urlscan.io logo urlscan.io
SecurityTrails logo

www.gwenet.org Open in urlscan Pro
66.175.58.9  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://www.gwenet.org/office/
Submission: On July 01 via api from BY — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 66.175.58.9, located in Canada and belongs to INFB2-AS, CA. The main domain is www.gwenet.org.
This is the only time www.gwenet.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

IP Address AS Autonomous System
1 10 66.175.58.9 30447 (INFB2-AS)
2 66.175.41.113 30447 (INFB2-AS)
5 13.107.253.38 8075 (MICROSOFT...)
2 13.107.6.156 8068 (MICROSOFT...)
18 4
Apex Domain
Subdomains		 Transfer
10 gwenet.org
www.gwenet.org
304 KB
5 microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com — Cisco Umbrella Rank: 16950
226 KB
2 microsoftonline.com
portal.microsoftonline.com — Cisco Umbrella Rank: 34925
2 carrierzone.com
count.carrierzone.com — Cisco Umbrella Rank: 136591
36 KB
18 4
Domain Requested by
10 www.gwenet.org 1 redirects www.gwenet.org
5 secure.aadcdn.microsoftonline-p.com www.gwenet.org
2 portal.microsoftonline.com www.gwenet.org
2 count.carrierzone.com www.gwenet.org
18 4
Subject Issuer Validity Valid
*.carrierzone.com
Sectigo RSA Domain Validation Secure Server CA		 2024-06-13 -
2025-06-13		 a year crt.sh
secure.aadcdn.microsoftonline-p.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-05-22 -
2025-05-17		 a year crt.sh
portal.office.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-03 -
2025-05-29		 a year crt.sh

This page contains 3 frames:

Primary Page: http://www.gwenet.org/office/
Frame ID: 9156857202D9F99A3C95D022E0887BF8
Requests: 16 HTTP requests in this frame

Frame: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Frame ID: B3DDA79987826733CF32560BA6A705E0
Requests: 1 HTTP requests in this frame

Frame: https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Frame ID: 3E86808BF7811F4A5155241EAD967E9B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

  1. http://www.gwenet.org/office HTTP 307
    https://www.gwenet.org/office HTTP 307
    http://www.gwenet.org/office HTTP 301
    http://www.gwenet.org/office/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

44 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

566 kB
Transfer

815 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.gwenet.org/office HTTP 307
    https://www.gwenet.org/office HTTP 307
    http://www.gwenet.org/office HTTP 301
    http://www.gwenet.org/office/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.gwenet.org/office/
Redirect Chain
  • http://www.gwenet.org/office
  • https://www.gwenet.org/office
  • http://www.gwenet.org/office
  • http://www.gwenet.org/office/
44 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.gwenet.org/office/
Protocol
HTTP/1.1
Server
66.175.58.9 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
hostedc38.carrierzone.com
Software
/
Resource Hash
b0db1f296444aebe3a63778e7c7ceb68d90abb4a8583538649c392479f11322e

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 01 Jul 2024 01:17:01 GMT
Last-Modified
Tue, 12 May 2020 12:04:42 GMT
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
237
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 01 Jul 2024 01:17:01 GMT
Location
http://www.gwenet.org/office/
login.css
www.gwenet.org/office/index_files/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gwenet.org/office/index_files/login.css
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
HTTP/1.1
Server
66.175.58.9 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
hostedc38.carrierzone.com
Software
/
Resource Hash
b5ea0ffbe39f577651336a1aba7746881cf235b9f7ccc1c51b151162b3da4feb

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
http://www.gwenet.org/office/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Jul 2024 01:17:01 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 Mar 2017 12:45:10 GMT
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
login_hover.css
www.gwenet.org/office/index_files/ 		89 B
333 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.gwenet.org/office/index_files/login_hover.css
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
HTTP/1.1
Server
66.175.58.9 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
hostedc38.carrierzone.com
Software
/
Resource Hash
91c2b74542e11d0278e02715a980b39582eae2e3b519ddd2d4f9ca939e58109c

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
http://www.gwenet.org/office/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
text/css
Date
Mon, 01 Jul 2024 01:17:01 GMT
Cache-Control
max-age=315360000
Last-Modified
Sat, 11 Mar 2017 12:45:10 GMT
Connection
keep-alive
Content-Length
89
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
www.gwenet.org/office/index_files/ 		108 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gwenet.org/office/index_files/jquery.js
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
HTTP/1.1
Server
66.175.58.9 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
hostedc38.carrierzone.com
Software
/
Resource Hash
d9c500706bcdb6d8e2ba4de1a6ea3d30d87417b79aa26e51fa2b9b9f4ff37e5f

Request headers

Referer
http://www.gwenet.org/office/
Origin
http://www.gwenet.org
Accept-Language
en-CA,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Jul 2024 01:17:01 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 Mar 2017 12:45:10 GMT
ETag
W/"1ae50-54a73d93e8180"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
aad.js
www.gwenet.org/office/index_files/ 		174 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.gwenet.org/office/index_files/aad.js
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
HTTP/1.1
Server
66.175.58.9 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
hostedc38.carrierzone.com
Software
/
Resource Hash
d422d055fc7e99b9a2356023659180e91ee818697425f9f488a103a9c10b38e6

Request headers

Referer
http://www.gwenet.org/office/
Origin
http://www.gwenet.org
Accept-Language
en-CA,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Jul 2024 01:17:02 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 Mar 2017 12:45:10 GMT
ETag
W/"2b87f-54a73d93e8180"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
heroillustration.jpg
www.gwenet.org/office/index_files/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.gwenet.org/office/index_files/heroillustration.jpg
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
HTTP/1.1
Server
66.175.58.9 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
hostedc38.carrierzone.com
Software
/
Resource Hash
7e50e406688bd898803f653058d14ca384734cb9b39ba900bc5e2734b59c073b

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
http://www.gwenet.org/office/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Jul 2024 01:17:02 GMT
Last-Modified
Sat, 11 Mar 2017 12:45:10 GMT
ETag
"31a1e-54a73d93e8180"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
203294
Expires
Thu, 31 Dec 2037 23:55:55 GMT
bannerlogo.png
www.gwenet.org/office/index_files/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.gwenet.org/office/index_files/bannerlogo.png
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
HTTP/1.1
Server
66.175.58.9 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
hostedc38.carrierzone.com
Software
/
Resource Hash
fc5c3d7d2b298a42ec44dad2d8cd227b734db966b4afa68c0254a497e805f603

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
http://www.gwenet.org/office/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Jul 2024 01:17:02 GMT
Last-Modified
Sat, 11 Mar 2017 12:45:10 GMT
ETag
"11e9-54a73d93e8180"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4585
Expires
Thu, 31 Dec 2037 23:55:55 GMT
microsoft_logo.png
www.gwenet.org/office/index_files/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.gwenet.org/office/index_files/microsoft_logo.png
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
HTTP/1.1
Server
66.175.58.9 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
hostedc38.carrierzone.com
Software
/
Resource Hash
988e349f2bf4e87154738c7b2c1fa86618713a8cfa0cef60a046f5add89bd9de

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
http://www.gwenet.org/office/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 01 Jul 2024 01:17:02 GMT
Last-Modified
Sat, 11 Mar 2017 12:45:10 GMT
ETag
"410-54a73d93e8180"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1040
Expires
Thu, 31 Dec 2037 23:55:55 GMT
count.js
count.carrierzone.com/app/count_server/ 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://count.carrierzone.com/app/count_server/count.js
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.175.41.113 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
wiredminds.carrierzone.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f418e6b5416f03cbc22b24f481582e2d55ee0f7ca6989c562b59f12c9229214e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://www.gwenet.org/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 01:16:54 GMT
Last-Modified
Fri, 08 Jun 2012 10:17:02 GMT
Server
Apache/2.2.15 (CentOS)
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
36029
login_hover.min.css
secure.aadcdn.microsoftonline-p.com/ests/2.1.5623.13/content/cdnbundles/ 		89 B
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.5623.13/content/cdnbundles/login_hover.min.css
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
91c2b74542e11d0278e02715a980b39582eae2e3b519ddd2d4f9ca939e58109c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://www.gwenet.org/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 01:17:02 GMT
content-encoding
gzip
last-modified
Sat, 18 May 2019 08:00:57 GMT
etag
0x8D6DB66F5ECA244
x-azure-ref
20240701T011702Z-1597dcf7dfcw5s4lw2rd7qwu1s000000030g0000000014cb
x-cache
TCP_MISS
content-type
text/css
x-ms-request-id
bb001751-401e-007b-4754-cbd327000000
cache-control
public, max-age=604800
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
accept-ranges
bytes
content-length
82
watson.min.js
secure.aadcdn.microsoftonline-p.com/ests/2.1.5623.13/content/cdnbundles/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.5623.13/content/cdnbundles/watson.min.js
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9b5900571285ad0f6198cbf9fe92d81e9c5ed6f49cfd816d2a762d64d6ab6e14

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://www.gwenet.org/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 01:17:02 GMT
content-encoding
gzip
last-modified
Sat, 18 May 2019 08:00:43 GMT
etag
0x8D6DB66ED4BE3DF
x-azure-ref
20240701T011702Z-1597dcf7dfcw5s4lw2rd7qwu1s000000030g0000000014cc
x-cache
TCP_MISS
content-type
application/x-javascript
x-ms-request-id
ae7f1499-901e-00ee-0d54-cb3b92000000
cache-control
public, max-age=604800
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
accept-ranges
bytes
content-length
4076
Prefetch.aspx
portal.microsoftonline.com/Prefetch/ Frame B3DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.6.156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
http://www.gwenet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache
content-length
1245
content-type
text/html
date
Mon, 01 Jul 2024 01:17:02 GMT
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-ms-correlation-id
a023477b-232d-499d-9de5-ee36bd088307
x-msedge-ref
Ref A: 4D0C547F69DC46768AEC0AF0B36B0B01 Ref B: CH1AA2020618031 Ref C: 2024-07-01T01:17:02Z
x-ua-compatible
IE=Edge
watson
www.gwenet.org/common/handlers/ 		21 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.gwenet.org/common/handlers/watson
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/index_files/jquery.js
Protocol
HTTP/1.1
Server
66.175.58.9 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
hostedc38.carrierzone.com
Software
/
Resource Hash
d6a6e3533a3a8f1ca99259152a54a7ace6f0f0f6a8ba53e0a5443f05ce55d47a

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
client-request-id
0786de24-8d9f-4b28-a873-b34d27a67ddd
canary
AQABAAAAAADRNYRQ3dhRSrm-4K-adpCJqrp2-UHGX2Lav-bHusaZ5AWWTdpMRUb6WocX9TLNhQwBk_0iNrtuwCrdt7DiLezMPnSIbNGbDIVPTeZzHsTx9GAdgn_VF2NwmgeHegX7RaA-AccDhDt23Hl5ZTS_97J9oeNq86xMW2AzcX_-Cm4cWOZl4aibxruDwg5ZFhx5yRTjDReCNscp5KufKphAjgxuOmIM4UUA_BIQbrO1FxDqziAA
Content-Type
application/json; charset=UTF-8
hpgid
1002
Accept
application/json
Referer
http://www.gwenet.org/office/
X-Requested-With
XMLHttpRequest
hpgact
2101

Response headers

Date
Mon, 01 Jul 2024 01:17:02 GMT
Connection
keep-alive
Content-Length
21
Content-Type
text/html; charset=iso-8859-1
ctin.php
count.carrierzone.com/track/ 		42 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://count.carrierzone.com/track/ctin.php?t=1719796622833&custnum=88d8c7091eaea901&sname=www.gwenet.org&pagename=index.html&group=%2Fservices%2Fwebpages%2Fg%2Fw%2Fgwenet.org%2Fpublic%2Foffice&version=%24Rev%3A%207840%20%24&js=1&jv=0&resolution=1600x1200&color_depth=24&campaign=&referrer=&page_url=http%253A%252F%252Fwww.gwenet.org%252Foffice%252F&plugins=PDF%20Viewer%3BChrome%20PDF%20Viewer%3BChromium%20PDF%20Viewer%3BMicrosoft%20Edge%20PDF%20Viewer%3BWebKit%20built-in%20PDF%3B
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
HTTP/1.1
Server
66.175.41.113 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
wiredminds.carrierzone.com
Software
Apache/2.2.15 (CentOS) / PHP/5.2.17
Resource Hash
5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
http://www.gwenet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 Jul 2024 01:16:54 GMT
Last-Modified
Mon, 01 Jul 2024 01:16:54 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.2.17
P3P
CP="NOI NID ADMa OUR IND UNI COM NAV"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
42
Expires
Thu, 01 Jan 1970 01:23:45 GMT
bannerlogo
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-6ybrougjmflxqw910ieyohr7wb4x4-yvoixrlaidmz4/appbranding/askzfdsqe20i-bcjwporaywega7vbt4acqnn1hiliiw/0/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-6ybrougjmflxqw910ieyohr7wb4x4-yvoixrlaidmz4/appbranding/askzfdsqe20i-bcjwporaywega7vbt4acqnn1hiliiw/0/bannerlogo?ts=635974776182591704
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc5c3d7d2b298a42ec44dad2d8cd227b734db966b4afa68c0254a497e805f603

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://www.gwenet.org/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 01:17:02 GMT
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
content-length
4585
x-ms-lease-status
unlocked
last-modified
Wed, 03 Apr 2019 22:28:44 GMT
etag
0x8D6B883BBB9ACF7
x-azure-ref
20240701T011702Z-1597dcf7dfcw5s4lw2rd7qwu1s000000030g0000000014cf
content-type
image\jpeg
access-control-allow-origin
*
x-ms-request-id
c128e9c2-601e-0041-4218-cb5fb7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
heroillustration
secure.aadcdn.microsoftonline-p.com/dbd5a2dd-6ybrougjmflxqw910ieyohr7wb4x4-yvoixrlaidmz4/appbranding/askzfdsqe20i-bcjwporaywega7vbt4acqnn1hiliiw/0/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.aadcdn.microsoftonline-p.com/dbd5a2dd-6ybrougjmflxqw910ieyohr7wb4x4-yvoixrlaidmz4/appbranding/askzfdsqe20i-bcjwporaywega7vbt4acqnn1hiliiw/0/heroillustration?ts=635974776187911809
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7e50e406688bd898803f653058d14ca384734cb9b39ba900bc5e2734b59c073b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://www.gwenet.org/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 01:17:03 GMT
x-cache
TCP_HIT
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
content-length
203294
x-ms-lease-status
unlocked
last-modified
Wed, 03 Apr 2019 22:28:45 GMT
etag
0x8D6B883BC0FF82B
x-azure-ref
20240701T011702Z-1597dcf7dfcw5s4lw2rd7qwu1s000000030g0000000014cg
content-type
image\jpeg
access-control-allow-origin
*
x-ms-request-id
d0768534-901e-0045-7137-cbd2b0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
Prefetch.aspx
portal.microsoftonline.com/Prefetch/ Frame 3E86 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.microsoftonline.com/Prefetch/Prefetch.aspx
Requested by
Host: www.gwenet.org
URL: http://www.gwenet.org/office/index_files/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.6.156 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
http://www.gwenet.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache
content-length
1245
content-type
text/html
date
Mon, 01 Jul 2024 01:17:03 GMT
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-ms-correlation-id
b8fc5c73-a315-4c7d-8c7d-09b7971332ea
x-msedge-ref
Ref A: B617CDA8A8FF4701899A7B02C911B41C Ref B: CH1AA2020618031 Ref C: 2024-07-01T01:17:03Z
x-ua-compatible
IE=Edge
favicon_a.ico
secure.aadcdn.microsoftonline-p.com/ests/2.1.5623.13/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://secure.aadcdn.microsoftonline-p.com/ests/2.1.5623.13/content/images/favicon_a.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://www.gwenet.org/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 01 Jul 2024 01:17:04 GMT
last-modified
Sat, 18 May 2019 08:01:02 GMT
etag
0x8D6DB66F8F4DC56
x-azure-ref
20240701T011704Z-1597dcf7dfcw5s4lw2rd7qwu1s000000030g0000000014cw
x-cache
TCP_MISS
content-type
image/x-icon
x-ms-request-id
b3f40104-b01e-0050-5c54-cb53eb000000
cache-control
public, max-age=604800
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
accept-ranges
bytes
content-length
17174

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B boolean| isTouch string| cssId object| head object| link undefined| msViewportStyle function| $ function| jQuery function| pageOnReady object| MSLogin object| proxy object| ErrorCodes object| Constants object| Context object| Background object| Logo object| Instrument object| User object| tenant_info object| EmailDiscovery function| origHide function| origShow function| origAddClass function| origRemoveClass object| Support object| MSLogout object| ThirdPartyCookieStates object| PostType object| LoginOption object| Post object| TenantBranding object| users object| Tiles object| $Api object| jQuery111205457410467316732 object| StrongAuthCheck object| Util object| WindowsBrowserSso object| body function| click_track function| getClick object| wm_indiv_stats object| wiredminds string| wm_custnum string| wm_page_name string| wm_group_name string| wm_campaign_key string| wm_track_alt

2 Cookies

Domain/Path Name / Value
www.gwenet.org/office Name: testcookie
Value: testcookie
portal.microsoftonline.com/ Name: s.SessID
Value: 8bace01a-274a-40d3-a1f2-642a10e51739

2 Console Messages

Source Level URL
Text
network error URL: http://www.gwenet.org/common/handlers/watson
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation verbose URL: http://www.gwenet.org/office/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o