoft.com
|
3 | mem.gfx.ms |
dev.rugcentrumgent.be
|
3 | www.microsoft.com |
dev.rugcentrumgent.be
www.microsoft.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.google-analytics.com |
dev.rugcentrumgent.be
|
2 | browser.pipe.aria.microsoft.com |
blobs.officehome.msocdn.com
|
2 | c1.microsoft.com | 1 redirects |
2 | dev.rugcentrumgent.be | |
1 | track.hubspot.com | |
1 | aadcdn.msftauth.net |
dev.rugcentrumgent.be
|
1 | www.pinclipart.com |
dev.rugcentrumgent.be
|
1 | js.hs-scripts.com |
dev.rugcentrumgent.be
|
1 | js.hs-banner.com |
dev.rugcentrumgent.be
|
1 | js.hs-analytics.net |
dev.rugcentrumgent.be
|
1 | c.bing.com | 1 redirects |
1 | login.microsoftonline.com |
blobs.officehome.msocdn.com
|
1 | login.live.com |
blobs.officehome.msocdn.com
|
1 | www.apacciooutlook.com |
dev.rugcentrumgent.be
|
1 | img-prod-cms-rt-microsoft-com.akamaized.net |
dev.rugcentrumgent.be
|
1 | statics-marketingsites-eus-ms-com.akamaized.net |
dev.rugcentrumgent.be
|
64 | 24 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.officehome.msocdn.com Microsoft IT TLS CA 4 |
2019-10-17 - 2021-10-17 |
2 years | crt.sh |
www.microsoft.com Microsoft IT TLS CA 5 |
2019-10-21 - 2021-10-21 |
2 years | crt.sh |
a248.e.akamai.net DigiCert Secure Site ECC CA-1 |
2020-07-15 - 2021-09-13 |
a year | crt.sh |
*.vortex.data.microsoft.com Microsoft IT TLS CA 4 |
2020-01-21 - 2022-01-21 |
2 years | crt.sh |
mem.gfx.ms Microsoft IT TLS CA 2 |
2020-01-06 - 2022-01-06 |
2 years | crt.sh |
*.apacciooutlook.com Go Daddy Secure Certificate Authority - G2 |
2020-06-24 - 2021-06-27 |
a year | crt.sh |
login.live.com DigiCert SHA2 Secure Server CA |
2020-07-07 - 2021-07-07 |
a year | crt.sh |
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2020-07-20 - 2022-07-20 |
2 years | crt.sh |
c.msn.com Microsoft IT TLS CA 2 |
2020-04-23 - 2022-04-23 |
2 years | crt.sh |
*.events.data.microsoft.com Microsoft IT TLS CA 1 |
2020-05-07 - 2022-05-07 |
2 years | crt.sh |
npmjs.com Cloudflare Inc ECC CA-3 |
2020-07-05 - 2021-07-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-03 - 2021-08-03 |
a year | crt.sh |
pinclipart.com Let's Encrypt Authority X3 |
2020-06-25 - 2020-09-23 |
3 months | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2020-07-09 - 2021-07-09 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-08-19 - 2020-11-11 |
3 months | crt.sh |
hubspot.com Cloudflare Inc ECC CA-3 |
2020-07-27 - 2021-07-27 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
http://dev.rugcentrumgent.be/wp/wp-content/uploads/1/532c41f2223f75885c77311ee6e4f756/index1.php
Frame ID: E3B75369643C6693CFBE19166A36AD98
Requests: 72 HTTP requests in this frame
Frame:
https://login.live.com/Me.srf?wa=wsignin1.0&wreply=https://www.office.com/
Frame ID: 99CD5DB991080E092C1E1B36DFB7114E
Requests: 1 HTTP requests in this frame
Frame:
https://login.microsoftonline.com/savedusers?wreply=https://www.office.com/&appid=4345a7b9-9a63-4910-a426-35363201d503
Frame ID: 1B7D620692E9DF8562713EBA85BCC0C4
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://dev.rugcentrumgent.be/wp/wp-content/uploads/1/532c41f2223f75885c77311ee6e4f756/?dispatch=?+echo+US... Page URL
- http://dev.rugcentrumgent.be/wp/wp-content/uploads/1/532c41f2223f75885c77311ee6e4f756/index1.php Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
React (JavaScript Frameworks) Expand
Detected patterns
- html /<[^>]+data-react/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Google Analytics Enhanced eCommerce (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://dev.rugcentrumgent.be/wp/wp-content/uploads/1/532c41f2223f75885c77311ee6e4f756/?dispatch=?+echo+US.=.6767299547792._.f1b0ae7ccd6c597c9105ad316486548a.=.United+States;+x? Page URL
- http://dev.rugcentrumgent.be/wp/wp-content/uploads/1/532c41f2223f75885c77311ee6e4f756/index1.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 50- http://c1.microsoft.com/c.gif?DI=4050&did=1&t= HTTP 302
- https://c.bing.com/c.gif?DI=4050&did=1&t=&CtsSyncId=3C2FA166AAFC432EA34563D809CAB91F&RedC=c1.microsoft.com&MXFR=1C3E43828C9963C738AE4CB8889965B2 HTTP 302
- https://c1.microsoft.com/c.gif?DI=4050&did=1&t=&CtsSyncId=3C2FA166AAFC432EA34563D809CAB91F&MUID=2C9E5481334E68660A7E5BBB329C6977
64 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
dev.rugcentrumgent.be/wp/wp-content/uploads/1/532c41f2223f75885c77311ee6e4f756/ |
200 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui_light.woff2
blobs.officehome.msocdn.com/versionless/webfonts/ |
10 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui_regular.woff2
blobs.officehome.msocdn.com/versionless/webfonts/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui_semibold.woff2
blobs.officehome.msocdn.com/versionless/webfonts/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui_semilight.woff2
blobs.officehome.msocdn.com/versionless/webfonts/ |
12 KB 12 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unauth-2a63a78c4a.css
blobs.officehome.msocdn.com/bundles/ |
116 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sharedfontstyles-30d1fc43fd.css
blobs.officehome.msocdn.com/bundles/ |
1 KB 696 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
81-aa1473
www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/3e-901128/3f-788d92/2a-4a3005/10-37b382/d8-118353/df-e480da/32-0a14bc/ |
164 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
override.css
statics-marketingsites-eus-ms-com.akamaized.net/statics/ |
1 KB 907 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
45 B 729 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.20239.2/fr-FR/ |
147 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.20239.2/fr-FR/ |
100 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
load2.gif
www.apacciooutlook.com/images/ |
69 KB 69 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero-xxl-b79c4b74fa.jpg
blobs.officehome.msocdn.com/images/content/images/ |
515 KB 517 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
office-apps-347d86a528.gif
blobs.officehome.msocdn.com/images/content/images/ |
3 MB 3 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
for-home-22b0da7562.png
blobs.officehome.msocdn.com/images/content/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
for-business-7a6cb040bd.png
blobs.officehome.msocdn.com/images/content/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
for-enterprise-b5e0072ea2.png
blobs.officehome.msocdn.com/images/content/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
for-education-5ca7026e70.png
blobs.officehome.msocdn.com/images/content/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin-refresh-02734a460c.png
blobs.officehome.msocdn.com/images/content/images/ |
315 B 746 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook-refresh-090a700c0f.png
blobs.officehome.msocdn.com/images/content/images/ |
256 B 687 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter-refresh-93ca1a80ff.png
blobs.officehome.msocdn.com/images/content/images/ |
369 B 800 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram-refresh-5d315a943e.png
blobs.officehome.msocdn.com/images/content/images/ |
410 B 840 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blog-33305b0d90.png
blobs.officehome.msocdn.com/images/content/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unauth-vendor-320f34a99e.js
blobs.officehome.msocdn.com/bundles/ |
103 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sharedscripts-efe073ff3f.js
blobs.officehome.msocdn.com/bundles/ |
51 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unauth-df06166c34.js
blobs.officehome.msocdn.com/bundles/ |
57 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
79-XMRamp;iife=1
www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4... |
90 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
meversion
mem.gfx.ms/ |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
358 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
768 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ |
33 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mwfmdl2-v3.54.woff
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ |
26 KB 26 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/ |
29 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Me.srf
login.live.com/ Frame 99CD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
savedusers
login.microsoftonline.com/ Frame 1B7D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t.js
web.vortex.data.microsoft.com/collect/v1/ |
281 B 644 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
v1
web.vortex.data.microsoft.com/collect/ |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
v1
web.vortex.data.microsoft.com/collect/ |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
v1
web.vortex.data.microsoft.com/collect/ |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c.gif
c1.microsoft.com/ Redirect Chain
|
42 B 349 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 397 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
browser.pipe.aria.microsoft.com/Collector/3.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
v1
web.vortex.data.microsoft.com/collect/ |
0 0 |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index1.php
dev.rugcentrumgent.be/wp/wp-content/uploads/1/532c41f2223f75885c77311ee6e4f756/ |
63 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.3bc4e4d76cf6ad88a022.css
static.npmjs.com/ |
152 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5326678.js
js.hs-analytics.net/analytics/1599132900000/ |
72 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5326678.js
js.hs-banner.com/ |
46 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5326678.js
js.hs-scripts.com/ |
696 B 834 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
142-1421620_o365-logo-axe-creatives-a-logo-with-a.png
www.pinclipart.com/picdir/big/ |
88 KB 72 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commons.c397738f244005b1f82d.js
static.npmjs.com/ |
394 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
minicssextractbug.2bab88d26c221f9f47c4.js
static.npmjs.com/ |
31 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
package.dc78a11c6b38f62c49c4.js
static.npmjs.com/package/ |
1 MB 392 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.bb8109d5ba5e09acf7d5.js
static.npmjs.com/auth/ |
10 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 836 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 999 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 629 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__ptq.gif
track.hubspot.com/ |
45 B 528 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- browser.pipe.aria.microsoft.com
- URL
- https://browser.pipe.aria.microsoft.com/Collector/3.0/?qsp=true&content-type=application%2Fbond-compact-binary&client-id=NO_AUTH&sdk-version=AWT-Web-JS-1.6.1&x-apikey=a387cfcf60114a43a7699f9fbb49289e-9bceb9fe-1c06-460f-96c5-6a0b247358bc-7238,ea6758984c4b43529f9929667d8d3198-c52d4a8b-47fe-4fdf-99b8-5f897ff4e33b-7365&client-time-epoch-millis=1599175805619&time-delta-to-apply-millis=409
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| gaplugins function| ga object| _hsq object| _paq boolean| _hstc_loaded object| _hsp boolean| _hspb_loaded object| webpackJsonp object| google_tag_data object| regeneratorRuntime boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dev.rugcentrumgent.be/wp/wp-content/uploads/1/532c41f2223f75885c77311ee6e4f756 | Name: MicrosoftApplicationsTelemetryFirstLaunchTime Value: 2020-09-03T23:30:00.031Z |
|
dev.rugcentrumgent.be/wp/wp-content/uploads/1/532c41f2223f75885c77311ee6e4f756 | Name: MicrosoftApplicationsTelemetryDeviceId Value: 66656052-8482-47d7-98e6-5b6599dfdbaf |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
blobs.officehome.msocdn.com
browser.pipe.aria.microsoft.com
c.bing.com
c.s-microsoft.com
c1.microsoft.com
dev.rugcentrumgent.be
fonts.googleapis.com
fonts.gstatic.com
img-prod-cms-rt-microsoft-com.akamaized.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
login.live.com
login.microsoftonline.com
mem.gfx.ms
static.npmjs.com
statics-marketingsites-eus-ms-com.akamaized.net
track.hubspot.com
web.vortex.data.microsoft.com
www.apacciooutlook.com
www.google-analytics.com
www.microsoft.com
www.pinclipart.com
browser.pipe.aria.microsoft.com
152.199.23.37
173.208.239.244
2.16.186.18
20.190.129.24
23.40.113.185
2606:4700::6810:5d53
2606:4700::6811:43b0
2606:4700::6811:d4cc
2606:4700::6812:14bf
2606:4700::6813:9a53
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:808::2003
2a00:1450:4001:821::200a
2a02:26f0:2b00:491::356e
2a02:26f0:6c00::210:ba1b
2a02:26f0:f1:28f::356e
2a02:26f0:f1:28f::37
40.77.226.250
40.90.22.183
52.114.132.20
52.142.114.2
52.76.0.165
78.41.69.106
02ac1c1a2bf961e85b8d3b4038dc18d781c3162c441871114001d3e2a357d565
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
10b37d2bf70cb6b3d89ccc82f824f51484608f7c3a36677fe362d8ca20da8b81
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
166bf8c96d915e9f45d945b87805da2da7c26874fa418e15cfd3073db576a141
16ee9e65eecb22edde02df0c0b971edf9d6f72b4b0401606eb8052cc39c446cb
1b49f52019777923ab6f18d8cbc4c1c356e081a9236256df90b7b2fdde7a468c
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
207f50299063fbb1f3b17bc02663cc5e8fb3b385e8ea29919d1af13a7baa6247
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
22cdf097b0e36426a2c2b068efcade1042636c5c14338e9dbd17f553f5bf5026
2536676735ca5ae95e1fe439d57e2d8bcc60b057a617bdbdd59ba04a54e037a0
25a22f01d97ff4ddde37b0ba8b2d934cf8a88d5239bdd44e158776ca646b667a
2cd3ef7b5b677b7827bfbe5b926a283e7ca687ddb6b021fa4289630671ebd061
2faed8a5b8611ced29bd53267d47173058b5a448b3ff65b0fdf2fdb047cbf0da
320d9d8b6835948a667e87040bfb19196aed6deb3092e3847e686a46a3625744
38ccec1fc395d0e037e0898297a0fecb652dfefab7f5fbd110d468757f0681f5
468e30ea132df03a5a264708b7d24eec86203d7e2b7a8efe15644fa6bec5022c
4950dd4a0505c709bbfe4bb9fbb54779516c41bc4068807aeaa31e226dc2717f
4d9481536dbf3b0823d5254b666466873a2f577f1222a19aec88cd6157781f2c
4e1b1da7a21e6051f74370893d904c910272cf815f5188e528648ae0301f6008
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
523f3e9e5027b511aec87af5ddf02bbe00a9890ca7968a1e55e5a40f5957dfd8
57febfbad63b722a38bc668e67bc7c2dc02eca221f26db3a9303c1bd584a1a42
5b90e80ad0d1ed9aae7121e3c9d88ebc6c90fc53b8a4c6fa48737ac69b9765df
5eabcb884c324eade391732bc2da236a7b4d60b7e6434d8d07ea6d638ca71d2a
633894cf845287f205f1b5bd26b7667dda186695fce3d789306f30c5fbdb14b5
64eeebc9edb725585c97857ae71f1b72ea600676a5306e6d1ef14b2eb86ed678
6d48d36f914e788ab4cadcbd579c660642ce3e521765e80ba4ac426e1c1f2512
71edbbdac41799addbc0f83b2286b4544e98215614a132708bcbd4f618cdcb80
72e74f6cb74568ab58fe6a372783a02b84f8a5e9661fdfc24decfac341621d84
730d10421fce658c4626f9911ea2452508cf84bbad59f5ba5c44e6f2d22f5796
7f85628c3bf452e4edeb3106fe0e0466a46ed85df6e4ea53551e4d1176efb2ed
81dd42197f137d54b0833fb24aab0c9a05ac07bd4aecec3f79ac281bbc46b64a
8b13c9edc1f80b63d07b2013e88778dde1a15e920dae8ca25e784d63bbc3bf74
95ed506b60b553650ac7adfd0400d7bd5dca9a29f860b44425c6286675ed8aea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ede85d6c2139703e1a1dfa94105f6063607bc0f2f53cfb98d30daf90134bc51
a6b4512ebf7f02b8cc5aa165f44bf817ab86b214a0818e4823e38300d01c9fcd
a82c6e3878d9522fde6caa3a4daf0a049b7cec0cf979bc1cb5e14da19013f6e9
afdcee2ca8a405de37e83c0c8b20906633dc08580d6b733c092de726b90f15ca
bb232fd09a6696ce21ec10a43b89933e12ad866dfde30a4a6a08e08082e6557d
c41354ff0a6d31f4046bbcd0800f47ebbc0e11979d6977b85824b6e828340ef9
c69696e6c6bf3a88933a27bc4aefe953abce2f5d488ab1ca78a7980741a90bdb
c9a4dd7b50eeb82a90457cb58ab085c427494828b3c8c8b5649c6c51b3c65175
ca321c1e1ca9b03c8fa8391108aade2a4807fe2c428cefde4b75903a06dcc373
d4874119598901fa0321be19ad15c2d18d6f8b744c5e9328ec504fa694dd490e
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df62c7a1b123bee0a4f986dcab7b3af1b37fc4fd09895cf1cf6e56bce449be32
e2f327836673a59ec31afadefc2e3ed000c5cecda09e09282acfdc5a9793b6d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e495966dd87033ec1e3f55c58062de559b251aad1cabf20dd2af44cd34675cd6
e99b0949c190f5bfe325466e70f6a18ce055bc835c553970e1b5a30dcc54a2ee
ead46caac003896735edae621ee4c3d439d82ca8d84f1a61cc81fab6aafb3174
eb4506c6341c8bed31416f698406b26cadf9773b1a70f65a6115bedf88960b02
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ee74532919b86d147a917a5c87d7b3002fff7f7287693c7d1908b9bcd6556f61
f4bd80e92ce90b7824e08d7e54e2b73d4e71207fe21fd6066f388810ec458351
f586a0b4524d42518bcc87a5522fc1480cfa609fefb07de646e1ad6e806a3c5a
f7eb4a6e059d1265c204a61a13c7c309304e5d2aa02962fa6627f6ede3da5096
fc772b0188bc262494be9dc529c50893ae189110dfcad5a286512b737aef93b8