![](/screenshots/1e8f7437-cc6f-447b-a95f-65cece9219ee.png)
y22egi2qiuigiuf1d.z13.web.core.windows.net
Open in
urlscan Pro
20.209.41.14
Malicious Activity!
Public Scan
Effective URL: https://y22egi2qiuigiuf1d.z13.web.core.windows.net/?phone=09-70-18-92-45
Submission: On April 23 via manual from FR — Scanned from FR
Summary
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on April 4th 2024. Valid for: a year.
This is the only time y22egi2qiuigiuf1d.z13.web.core.windows.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 20.209.41.14 20.209.41.14 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 104.16.89.20 104.16.89.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.18.10.207 104.18.10.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
27 | 4 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
y22egi2qiuigiuf1d.z13.web.core.windows.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
windows.net
y22egi2qiuigiuf1d.z13.web.core.windows.net |
392 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1139 |
72 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
31 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320 |
48 KB |
27 | 4 |
Domain | Requested by | |
---|---|---|
21 | y22egi2qiuigiuf1d.z13.web.core.windows.net |
y22egi2qiuigiuf1d.z13.web.core.windows.net
|
2 | maxcdn.bootstrapcdn.com |
y22egi2qiuigiuf1d.z13.web.core.windows.net
maxcdn.bootstrapcdn.com |
2 | cdnjs.cloudflare.com |
y22egi2qiuigiuf1d.z13.web.core.windows.net
|
2 | cdn.jsdelivr.net |
y22egi2qiuigiuf1d.z13.web.core.windows.net
|
27 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.web.core.windows.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-04-04 - 2025-03-30 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-03-27 - 2024-06-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://y22egi2qiuigiuf1d.z13.web.core.windows.net/?phone=09-70-18-92-45
Frame ID: F307C0A1FF8159694A0F56B11741EDF6
Requests: 27 HTTP requests in this frame
Screenshot
![](/screenshots/1e8f7437-cc6f-447b-a95f-65cece9219ee.png)
Page Title
Pare-feu Windows Code0x268d3Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
45 KB 45 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ |
158 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ |
82 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
11 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.png
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
223 KB 224 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
minimize.jpg
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mi.png
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
700 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
setting.png
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
364 B 734 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
que.png
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
349 B 719 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vircan.png
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bell.png
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pc.png
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
def.png
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cross.png
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
43 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
virimages.jpg
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ |
82 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fullscreen.js
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
245 B 621 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
before.js
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
366 B 742 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
al.js
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
4 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
am2.mp3
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
48 KB 0 |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
am2.mp3
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
11 KB 12 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
am2.mp3
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
79 KB 0 |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
y22egi2qiuigiuf1d.z13.web.core.windows.net/ |
321 B 629 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ |
65 KB 66 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer)41 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| _0x191e function| _0x7b7b function| getPhoneNom function| _0x29fd69 function| _0x2ffa function| _0x22e1 string| phone function| _0x340fbf function| _0x2553 function| _0x4fbc function| _0x79d9 function| _0x4fc755 function| _0x1668 function| _0x417f67 string| phone_number function| _0x1828 function| _0x2210 object| html5 object| Modernizr object| bootstrap function| _0x1b74 function| _0x1cd9 function| _0x17c7 function| _0x517c function| _0x3a2740 function| _0x4a436e function| _0x2314 function| _0x5b78 function| _0x5f5025 function| _0x3f4e function| _0x5659 function| _0x4e9a function| _0x158710 function| _0x5982 function| _0x19ea function| _0x2a24 function| _0x307970 function| _0x4244 function| _0xd5770 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
maxcdn.bootstrapcdn.com
y22egi2qiuigiuf1d.z13.web.core.windows.net
104.16.89.20
104.17.25.14
104.18.10.207
20.209.41.14
0d3d36645ffc457b43e604a6e0e0dfde2b9d7eef5cbe9e179b2d30a05483ae2b
1bd36ba9b88386c18cf78c3459698529b209a9e9a9ff7b358a199ac5eed6acc3
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49
31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701
3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887
43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0
67ac0a6a66d28a56e971a3c98e25e5363594031a41601c65ccf3fcb3176629c2
6ea96fa56c80b9d8204465a15a50f12f683d8c7705c7ed8ae6772e5c1a149e46
7f2698155d7918b6816034e0e8c490d4e5bc050532a57b78e8b5da32601167de
81e528ea37468236da238a66c1539207d5eca2db4dbeb429bb0e67b80f04a9bb
a05245b6f7fd752af4a7b0131bbdfdf3eaee6c5a25a81cb498e0f0759189473c
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
dd0d394c611d91dbd99f816c3de44dbf9a23e2cec5256f8a8a515e55bc4fb538
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
fd4a886c1bf3cccc3bf95e2c6c16760982df04a9602273428ba5279855590834
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995