Submitted URL: http://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NT...
Effective URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NT...
Submission: On March 10 via api from IE — Scanned from FR

Summary

This website contacted 13 IPs in 4 countries across 13 domains to perform 21 HTTP transactions. The main IP is 51.210.38.95, located in France and belongs to OVH, FR. The main domain is ellefsen.be.
TLS certificate: Issued by R3 on January 27th 2023. Valid for: 3 months.
This is the only time ellefsen.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 51.210.38.95 16276 (OVH)
1 2620:12a:8000::4 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 45.131.138.235 61323 (UKFAST)
1 151.101.194.137 54113 (FASTLY)
1 52.217.122.8 16509 (AMAZON-02)
1 2.18.235.37 16625 (AKAMAI-AS)
1 49.12.125.113 24940 (HETZNER-AS)
1 192.111.159.131 31863 (DACEN-2)
1 35.244.153.71 15169 (GOOGLE)
1 15.197.254.101 16509 (AMAZON-02)
21 13
Apex Domain
Subdomains
Transfer
9 ellefsen.be
ellefsen.be
72 KB
2 udemycdn.com
i.udemycdn.com — Cisco Umbrella Rank: 323422
108 KB
1 stellarinfo.com
www.stellarinfo.com — Cisco Umbrella Rank: 278740
18 KB
1 soofos.nl
cdn.soofos.nl
1 phpclasses.org
files.phpclasses.org
27 KB
1 tutorialsocean.com
tutorialsocean.com
90 KB
1 grouponcdn.com
img.grouponcdn.com — Cisco Umbrella Rank: 20912
83 KB
1 amazonaws.com
s3.amazonaws.com
124 KB
1 lifewire.com
www.lifewire.com — Cisco Umbrella Rank: 46073
141 KB
1 greenlabyrinth.co.uk
greenlabyrinth.co.uk
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
114 KB
1 usc.edu
annenberg.usc.edu
40 KB
0 imittech.com Failed
imittech.com Failed
21 13
Domain Requested by
9 ellefsen.be 1 redirects ellefsen.be
2 i.udemycdn.com ellefsen.be
1 www.stellarinfo.com ellefsen.be
1 cdn.soofos.nl ellefsen.be
1 files.phpclasses.org ellefsen.be
1 tutorialsocean.com ellefsen.be
1 img.grouponcdn.com ellefsen.be
1 s3.amazonaws.com ellefsen.be
1 www.lifewire.com ellefsen.be
1 greenlabyrinth.co.uk ellefsen.be
1 i.ytimg.com ellefsen.be
1 annenberg.usc.edu ellefsen.be
0 imittech.com Failed ellefsen.be
21 13

This site contains no links.

Subject Issuer Validity Valid
ellefsen.be
R3
2023-01-27 -
2023-04-27
3 months crt.sh
annenberg.usc.edu
R3
2023-02-02 -
2023-05-03
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-02-20 -
2023-05-15
3 months crt.sh
*.udemycdn.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-11-14
a year crt.sh
www.greenlabyrinth.co.uk
R3
2023-02-04 -
2023-05-05
3 months crt.sh
*.lifewire.com
R3
2023-02-27 -
2023-05-28
3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2022-12-06 -
2023-12-05
a year crt.sh
www.groupon.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-24 -
2023-06-01
a year crt.sh
tutorialsocean.com
cPanel, Inc. Certification Authority
2023-01-29 -
2023-04-29
3 months crt.sh
phpclasses.org
R3
2023-01-26 -
2023-04-26
3 months crt.sh
*.closte.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-05 -
2023-07-06
a year crt.sh
www.stellarinfo.com
DigiCert EV RSA CA G2
2023-02-22 -
2024-03-24
a year crt.sh

This page contains 2 frames:

Primary Page: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Frame ID: A0268D8AC032CE1250B18BA0C304ED9D
Requests: 18 HTTP requests in this frame

Frame: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/content/login.php?email=
Frame ID: 4D2861F8A6FBBAE92F92D4805F2B1E39
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Microsoft Excel | File Download

Page URL History Show full URLs

  1. http://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?ref... HTTP 308
    https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?ref... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

90 %
HTTPS

25 %
IPv6

13
Domains

13
Subdomains

13
IPs

4
Countries

815 kB
Transfer

883 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D HTTP 308
    https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/
Redirect Chain
  • http://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
  • https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
13 KB
2 KB
Document
General
Full URL
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.210.38.95 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
aa26fc9f33fb737632aec1719a62b5670c3dc37c485da552644288bc37f42a09

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000
content-encoding
gzip
content-length
1927
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 21:25:06 GMT
vary
Accept-Encoding

Redirect headers

Connection
close
Content-Length
0
Date
Fri, 10 Mar 2023 21:25:06 GMT
Location
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Server
Caddy
style.css
ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/
813 B
509 B
Stylesheet
General
Full URL
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/style.css
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.210.38.95 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6d806edf0675fe5e3e242e2b2390713afbf2e245b7493b99b06197ea72a86873

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 21:25:06 GMT
content-encoding
gzip
last-modified
Fri, 10 Mar 2023 19:04:10 GMT
etag
"rrbjmyml"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
alt-svc
h3=":443"; ma=2592000
content-length
427
logo.jpg
ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/photos/
18 KB
18 KB
Image
General
Full URL
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/photos/logo.jpg
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.210.38.95 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5bf9e1f9686cf5e25d749ef3405e62c68b22f5d1e6c0d9403210020a2c86d4aa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 21:25:06 GMT
last-modified
Fri, 10 Mar 2023 19:04:10 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
etag
"rrbjmye5i"
content-length
18342
content-type
image/jpeg
index.php
ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/content/ Frame 4D28
117 B
143 B
Document
General
Full URL
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/content/index.php?email=
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.210.38.95 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c36af889337e322fff16e6227f70d7b0765ea0578923de97e7f603a1a885020f

Request headers

Referer
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000
content-length
117
content-type
text/html; charset=UTF-8
date
Fri, 10 Mar 2023 21:25:06 GMT
jquery.min.js
ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/
82 KB
30 KB
Script
General
Full URL
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/jquery.min.js
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.210.38.95 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 21:25:06 GMT
content-encoding
gzip
last-modified
Fri, 10 Mar 2023 19:04:10 GMT
alt-svc
h3=":443"; ma=2592000
etag
"rrbjmy1t37"
vary
Accept-Encoding
content-type
application/javascript
script.js
ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/
2 KB
1 KB
Script
General
Full URL
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/script.js
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.210.38.95 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
231d9c71bce9699298f72ed19db8214d61833b6f68ca3f71829613888e7eb153

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 21:25:06 GMT
content-encoding
gzip
last-modified
Fri, 10 Mar 2023 19:04:10 GMT
etag
"rrbjmy1de"
vary
Accept-Encoding
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000
content-length
969
Excel_4.png
annenberg.usc.edu/sites/default/files/
39 KB
40 KB
Image
General
Full URL
https://annenberg.usc.edu/sites/default/files/Excel_4.png
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7cf1bb653523427fc88824e64ed3a42a378161da78aba6838e14c08c8aad3d9
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe4-b-6d846bd466-ws6bf
strict-transport-security
max-age=300
date
Fri, 10 Mar 2023 21:25:06 GMT
via
1.1 varnish, 1.1 varnish
expires
Tue, 05 Mar 2024 11:01:12 GMT
age
58425
x-cache
HIT, HIT
content-length
40080
x-served-by
cache-chi-klot8100156-CHI, cache-cdg20792-CDG
last-modified
Thu, 15 Oct 2020 03:56:57 GMT
server
nginx
x-timer
S1678483507.788020,VS0,VE7
etag
"5f87c889-9c90"
content-type
image/png
x-styx-req-id
0afebb77-bb45-11ed-b597-c6a37537a725
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
26, 1
maxresdefault.jpg
i.ytimg.com/vi/Ftz935kJXwM/
114 KB
114 KB
Image
General
Full URL
https://i.ytimg.com/vi/Ftz935kJXwM/maxresdefault.jpg
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04b32635756827bf291367e593ede3157aee306a86e9619cbe0358a74206974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 21:25:01 GMT
x-content-type-options
nosniff
age
5
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116585
x-xss-protection
0
server
sffe
etag
"1550515651"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 10 Mar 2023 23:25:01 GMT
47156_c7f1_6.jpg
i.udemycdn.com/course/750x422/
42 KB
43 KB
Image
General
Full URL
https://i.udemycdn.com/course/750x422/47156_c7f1_6.jpg
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f0e90e4a19fd02fd773a0f4dd05367723692270e0ee17119c39c5d2903497088

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 10 Mar 2023 21:25:06 GMT
x-amz-version-id
null
x-age-lb
27429163
x-cdn
cdn77
x-amz-request-id
943407M7S5E1FSRX
x-77-cache
HIT
alt-svc
quic="156.146.33.7:443"; ma=2592000; v="44,43,39"
content-length
42889
x-amz-id-2
d7++XKiE9P19Wr9tXBnJTeqEhFLp03oG2qE7N43BqznNZ/QL06fDkoy6mRR8Td7tMAB2oVsTusI=
x-77-nzt
ApySIQe9xb7/K4miAVQRPUGIegH/fGsKAQ
x-accel-expires
@2048601600
x-cache-lb
HIT
last-modified
Fri, 19 Jun 2015 23:53:45 GMT
server
CDN77-Turbo
x-amz-meta-s3cmd-attrs
uid:450/gname:release/uname:release/gid:450/mode:33204/mtime:1434758024/atime:1434758024/md5:64917e3409ee299190288d71524f4117/ctime:1434758024
etag
"64917e3409ee299190288d71524f4117"
x-77-nzt-ray
298deb227a4cd85a32a00b641bd5d331
content-type
image/jpeg
access-control-expose-headers
*
cache-control
public
accept-ranges
bytes
expires
Fri, 01 Dec 2034 16:00:00 GMT
data-analysis-.jpg
greenlabyrinth.co.uk/wp-content/uploads/2018/11/
0
0
Image
General
Full URL
https://greenlabyrinth.co.uk/wp-content/uploads/2018/11/data-analysis-.jpg
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.131.138.235 , United Kingdom, ASN61323 (UKFAST, GB),
Reverse DNS
45.131.138.235.srvlist.ukfast.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

SimpleFormula-51465d8cc2534b4a86b96f4e495c99e6.jpg
www.lifewire.com/thmb/M1gS7FhkEROLNzPUOKCctJPJ6fM=/1680x1020/filters:no_upscale():max_bytes(150000):strip_icc()/
140 KB
141 KB
Image
General
Full URL
https://www.lifewire.com/thmb/M1gS7FhkEROLNzPUOKCctJPJ6fM=/1680x1020/filters:no_upscale():max_bytes(150000):strip_icc()/SimpleFormula-51465d8cc2534b4a86b96f4e495c99e6.jpg
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f15a770e1efb13a7eb5a2f027595f298698f6d33ef16a48741c87b19caef309e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000079-IAD, cache-iad-kjyo7100148-IAD, cache-cdg20740-CDG
date
Fri, 10 Mar 2023 21:25:06 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 29 Aug 2019 03:24:19 GMT
server
AmazonS3
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
age
162549
etag
"56ae3389a9c3a2d5ab46d1cc73b0a221"
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/552/re.p"}]}
content-type
image/jpeg
x-cache
HIT, HIT
cache-control
max-age=31536000,public,no-transform
accept-ranges
bytes
content-length
143453
x-cache-hits
18, 1
2b2b8152e61411e994ad068365182609
s3.amazonaws.com/coursestorm/live/media/
123 KB
124 KB
Image
General
Full URL
https://s3.amazonaws.com/coursestorm/live/media/2b2b8152e61411e994ad068365182609
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.122.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8232e056369b83d626e2c8d9b27e9170fa54bcdb063dd33fc49f290451c9a3e4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 10 Mar 2023 21:25:08 GMT
x-amz-version-id
null
Last-Modified
Thu, 03 Oct 2019 19:29:52 GMT
Server
AmazonS3
x-amz-request-id
QQ0F0XDH6XPEMDMM
ETag
"cd58049d84f1f694b6a99058cab025c7"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
126162
x-amz-id-2
qfuVxbTleq3qI8EyJ+nHfbxd7ea8It9UJewlBZeg7ytc+kPRJfsYFeLUylHyx9iPKDQM3QfkPZQ=
1797822_6f72_38.jpg
i.udemycdn.com/course/750x422/
65 KB
65 KB
Image
General
Full URL
https://i.udemycdn.com/course/750x422/1797822_6f72_38.jpg
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::15 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8d0678cd65b3eb64d408a46d8552e814f946e53bf36c6036495ef296e055c962

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 10 Mar 2023 21:25:06 GMT
x-amz-version-id
null
x-age-lb
160868
x-cdn
cdn77
x-amz-request-id
983X3RMP5B6TFXCF
x-77-cache
HIT
alt-svc
quic="156.146.33.7:443"; ma=2592000; v="44,43,39"
content-length
66133
x-amz-id-2
rBvxs/AjMxQ0N1jGBSDG6+c0wnQkTZPQV6ZinnCxxZMSJ9KGcmc5SYy1FvLyncxoTRa3ytN4UT8=
x-77-nzt
ApySIQcnAof/ZHQCAFQRPUcExH7/lX9uAg
x-accel-expires
@1952886585
x-cache-lb
HIT
last-modified
Tue, 22 Jan 2019 04:15:52 GMT
server
CDN77-Turbo
etag
"9422b98c834526113bb83b0f82f9c9c5"
x-77-nzt-ray
298deb227a4cd85a32a00b648daeda31
content-type
image/jpeg
access-control-expose-headers
*
cache-control
max-age=315360000
accept-ranges
bytes
c700x420.jpg
img.grouponcdn.com/deal/dBQkk5V3LRdNcJxVYiab/PG-700x420/v1/
83 KB
83 KB
Image
General
Full URL
https://img.grouponcdn.com/deal/dBQkk5V3LRdNcJxVYiab/PG-700x420/v1/c700x420.jpg
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-37.deploy.static.akamaitechnologies.com
Software
envoy /
Resource Hash
e57cda93d0ed1b9dea06a9ef0eb60eebef8c92ebce851c4a78458847b5e3d516

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 21:25:06 GMT
last-modified
Mon, 17 Oct 2022 11:36:02 GMT
server
envoy
etag
"13026aa7464c43fd32a5e708bd5460aa"
content-type
image/jpeg
x-response-served-from
gims--rw--public--us-west-1--default--conveyor-production44
access-control-allow-origin
*
cache-control
public, max-age=2429450
x-envoy-upstream-service-time
119
x-original-request-id
f81f8002-f719-451c-8c73-e8e0afc75f20
x-forwarded-proto
https
content-length
84529
expires
Sat, 08 Apr 2023 00:15:56 GMT
shutterstock_366893612.jpg
tutorialsocean.com/wp-content/uploads/2018/07/
90 KB
90 KB
Image
General
Full URL
https://tutorialsocean.com/wp-content/uploads/2018/07/shutterstock_366893612.jpg
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
49.12.125.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server49.hndservers.net
Software
Apache/2 /
Resource Hash
d2a00dda298a5da9a3b55637eb2694335635b5cbef78c203f3392bc0379e8b80

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 21:25:06 GMT
last-modified
Fri, 03 Aug 2018 09:26:50 GMT
server
Apache/2
etag
"1674c-5728487042a80"
vary
User-Agent
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
91980
expires
Sun, 09 Apr 2023 21:25:06 GMT
Microsoft%20Excel%202013%20Default%20Screen.png
files.phpclasses.org/files/blog/file/
27 KB
27 KB
Image
General
Full URL
https://files.phpclasses.org/files/blog/file/Microsoft%20Excel%202013%20Default%20Screen.png
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.111.159.131 , United States, ASN31863 (DACEN-2, US),
Reverse DNS
mail2.phpclasses.org
Software
lighttpd /
Resource Hash
d72130560b6cdd1b41ddec84995ef46c074efa0f77cc83c37e8b3d1bb77ed3d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=63072000
date
Fri, 10 Mar 2023 21:25:06 GMT
last-modified
Thu, 29 Oct 2015 01:35:36 GMT
server
lighttpd
etag
"2100026188"
content-type
image/png
cache-control
max-age=10368000
accept-ranges
bytes
content-length
27325
microsoft-excel_orig.jpg
imittech.com/wp-content/uploads/2019/07/
0
0

Excel-Blog-1-768x402.png
cdn.soofos.nl/wp-content/uploads/2016/09/
0
0
Image
General
Full URL
https://cdn.soofos.nl/wp-content/uploads/2016/09/Excel-Blog-1-768x402.png
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.153.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

excel-blank-document.png
www.stellarinfo.com/blog/wp-content/uploads/2018/05/
18 KB
18 KB
Image
General
Full URL
https://www.stellarinfo.com/blog/wp-content/uploads/2018/05/excel-blank-document.png
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.254.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a2e630a968cb293f8.awsglobalaccelerator.com
Software
Apache /
Resource Hash
7ec382c269dadec76d9a016414cecb802259200cb8bda16710a16cdc0f959ce6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 21:25:07 GMT
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
last-modified
Wed, 08 Aug 2018 11:27:19 GMT
server
Apache
etag
"47fa-572eacb1ad3c0"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
18426
x-xss-protection
1; mode=block
login.php
ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/content/ Frame 4D28
10 KB
1 KB
Document
General
Full URL
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/content/login.php?email=
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
51.210.38.95 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a2547347fed78c74fc8eb140b57357be275433c53d31d9d4986348d49923345f

Request headers

Referer
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/content/index.php?email=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
logo.jpg
ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/content/photos/ Frame 4D28
18 KB
18 KB
Image
General
Full URL
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/content/photos/logo.jpg
Requested by
Host: ellefsen.be
URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/content/login.php?email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
51.210.38.95 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5bf9e1f9686cf5e25d749ef3405e62c68b22f5d1e6c0d9403210020a2c86d4aa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/content/login.php?email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

last-modified
Fri, 10 Mar 2023 19:04:10 GMT
accept-ranges
bytes
etag
"rrbjmye5i"
content-length
18342
content-type
image/jpeg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
imittech.com
URL
https://imittech.com/wp-content/uploads/2019/07/microsoft-excel_orig.jpg

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery object| bgImageArray string| base number| secs function| backgroundSequence

0 Cookies

4 Console Messages

Source Level URL
Text
security warning URL: https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D
Message:
Mixed Content: The page at 'https://ellefsen.be/wp-admin/SG/MicrosoftExcel/cmd-login%3D012962f7ce4c0854415e6bd264535560/?reff=MTA3OGJkODVkOTU4NTZhMWZiMGE4YTRiNDhlZDA1ZTI%3D' was loaded over HTTPS, but requested an insecure element 'http://tutorialsocean.com/wp-content/uploads/2018/07/shutterstock_366893612.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://greenlabyrinth.co.uk/wp-content/uploads/2018/11/data-analysis-.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.soofos.nl/wp-content/uploads/2016/09/Excel-Blog-1-768x402.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://imittech.com/wp-content/uploads/2019/07/microsoft-excel_orig.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

annenberg.usc.edu
cdn.soofos.nl
ellefsen.be
files.phpclasses.org
greenlabyrinth.co.uk
i.udemycdn.com
i.ytimg.com
img.grouponcdn.com
imittech.com
s3.amazonaws.com
tutorialsocean.com
www.lifewire.com
www.stellarinfo.com
imittech.com
15.197.254.101
151.101.194.137
192.111.159.131
2.18.235.37
2620:12a:8000::4
2a00:1450:4001:830::2016
2a02:6ea0:c700::15
35.244.153.71
45.131.138.235
49.12.125.113
51.210.38.95
52.217.122.8
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
231d9c71bce9699298f72ed19db8214d61833b6f68ca3f71829613888e7eb153
5bf9e1f9686cf5e25d749ef3405e62c68b22f5d1e6c0d9403210020a2c86d4aa
6d806edf0675fe5e3e242e2b2390713afbf2e245b7493b99b06197ea72a86873
7ec382c269dadec76d9a016414cecb802259200cb8bda16710a16cdc0f959ce6
8232e056369b83d626e2c8d9b27e9170fa54bcdb063dd33fc49f290451c9a3e4
8d0678cd65b3eb64d408a46d8552e814f946e53bf36c6036495ef296e055c962
a2547347fed78c74fc8eb140b57357be275433c53d31d9d4986348d49923345f
aa26fc9f33fb737632aec1719a62b5670c3dc37c485da552644288bc37f42a09
c04b32635756827bf291367e593ede3157aee306a86e9619cbe0358a74206974
c36af889337e322fff16e6227f70d7b0765ea0578923de97e7f603a1a885020f
d2a00dda298a5da9a3b55637eb2694335635b5cbef78c203f3392bc0379e8b80
d72130560b6cdd1b41ddec84995ef46c074efa0f77cc83c37e8b3d1bb77ed3d8
d7cf1bb653523427fc88824e64ed3a42a378161da78aba6838e14c08c8aad3d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57cda93d0ed1b9dea06a9ef0eb60eebef8c92ebce851c4a78458847b5e3d516
f0e90e4a19fd02fd773a0f4dd05367723692270e0ee17119c39c5d2903497088
f15a770e1efb13a7eb5a2f027595f298698f6d33ef16a48741c87b19caef309e