Report - eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dwnxiiwurwodzaaaqie7.info%2F&data=05%7C02%7Cnicolas.michaux%40b-rail.be%7Ca25c5e962f4448f45f6708dc5e05cfc6%7C7919ea654c524980bfcdce7ffd32f1ea%7C0%7C0%7C638488626264555825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=jWWE4k5WF3B2JRy3eWk9hTNp5%2BSIJD1JufIirZek9%2BI%3D&reserved=0

Report Overview

Submitted URL
eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dwnxiiwurwodzaaaqie7.info%2F&data=05%7C02%7Cnicolas.michaux%40b-rail.be%7Ca25c5e962f4448f45f6708dc5e05cfc6%7C7919ea654c524980bfcdce7ffd32f1ea%7C0%7C0%7C638488626264555825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=jWWE4k5WF3B2JRy3eWk9hTNp5%2BSIJD1JufIirZek9%2BI%3D&reserved=0
IP
104.47.1.28
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2024-04-27 10:29:23
Access
public
Website Title
Microsoft Defender for Office 365
Final URL
eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dwnxiiwurwodzaaaqie7.info%2F&data=05%7C02%7Cnicolas.michaux%40b-rail.be%7Ca25c5e962f4448f45f6708dc5e05cfc6%7C7919ea654c524980bfcdce7ffd32f1ea%7C0%7C0%7C638488626264555825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=jWWE4k5WF3B2JRy3eWk9hTNp5%2BSIJD1JufIirZek9%2BI%3D&reserved=0
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
eur01.safelinks.protection.outlook.com	51790	1994-08-18	2017-01-29	2024-04-26	3.7 kB	34 kB	104.47.0.28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	eur01.safelinks.protection.outlook.com/Content/Scripts/site.js	1.6 kB	2023-03-07	2024-05-08
Pretty URL eur01.safelinks.protection.outlook.com/Content/Scripts/site.js IP 104.47.2.28 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:59 Last Seen2024-05-08 21:14:46 Times Seen1935 Hash 3af1fdb9a3f664a6683d212f4787733a 59063d49b723a1988236c8d39c2804c6ebc5ff95 a9ce4840ff0d613b456081dea64e46eb717a1f8bfa5afb05d3bd058f294e416c Loading...

HTTP Transactions (5)

	URL	IP	Response	Size
	eur01.safelinks.protection.outlook.com/	104.47.0.28		11 B
URL eur01.safelinks.protection.outlook.com/ IP 104.47.0.28:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text, with no line terminators Size 11 B (11 bytes) Hash 825644f747baab2c00e420dbbc39e4b3 10588307553e766ab3c7d328d948dc6754893cef 7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa HTTP Headers `GET / HTTP/1.1 Host: eur01.safelinks.protection.outlook.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 400 Bad Request Cache-Control: private Content-Type: text/html Server: Microsoft-IIS/10.0 X-AspNetMvc-Version: 4.0 X-SL-GetUrlReputation-Verdict: Error SafelinksWebApiErrorCode: 400204 X-Robots-Tag: noindex, nofollow X-AspNet-Version: 4.0.30319 X-ServerName: HE1EUR01WS072 X-ServerVersion: 15.20.7519.021 X-ServerLat: 6 X-SafeLinks-Tracking-Id: 32e87421-7275-451f-8e1a-08dc66a4db23 X-Powered-By: ASP.NET X-Content-Type-Options: nosniff X-UA-Compatible: IE=Edge Date: Sat, 27 Apr 2024 10:29:01 GMT Connection: close Content-Length: 11

	eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dwnxiiwurwodzaaaqie7.info%2F&data=05%7C02%7Cnicolas.michaux%40b-rail.be%7Ca25c5e962f4448f45f6708dc5e05cfc6%7C7919ea654c524980bfcdce7ffd32f1ea%7C0%7C0%7C638488626264555825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=jWWE4k5WF3B2JRy3eWk9hTNp5%2BSIJD1JufIirZek9%2BI%3D&reserved=0	104.47.1.28	200 OK	3.3 kB
URL User Request GET HTTP/1.1 eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dwnxiiwurwodzaaaqie7.info%2F&data=05%7C02%7Cnicolas.michaux%40b-rail.be%7Ca25c5e962f4448f45f6708dc5e05cfc6%7C7919ea654c524980bfcdce7ffd32f1ea%7C0%7C0%7C638488626264555825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=jWWE4k5WF3B2JRy3eWk9hTNp5%2BSIJD1JufIirZek9%2BI%3D&reserved=0 IP 104.47.1.28:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Certificate IssuerDigiCert Inc Subject.safelinks.protection.outlook.com FingerprintCC:53:E3:CC:4D:02:3F:3F:4C:FD:84:C8:44:7C:57:A4:AF:B0:B9:96 ValidityTue, 30 Jan 2024 00:00:00 GMT - Thu, 30 Jan 2025 23:59:59 GMT File type HTML document, ASCII text, with very long lines (2130), with CRLF line terminators Size 3.3 kB (3347 bytes) Hash 3c4829bf9a1179be3f8ec609c2bfe9b3 b474bad66f8a3430410676106b4e83801e677adc 6847beb23968960c3f95be0e45b2bb863a592b3f1bdc0c010327f0f758c0c3af HTTP Headers GET /?url=https%3A%2F%2Fwww.dwnxiiwurwodzaaaqie7.info%2F&data=05%7C02%7Cnicolas.michaux%40b-rail.be%7Ca25c5e962f4448f45f6708dc5e05cfc6%7C7919ea654c524980bfcdce7ffd32f1ea%7C0%7C0%7C638488626264555825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=jWWE4k5WF3B2JRy3eWk9hTNp5%2BSIJD1JufIirZek9%2BI%3D&reserved=0 HTTP/1.1 Host: eur01.safelinks.protection.outlook.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Vary: Accept-Encoding Server: Microsoft-IIS/10.0 X-AspNetMvc-Version: 4.0 X-SL-GetUrlReputation-Verdict: Bad X-Robots-Tag: noindex, nofollow X-AspNet-Version: 4.0.30319 X-ServerName: VE1EUR01WS073 X-ServerVersion: 15.20.7544.018 X-ServerLat: 5007 X-SafeLinks-Tracking-Id: 80f67aab-5d00-4613-d57d-08dc66a4d96c X-Powered-By: ASP.NET X-Content-Type-Options: nosniff X-UA-Compatible: IE=Edge Date: Sat, 27 Apr 2024 10:29:03 GMT Connection: close Content-Length: 3347

	eur01.safelinks.protection.outlook.com/Content/Scripts/safelinksv2.css	104.47.2.28	200 OK	1.1 kB
URL GET HTTP/1.1 eur01.safelinks.protection.outlook.com/Content/Scripts/safelinksv2.css IP 104.47.2.28:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dwnxiiwurwodzaaaqie7.info%2F&data=05%7C02%7Cnicolas.michaux%40b-rail.be%7Ca25c5e962f4448f45f6708dc5e05cfc6%7C7919ea654c524980bfcdce7ffd32f1ea%7C0%7C0%7C638488626264555825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=jWWE4k5WF3B2JRy3eWk9hTNp5%2BSIJD1JufIirZek9%2BI%3D&reserved=0 Certificate IssuerDigiCert Inc Subject.safelinks.protection.outlook.com FingerprintCC:53:E3:CC:4D:02:3F:3F:4C:FD:84:C8:44:7C:57:A4:AF:B0:B9:96 ValidityTue, 30 Jan 2024 00:00:00 GMT - Thu, 30 Jan 2025 23:59:59 GMT File type ASCII text, with CRLF line terminators Size 1.1 kB (1142 bytes) Hash bbad95c4a0be4e5775b7d5b409fbf602 fad598750b15c207dfef6e1fea3c072baeac2b66 41f78d15ae18c36b84c819d9af3511c342c180f0aba8f91dc1ccf4046b56b308 HTTP Headers GET /Content/Scripts/safelinksv2.css HTTP/1.1 Host: eur01.safelinks.protection.outlook.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dwnxiiwurwodzaaaqie7.info%2F&data=05%7C02%7Cnicolas.michaux%40b-rail.be%7Ca25c5e962f4448f45f6708dc5e05cfc6%7C7919ea654c524980bfcdce7ffd32f1ea%7C0%7C0%7C638488626264555825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=jWWE4k5WF3B2JRy3eWk9hTNp5%2BSIJD1JufIirZek9%2BI%3D&reserved=0 DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: text/css Content-Encoding: gzip Last-Modified: Sun, 21 Apr 2024 09:59:18 GMT Accept-Ranges: bytes ETag: "05f793d293da1:0" Vary: Accept-Encoding Server: Microsoft-IIS/10.0 X-ServerName: DB5EUR01WS048 X-ServerVersion: 15.20.7519.020 X-ServerLat: 1 X-SafeLinks-Tracking-Id: f4b13b52-5f6f-4419-f8d2-08dc66a4dca8 X-Powered-By: ASP.NET X-Content-Type-Options: nosniff X-UA-Compatible: IE=Edge Date: Sat, 27 Apr 2024 10:29:03 GMT Connection: close Content-Length: 1142`

	eur01.safelinks.protection.outlook.com/Content/Scripts/site.js	104.47.2.28	200 OK	854 B
URL GET HTTP/1.1 eur01.safelinks.protection.outlook.com/Content/Scripts/site.js IP 104.47.2.28:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dwnxiiwurwodzaaaqie7.info%2F&data=05%7C02%7Cnicolas.michaux%40b-rail.be%7Ca25c5e962f4448f45f6708dc5e05cfc6%7C7919ea654c524980bfcdce7ffd32f1ea%7C0%7C0%7C638488626264555825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=jWWE4k5WF3B2JRy3eWk9hTNp5%2BSIJD1JufIirZek9%2BI%3D&reserved=0 Certificate IssuerDigiCert Inc Subject.safelinks.protection.outlook.com FingerprintCC:53:E3:CC:4D:02:3F:3F:4C:FD:84:C8:44:7C:57:A4:AF:B0:B9:96 ValidityTue, 30 Jan 2024 00:00:00 GMT - Thu, 30 Jan 2025 23:59:59 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 854 B (854 bytes) Hash 3af1fdb9a3f664a6683d212f4787733a 59063d49b723a1988236c8d39c2804c6ebc5ff95 a9ce4840ff0d613b456081dea64e46eb717a1f8bfa5afb05d3bd058f294e416c HTTP Headers GET /Content/Scripts/site.js HTTP/1.1 Host: eur01.safelinks.protection.outlook.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dwnxiiwurwodzaaaqie7.info%2F&data=05%7C02%7Cnicolas.michaux%40b-rail.be%7Ca25c5e962f4448f45f6708dc5e05cfc6%7C7919ea654c524980bfcdce7ffd32f1ea%7C0%7C0%7C638488626264555825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=jWWE4k5WF3B2JRy3eWk9hTNp5%2BSIJD1JufIirZek9%2BI%3D&reserved=0 DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Content-Type: application/javascript Content-Encoding: gzip Last-Modified: Mon, 15 Apr 2024 04:39:14 GMT Accept-Ranges: bytes ETag: "0513deee8eda1:0" Vary: Accept-Encoding Server: Microsoft-IIS/10.0 X-ServerName: DB5EUR01WS151 X-ServerVersion: 15.20.7495.019 X-ServerLat: 1 X-SafeLinks-Tracking-Id: 8b389889-d94e-4ff0-14eb-08dc66a4dcaa X-Powered-By: ASP.NET X-Content-Type-Options: nosniff X-UA-Compatible: IE=Edge Date: Sat, 27 Apr 2024 10:29:03 GMT Connection: close Content-Length: 854

	eur01.safelinks.protection.outlook.com/Content/images/cross.png	104.47.2.28	200 OK	26 kB
URL GET HTTP/1.1 eur01.safelinks.protection.outlook.com/Content/images/cross.png IP 104.47.2.28:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dwnxiiwurwodzaaaqie7.info%2F&data=05%7C02%7Cnicolas.michaux%40b-rail.be%7Ca25c5e962f4448f45f6708dc5e05cfc6%7C7919ea654c524980bfcdce7ffd32f1ea%7C0%7C0%7C638488626264555825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=jWWE4k5WF3B2JRy3eWk9hTNp5%2BSIJD1JufIirZek9%2BI%3D&reserved=0 Certificate IssuerDigiCert Inc Subject.safelinks.protection.outlook.com FingerprintCC:53:E3:CC:4D:02:3F:3F:4C:FD:84:C8:44:7C:57:A4:AF:B0:B9:96 ValidityTue, 30 Jan 2024 00:00:00 GMT - Thu, 30 Jan 2025 23:59:59 GMT File type PNG image data, 186 x 200, 8-bit/color RGBA, non-interlaced Size 26 kB (25664 bytes) Hash ff4fedb556605288fec259ee6b8d5981 bbc525ab65e54999044f14ff8f31cf25eedb7754 2809b6f62dc341d238f02c33c7347a7ba714f10b6f075bdd39a1cd7c68ce9807 HTTP Headers GET /Content/images/cross.png HTTP/1.1 Host: eur01.safelinks.protection.outlook.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.dwnxiiwurwodzaaaqie7.info%2F&data=05%7C02%7Cnicolas.michaux%40b-rail.be%7Ca25c5e962f4448f45f6708dc5e05cfc6%7C7919ea654c524980bfcdce7ffd32f1ea%7C0%7C0%7C638488626264555825%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C40000%7C%7C%7C&sdata=jWWE4k5WF3B2JRy3eWk9hTNp5%2BSIJD1JufIirZek9%2BI%3D&reserved=0 DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: image/png Last-Modified: Tue, 23 Apr 2024 18:45:10 GMT Accept-Ranges: bytes ETag: "0ff4f5eae95da1:0" Server: Microsoft-IIS/10.0 X-ServerName: DB5EUR01WS171 X-ServerVersion: 15.20.7519.025 X-ServerLat: 1 X-SafeLinks-Tracking-Id: a588992e-2fc8-4068-7449-08dc66a4dcb2 X-Powered-By: ASP.NET X-Content-Type-Options: nosniff X-UA-Compatible: IE=Edge Date: Sat, 27 Apr 2024 10:29:04 GMT Connection: close Content-Length: 25664`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers