www.bingads04.xyz
Open in
urlscan Pro
45.33.12.240
Malicious Activity!
Public Scan
Submission: On July 15 via manual from JP
Summary
This is the only time www.bingads04.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 45.33.12.240 45.33.12.240 | 63949 (LINODE-AP...) (LINODE-AP Linode) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::200a | 15169 (GOOGLE) (GOOGLE) | |
11 | 5 |
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li966-240.members.linode.com
www.bingads04.xyz |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
bingads04.xyz
www.bingads04.xyz |
96 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
1 |
googleapis.com
ajax.googleapis.com |
33 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
33 KB |
11 | 4 |
Domain | Requested by | |
---|---|---|
7 | www.bingads04.xyz |
www.bingads04.xyz
|
2 | www.google-analytics.com |
www.googletagmanager.com
|
1 | ajax.googleapis.com |
www.bingads04.xyz
|
1 | www.googletagmanager.com |
www.bingads04.xyz
|
11 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.bingads04.xyz/a20287/20200715/us/static/peter333.php?sub=234319880118&tel=&utm_source=&utm_medium=
Frame ID: 0C8292469142BC6FEAF9D633187B7889
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
peter333.php
www.bingads04.xyz/a20287/20200715/us/static/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zepto.min.js
www.bingads04.xyz/a20287/20200715/us/static/js22/ |
25 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base64.min.js
www.bingads04.xyz/a20287/20200715/us/static/js22/ |
871 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
85 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
source.php
www.bingads04.xyz/a20287/20200715/us/static/ |
60 KB 21 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 105 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.2/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
defender.png
www.bingads04.xyz/a20287/20200715/us/static/files/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
467 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.mp3
www.bingads04.xyz/a20287/20200715/us/static/files/ |
99 KB 0 |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
song.mp3
www.bingads04.xyz/a20287/20200715/us/static/files/ |
49 KB 50 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer)37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| Zepto function| $ function| b64DecodeUnicode function| getQueryString function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| jQuery object| _0x4797 object| _0xf4d2 string| stroka string| urrl object| _0x5759 function| openBrowser function| toggleFullScreen object| _0x2bf1 object| _0x2290 object| _0x80f8 object| _0xda4c object| _0x4b34 function| makeNewPosition function| animateDiv function| calcSpeed object| _0xc711 function| nocontextmenu function| norightclick object| _0x96ec string| params object| _0xa5f6 function| confirmExit object| target3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bingads04.xyz/ | Name: _gat_gtag_UA_149868268_3 Value: 1 |
|
.bingads04.xyz/ | Name: _gid Value: GA1.2.1764536527.1594787787 |
|
.bingads04.xyz/ | Name: _ga Value: GA1.2.1559022716.1594787787 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
www.bingads04.xyz
www.google-analytics.com
www.googletagmanager.com
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:818::200a
45.33.12.240
2a18747c129c3b944b63c3a10a8f47d64167f617f65260b4a511e8e8b9e5c6c0
483fb57549d82a7dfe9852d011ab255b78028052bbf9a6f2247ead7c8c858141
4c833a30edf2345e0bbf0f80d572c4cb2fea8875b83008d00a3248a888472b26
534005da6673059024215f36a4cab983faa7041190223bba39edd845f9445bc1
59b1b0e0dda3abbfdedb60f066d9532cb91c60ee15ff1ebebae04eecb7305101
7ce2ae13d717596ff63a6d0694e87f94d96246a2d5fa7d8d153fb17af7d0d42d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95914789b5f3307a3718679e867d61b9d4c03f749cd2e2970570331d7d6c8ed9
a5dc0e731d94fdfeea1a6985483137275b63e6b1e4902f8c59611eb0fa6c802c
e094daff39a7fadab01be75eb3652905ff64fd5c67ba4b10929e9845abbf7b72
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955