www.fulbac.ro
Open in
urlscan Pro
45.129.64.73
Malicious Activity!
Public Scan
Effective URL: http://www.fulbac.ro/wp-includes/js/Office2020/home/index.html
Submission: On February 25 via api from US
Summary
This is the only time www.fulbac.ro was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 192.99.8.151 192.99.8.151 | 16276 (OVH) (OVH) | |
13 | 45.129.64.73 45.129.64.73 | 31244 (MYSERVER-...) (MYSERVER-MEDIA-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
18 | 4 |
ASN16276 (OVH, FR)
PTR: puma.br-rgt.net
www.osteopatiasantamaria.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
fulbac.ro
www.fulbac.ro |
604 KB |
3 |
gstatic.com
fonts.gstatic.com |
27 KB |
1 |
googleapis.com
fonts.googleapis.com |
950 B |
1 |
osteopatiasantamaria.com.br
www.osteopatiasantamaria.com.br |
227 B |
18 | 4 |
Domain | Requested by | |
---|---|---|
13 | www.fulbac.ro |
www.fulbac.ro
|
3 | fonts.gstatic.com |
www.fulbac.ro
|
1 | fonts.googleapis.com |
www.fulbac.ro
|
1 | www.osteopatiasantamaria.com.br | |
18 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
osteopatiasantamaria.com.br cPanel, Inc. Certification Authority |
2020-01-18 - 2020-04-17 |
3 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-02-12 - 2020-05-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.fulbac.ro/wp-includes/js/Office2020/home/index.html
Frame ID: 2440B6EA58820D3F1363CD6D9E6CAD92
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.osteopatiasantamaria.com.br/open.htm Page URL
- http://www.fulbac.ro/wp-includes/js/Office2020/home/index.html Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.osteopatiasantamaria.com.br/open.htm Page URL
- http://www.fulbac.ro/wp-includes/js/Office2020/home/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
open.htm
www.osteopatiasantamaria.com.br/ |
130 B 227 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.html
www.fulbac.ro/wp-includes/js/Office2020/home/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
www.fulbac.ro/wp-includes/js/Office2020/home/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.fulbac.ro/wp-includes/js/Office2020/home/images/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.jpg
www.fulbac.ro/wp-includes/js/Office2020/home/images/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b.jpg
www.fulbac.ro/wp-includes/js/Office2020/home/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c.jpg
www.fulbac.ro/wp-includes/js/Office2020/home/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d.jpg
www.fulbac.ro/wp-includes/js/Office2020/home/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e.jpg
www.fulbac.ro/wp-includes/js/Office2020/home/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f.jpg
www.fulbac.ro/wp-includes/js/Office2020/home/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
g.jpg
www.fulbac.ro/wp-includes/js/Office2020/home/images/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.4.1.min.js
www.fulbac.ro/wp-includes/js/Office2020/home/js/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.js
www.fulbac.ro/wp-includes/js/Office2020/home/js/ |
499 B 759 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
12 KB 950 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.jpg
www.fulbac.ro/wp-includes/js/Office2020/home/images/ |
495 KB 495 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| mg0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
www.fulbac.ro
www.osteopatiasantamaria.com.br
192.99.8.151
2a00:1450:4001:809::2003
2a00:1450:4001:821::200a
45.129.64.73
07b2f53bb8e17131c4d2bd9313d6fbb91ec268898d0409a0cbf24048e6f7df4f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0fb062edb4c59cf6731acd6c61fe06f71083030d5464585643c66a11ead52a39
3bdf888ee6df7e48ce417a9b00922ce17b1fbd4eaa91129e72849912882ccd01
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
63f3e9411ae5a0d1e32de05eb8e417d081e2688a3303ac0906903ecc06c0fb7b
84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438
87b58be9856e371fec895a5dedc2e2c1ef5b150f850d682ab67e7ecbbad539c5
8808e547a4c3b666e2a13781334d0dfa042ca283545812fbd83d053406cbd097
8aa1c9d7f9d6a61047531daa15931ba026137d8fb4c29bd766445c4ddb90733c
8badc2679bb8fe452ef667a9a64802e0b692508a190d8b29047f7115463d05c1
91dc1976f16a852824f2f28536a8ff5c90bcac82fa3706cec7d2677ae702c99e
a2e991371b27e21e02ef6a60f668313529f5a469091639ccfbc77dbf42a1d762
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
afc1d158163156d736a03728f897c9246c8fe5c5a8288c010a40368a54cf3fdf
b0eb65babf54f7becebfbe483fab90b340425740803b1d821176ab6a5860212b
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c7125f4123bf16be569c696ce7dbeb239242eafd742e83207c68d5c997e50e23