144.202.52.22
Open in
urlscan Pro
144.202.52.22
Malicious Activity!
Public Scan
Effective URL: http://144.202.52.22/code8555/chrome_mac/
Submission: On August 24 via manual from US
Summary
This is the only time 144.202.52.22 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer) Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 52.166.113.188 52.166.113.188 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
2 19 | 144.202.52.22 144.202.52.22 | 20473 (AS-CHOOPA) (AS-CHOOPA - Choopa) | |
2 | 2a00:1450:400... 2a00:1450:4001:81a::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
19 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
wordplacegiftt.azurewebsites.net |
ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 144.202.52.22.vultr.com
144.202.52.22 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
google-analytics.com
www.google-analytics.com |
14 KB |
2 |
azurewebsites.net
2 redirects
wordplacegiftt.azurewebsites.net |
558 B |
0 |
Failed
function sub() { [native code] }. Failed |
|
19 | 3 |
Domain | Requested by | |
---|---|---|
2 | www.google-analytics.com |
144.202.52.22
|
2 | wordplacegiftt.azurewebsites.net | 2 redirects |
0 | truncated Failed |
144.202.52.22
|
19 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google-analytics.com Google Internet Authority G3 |
2018-08-07 - 2018-10-16 |
2 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://144.202.52.22/code8555/chrome_mac/
Frame ID: 1258D7E593C074982244FA722BE5FD2B
Requests: 20 HTTP requests in this frame
Frame:
http://144.202.52.22/code8555/chrome_mac/chrome-assests/a.html
Frame ID: A96E105FC56B48F2C2605C9F976BC72D
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://wordplacegiftt.azurewebsites.net/
HTTP 301
https://wordplacegiftt.azurewebsites.net/ HTTP 302
http://144.202.52.22/code8555 HTTP 301
http://144.202.52.22/code8555/ HTTP 302
http://144.202.52.22/code8555/chrome_mac/ Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://wordplacegiftt.azurewebsites.net/
HTTP 301
https://wordplacegiftt.azurewebsites.net/ HTTP 302
http://144.202.52.22/code8555 HTTP 301
http://144.202.52.22/code8555/ HTTP 302
http://144.202.52.22/code8555/chrome_mac/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- http://www.google-analytics.com/analytics.js HTTP 307
- https://www.google-analytics.com/analytics.js
- http://www.google-analytics.com/r/collect?v=1&_v=j68&a=820242199&t=pageview&_s=1&dl=http%3A%2F%2F144.202.52.22%2Fcode8555%2Fchrome_mac%2F&ul=en-us&de=UTF-8&dt=Mac%20Official%20Support&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=724790523&gjid=508974922&cid=1103461164.1535134852&tid=UA-123956263-1&_gid=215345004.1535134852&_r=1&z=1407332024 HTTP 307
- https://www.google-analytics.com/r/collect?v=1&_v=j68&a=820242199&t=pageview&_s=1&dl=http%3A%2F%2F144.202.52.22%2Fcode8555%2Fchrome_mac%2F&ul=en-us&de=UTF-8&dt=Mac%20Official%20Support&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=724790523&gjid=508974922&cid=1103461164.1535134852&tid=UA-123956263-1&_gid=215345004.1535134852&_r=1&z=1407332024
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
144.202.52.22/code8555/chrome_mac/ Redirect Chain
|
125 KB 73 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
144.202.52.22/code8555/chrome_mac/chrome-assests/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
144.202.52.22/code8555/chrome_mac/chrome-assests/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
translator.css
144.202.52.22/code8555/chrome_mac/chrome-assests/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alert.css
144.202.52.22/code8555/chrome_mac/chrome-assests/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
retreaver.js
144.202.52.22/code8555/chrome_mac/chrome-assests/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.js
144.202.52.22/code8555/chrome_mac/chrome-assests/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe.js
144.202.52.22/code8555/chrome_mac/chrome-assests/ |
726 B 923 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
download-btn.png
144.202.52.22/support.apple.com/library/content/dam/edam/applecare/images/en_US/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v1.png
144.202.52.22/code8555/chrome_mac/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ Redirect Chain
|
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.html
144.202.52.22/code8555/chrome_mac/chrome-assests/ Frame A96E |
97 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
truncated
/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
992 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
144.202.52.22/code8555/chrome_mac/ |
22 KB 22 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.svg
144.202.52.22/code8555/chrome_mac/chrome-assests/ |
659 B 828 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glyphicons-halflings-regular-2.html
144.202.52.22/code8555/chrome_mac/fonts/ |
97 KB 24 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gb.mp3
144.202.52.22/code8555/chrome_mac/chrome-assests/ |
99 KB 0 |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
www.google-analytics.com/r/ Redirect Chain
|
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame A96E |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame A96E |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glyphicons-halflings-regular-3.html
144.202.52.22/code8555/chrome_mac/fonts/ |
97 KB 24 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glyphicons-halflings-regular-4.html
144.202.52.22/code8555/chrome_mac/fonts/ |
97 KB 24 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- truncated
- URL
- data:truncated
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer) Microsoft (Consumer)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| GoogleAnalyticsObject function| ga object| Retreaver object| Callpixels function| $ function| jQuery string| stroka function| toggleFullScreen function| nocontextmenu function| norightclick object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
144.202.52.22/ | Name: _gid Value: GA1.1.215345004.1535134852 |
|
144.202.52.22/ | Name: _gat Value: 1 |
|
144.202.52.22/ | Name: _ga Value: GA1.1.1103461164.1535134852 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
truncated
wordplacegiftt.azurewebsites.net
www.google-analytics.com
truncated
144.202.52.22
2a00:1450:4001:81a::200e
52.166.113.188
100a135d8e7d5ebf1fe83b0b16da1d8d8b2321acdc4d5c24a1f9a7df53b23cf1
1257bf3ff800c9ce0da27dcea3a6c2ec4871de33d251f127eb915c3c1b47822b
1df324e2e5fec9e25807932a3d018da672992b1722deca795fd592dfe532b5ab
259b5883ae39da20e5fedd8d5b048391c4dc261d4aee3522bac32f8ec444a335
2b9c6ade0b28f240327b929a25393f89d523903ed5de9530e561d029bb2e07da
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
430bc33c5735eef5ab8bef6a1955cf8f9d543a4854e8307d95cc14670d73705c
48010fcadf4c999580ea6936ea80b252385534b81458dcdedd84e65547a77940
57ad0bb9a33a3bfc0bb5cbc825d88083a57ff1a30381ff0d3681eb7c02193442
6101cdee96a9cfc3a2003cd9eef80bda4138959a400d4dae943f8389f6157b8e
6651d6837476ed2f8eb3cb8c605cbf6994214b9f4e8fcc4ee2eb257d2e10e21a
71a861100e206eeee88876cd5313553e0fdc07046cce33a1a96b96d9485070e1
74c10f002bcb3114f91fcb53853d96638782195d0fe6ec1b683f6fd1a77ca37c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c9e5edde6feef31c5a51ddeb2c54f929680609a9a9e38e7a752e6f0ad172238
9f969dff55165e37ba17a37e048ea4f41bccccc204b1d4999dfcb8ae4e12c2ce
a9d09399f45f1ca779a31d0ea4e95c0ea880973eaba27338a91ec0211fdf7341
ab1a713e14573045f204bdc49133b099faa3bec852b43bbb0ce01f988b8e459c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5452605f73500be0f49d074c3376ced082839644fd4c96e4bd0cfed1a85fbbe