belfiusupdt.com Open in urlscan Pro
179.43.175.15  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://disq.us/url?url=https%3A%2F%2Fbelfiusupdt.com%2Finfo%2F6501f42c202d9%3AOm_HACA7bNpAXvz18dQBS07D8_Q&cuid=2751344 Page URL
2. https://belfiusupdt.com/info/6501f42c202d9 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	url disq.us/	210 B 678 B	62ms 29ms	Document text/html	151.101.128.64 FASTLY
General Check archive.org Show headers Download Go to Full URL https://disq.us/url?url=https%3A%2F%2Fbelfiusupdt.com%2Finfo%2F6501f42c202d9%3AOm_HACA7bNpAXvz18dQBS07D8_Q&cuid=2751344 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.128.64 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Age 0 Cache-Control no-cache Connection keep-alive Content-Encoding gzip Content-Length 168 Content-Type text/html; charset=utf-8 Cross-Origin-Resource-Policy cross-origin Date Fri, 15 Sep 2023 04:10:09 GMT Disqus-Cachetype PRIVATE Disqus-NoCache 1 Expires Fri, 15 Sep 2023 04:10:08 GMT Server nginx Vary Accept-Encoding X-Backend shortener X-Content-Type-Options nosniff X-Location https://belfiusupdt.com/info/6501f42c202d9 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	Primary Request 6501f42c202d9 Show response belfiusupdt.com/info/	8 KB 3 KB	405ms 185ms	Document text/html	179.43.175.15 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://belfiusupdt.com/info/6501f42c202d9 Requested by Host: disq.us URL: https://disq.us/url?url=https%3A%2F%2Fbelfiusupdt.com%2Finfo%2F6501f42c202d9%3AOm_HACA7bNpAXvz18dQBS07D8_Q&cuid=2751344 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 179.43.175.15 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS securehosting.capital Software Apache/2.4.29 (Ubuntu) / Resource Hash 4570b7ca8f59e1747aa522e7b5f5e6eb06c67fcc9403a8b1d2f9e86561df0b89 Request headers Referer https://disq.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 2634 Content-Type text/html; charset=UTF-8 Date Fri, 15 Sep 2023 04:10:09 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding
GET H/1.1	200 OK	app_styles_bundle.css belfiusupdt.com/style/	298 KB 41 KB	107ms 106ms	Stylesheet text/css	179.43.175.15 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://belfiusupdt.com/style/app_styles_bundle.css Requested by Host: belfiusupdt.com URL: https://belfiusupdt.com/info/6501f42c202d9 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 179.43.175.15 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS securehosting.capital Software Apache/2.4.29 (Ubuntu) / Resource Hash 0029f1286a69af2513ce3bc9b9818f73b1dae86d6e69e6190e32e8ceb20404d8 Request headers accept-language en-US,en;q=0.9 Referer https://belfiusupdt.com/info/6501f42c202d9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Fri, 15 Sep 2023 04:10:09 GMT Content-Encoding gzip Last-Modified Thu, 08 Sep 2022 10:33:52 GMT Server Apache/2.4.29 (Ubuntu) ETag "4a835-5e827f72f6400-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 41140
GET H/1.1	200 OK	main.css belfiusupdt.com/style/	29 KB 4 KB	291ms 96ms	Stylesheet text/css	179.43.175.15 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://belfiusupdt.com/style/main.css Requested by Host: belfiusupdt.com URL: https://belfiusupdt.com/info/6501f42c202d9 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 179.43.175.15 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS securehosting.capital Software Apache/2.4.29 (Ubuntu) / Resource Hash 7f969dfd78c9a121df069f10e78d4b6072b83276a27f0908041db9a2fb46967f Request headers accept-language en-US,en;q=0.9 Referer https://belfiusupdt.com/info/6501f42c202d9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Fri, 15 Sep 2023 04:10:10 GMT Content-Encoding gzip Last-Modified Thu, 08 Sep 2022 10:33:52 GMT Server Apache/2.4.29 (Ubuntu) ETag "749c-5e827f72f6400-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3995
GET H/1.1	200 OK	react.css belfiusupdt.com/style/	40 KB 8 KB	295ms 98ms	Stylesheet text/css	179.43.175.15 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://belfiusupdt.com/style/react.css Requested by Host: belfiusupdt.com URL: https://belfiusupdt.com/info/6501f42c202d9 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 179.43.175.15 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS securehosting.capital Software Apache/2.4.29 (Ubuntu) / Resource Hash 5acc14f1488930083712f8ed8aa2a253d377a7b46112509ab3b6fdea19908aca Request headers accept-language en-US,en;q=0.9 Referer https://belfiusupdt.com/info/6501f42c202d9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Fri, 15 Sep 2023 04:10:10 GMT Content-Encoding gzip Last-Modified Thu, 08 Sep 2022 10:33:52 GMT Server Apache/2.4.29 (Ubuntu) ETag "9ea8-5e827f72f6400-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7437
GET H/1.1	200 OK	multilang.js Show response belfiusupdt.com/js/	2 KB 1 KB	307ms 97ms	Script application/javascript	179.43.175.15 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://belfiusupdt.com/js/multilang.js Requested by Host: belfiusupdt.com URL: https://belfiusupdt.com/info/6501f42c202d9 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 179.43.175.15 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS securehosting.capital Software Apache/2.4.29 (Ubuntu) / Resource Hash 46f41440725e888ad2fc80cf56ed824bd9da5102e4c0df3236b8ad6d70d51db1 Request headers accept-language en-US,en;q=0.9 Referer https://belfiusupdt.com/info/6501f42c202d9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Fri, 15 Sep 2023 04:10:10 GMT Content-Encoding gzip Last-Modified Tue, 04 Oct 2022 18:43:50 GMT Server Apache/2.4.29 (Ubuntu) ETag "988-5ea39d7510580-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 989
GET H/1.1	200 OK	icon-loader-32@3x.png belfiusupdt.com/img/	4 KB 5 KB	96ms 95ms	Image image/png	179.43.175.15 PLI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://belfiusupdt.com/img/icon-loader-32@3x.png Requested by Host: belfiusupdt.com URL: https://belfiusupdt.com/info/6501f42c202d9 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 179.43.175.15 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS securehosting.capital Software Apache/2.4.29 (Ubuntu) / Resource Hash 23248741c76ca3d003122a50aacffd608d0d568c7048b296ef73a1ec1ca59c5d Request headers accept-language en-US,en;q=0.9 Referer https://belfiusupdt.com/info/6501f42c202d9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Fri, 15 Sep 2023 04:10:10 GMT Last-Modified Thu, 08 Sep 2022 17:33:50 GMT Server Apache/2.4.29 (Ubuntu) ETag "11d7-5e82dd51a5b80" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 4567
GET H/1.1	200 OK	logo.svg belfiusupdt.com/img/ico/	7 KB 7 KB	95ms 95ms	Image image/svg+xml	179.43.175.15 PLI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://belfiusupdt.com/img/ico/logo.svg Requested by Host: belfiusupdt.com URL: https://belfiusupdt.com/info/6501f42c202d9 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 179.43.175.15 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS securehosting.capital Software Apache/2.4.29 (Ubuntu) / Resource Hash 6a7eb353b38a935a0ec168fb6429a2705ee9a9b5003831787f8fa66b6a6b3554 Request headers accept-language en-US,en;q=0.9 Referer https://belfiusupdt.com/info/6501f42c202d9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Fri, 15 Sep 2023 04:10:10 GMT Last-Modified Thu, 08 Sep 2022 10:33:50 GMT Server Apache/2.4.29 (Ubuntu) ETag "1b3d-5e827f710df80" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 6973
GET H/1.1	200 OK	Avenir-Roman-12.woff belfiusupdt.com/fonts/	42 KB 42 KB	97ms 96ms	Font application/font-woff	179.43.175.15 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://belfiusupdt.com/fonts/Avenir-Roman-12.woff Requested by Host: belfiusupdt.com URL: https://belfiusupdt.com/style/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 179.43.175.15 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS securehosting.capital Software Apache/2.4.29 (Ubuntu) / Resource Hash 4442cba812240f56b7adde799c1a97c7970875d0d01cbf1c5667e25c6beed2cf Request headers Referer https://belfiusupdt.com/style/main.css Origin https://belfiusupdt.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Fri, 15 Sep 2023 04:10:10 GMT Last-Modified Thu, 08 Sep 2022 17:33:50 GMT Server Apache/2.4.29 (Ubuntu) ETag "a868-5e82dd51a5b80" Content-Type application/font-woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 43112
GET H/1.1	200 OK	Avenir-Heavy-05.woff belfiusupdt.com/fonts/	56 KB 56 KB	95ms 94ms	Font application/font-woff	179.43.175.15 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://belfiusupdt.com/fonts/Avenir-Heavy-05.woff Requested by Host: belfiusupdt.com URL: https://belfiusupdt.com/style/main.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 179.43.175.15 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS securehosting.capital Software Apache/2.4.29 (Ubuntu) / Resource Hash 1920ca5153bc2ae87e17795a12ac5835113513b922c95d0bf44ee026200b8631 Request headers Referer https://belfiusupdt.com/style/main.css Origin https://belfiusupdt.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Fri, 15 Sep 2023 04:10:10 GMT Last-Modified Thu, 08 Sep 2022 17:33:50 GMT Server Apache/2.4.29 (Ubuntu) ETag "df50-5e82dd51a5b80" Content-Type application/font-woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 57168
GET H/1.1	200 OK	languages.json Show response belfiusupdt.com/js/orra/	390 KB 391 KB	95ms 94ms	XHR application/json	179.43.175.15 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://belfiusupdt.com/js/orra/languages.json Requested by Host: belfiusupdt.com URL: https://belfiusupdt.com/js/multilang.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 179.43.175.15 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS securehosting.capital Software Apache/2.4.29 (Ubuntu) / Resource Hash b81a149c207746e2b380c6b07f9dd42aab5f860e6a9719faea371eaa15f494b8 Request headers accept-language en-US,en;q=0.9 Referer https://belfiusupdt.com/info/6501f42c202d9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Fri, 15 Sep 2023 04:10:10 GMT Last-Modified Sun, 06 Aug 2023 14:25:59 GMT Server Apache/2.4.29 (Ubuntu) ETag "619bc-60241e89d0bc0" Content-Type application/json Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 399804
POST H/1.1	200 OK	online belfiusupdt.com/user/	0 0	122ms 121ms	Fetch text/html	179.43.175.15 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://belfiusupdt.com/user/online Requested by Host: belfiusupdt.com URL: https://belfiusupdt.com/info/6501f42c202d9 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 179.43.175.15 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS securehosting.capital Software Apache/2.4.29 (Ubuntu) / Resource Hash Request headers Referer https://belfiusupdt.com/info/6501f42c202d9 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryVsQn4xAc7VlcOSqa Response headers Pragma no-cache Date Fri, 15 Sep 2023 04:10:13 GMT Server Apache/2.4.29 (Ubuntu) Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 0 Expires Thu, 19 Nov 1981 08:52:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Disney (Entertainment)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| multilang function| onLoad function| langSelectChange function| initList function| refreshLabels function| MultiLang

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			belfiusupdt.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: qp4uuqap5vk4i2pmudmrcsnvf0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

belfiusupdt.com
disq.us
151.101.128.64
179.43.175.15
0029f1286a69af2513ce3bc9b9818f73b1dae86d6e69e6190e32e8ceb20404d8
1920ca5153bc2ae87e17795a12ac5835113513b922c95d0bf44ee026200b8631
23248741c76ca3d003122a50aacffd608d0d568c7048b296ef73a1ec1ca59c5d
4442cba812240f56b7adde799c1a97c7970875d0d01cbf1c5667e25c6beed2cf
4570b7ca8f59e1747aa522e7b5f5e6eb06c67fcc9403a8b1d2f9e86561df0b89
46f41440725e888ad2fc80cf56ed824bd9da5102e4c0df3236b8ad6d70d51db1
5acc14f1488930083712f8ed8aa2a253d377a7b46112509ab3b6fdea19908aca
6a7eb353b38a935a0ec168fb6429a2705ee9a9b5003831787f8fa66b6a6b3554
7f969dfd78c9a121df069f10e78d4b6072b83276a27f0908041db9a2fb46967f
b81a149c207746e2b380c6b07f9dd42aab5f860e6a9719faea371eaa15f494b8