back7723.z13.web.core.windows.net
Open in
urlscan Pro
20.209.1.4
Malicious Activity!
Public Scan
Submission: On March 28 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Microsoft RSA TLS CA 02 on March 22nd 2023. Valid for: a year.
This is the only time back7723.z13.web.core.windows.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
36 | 20.209.1.4 20.209.1.4 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::2008 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:829::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
41 | 4 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
back7723.z13.web.core.windows.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
36 |
windows.net
back7723.z13.web.core.windows.net |
2 MB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25 |
20 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 783 |
66 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
44 KB |
41 | 4 |
Domain | Requested by | |
---|---|---|
36 | back7723.z13.web.core.windows.net |
back7723.z13.web.core.windows.net
|
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
1 | maxcdn.bootstrapcdn.com |
back7723.z13.web.core.windows.net
|
1 | www.googletagmanager.com |
back7723.z13.web.core.windows.net
|
41 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.web.core.windows.net Microsoft RSA TLS CA 02 |
2023-03-22 - 2024-03-22 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://back7723.z13.web.core.windows.net/?gclid=EAIaIQobChMImOuXrc78_QIVfMmUCR0m4Ag7EAAYAiAAEgKxQ_D_BwE
Frame ID: 4A484AB263CD8D7BC969D04E4EEAB377
Requests: 41 HTTP requests in this frame
Screenshot
Page Title
Security Center Code0x268d3 Er07Services7864Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
41 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
back7723.z13.web.core.windows.net/ |
26 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
back7723.z13.web.core.windows.net/assets/css/ |
157 KB 158 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
back7723.z13.web.core.windows.net/assets/js/ |
82 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
back7723.z13.web.core.windows.net/ |
12 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
back7723.z13.web.core.windows.net/assets/css/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
113 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background-suck.png
back7723.z13.web.core.windows.net/ |
652 KB 653 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
control.jpg
back7723.z13.web.core.windows.net/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m-error-top.png
back7723.z13.web.core.windows.net/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
setting.png
back7723.z13.web.core.windows.net/ |
364 B 734 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
que.png
back7723.z13.web.core.windows.net/ |
349 B 719 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
item-set.png
back7723.z13.web.core.windows.net/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bell.png
back7723.z13.web.core.windows.net/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pc.png
back7723.z13.web.core.windows.net/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dic1.png
back7723.z13.web.core.windows.net/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dic2.png
back7723.z13.web.core.windows.net/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dic3.png
back7723.z13.web.core.windows.net/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m-error-bottom.png
back7723.z13.web.core.windows.net/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
def.png
back7723.z13.web.core.windows.net/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cross.png
back7723.z13.web.core.windows.net/ |
43 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top1.png
back7723.z13.web.core.windows.net/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top2.png
back7723.z13.web.core.windows.net/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
meet-images.jpg
back7723.z13.web.core.windows.net/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
text1.png
back7723.z13.web.core.windows.net/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c1.png
back7723.z13.web.core.windows.net/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c2.png
back7723.z13.web.core.windows.net/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m-error.png
back7723.z13.web.core.windows.net/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr.min.js
back7723.z13.web.core.windows.net/assets/js/ |
11 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.bundle.min.js
back7723.z13.web.core.windows.net/assets/js/ |
82 KB 82 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fullscreen.js
back7723.z13.web.core.windows.net/ |
245 B 621 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
before.js
back7723.z13.web.core.windows.net/ |
366 B 742 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
back7723.z13.web.core.windows.net/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
light.js
back7723.z13.web.core.windows.net/ |
503 B 879 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m1.jpg
back7723.z13.web.core.windows.net/ |
217 KB 217 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0wa0rni0ng0.mp3
back7723.z13.web.core.windows.net/ |
8 KB 9 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wa0lDErtm0s.mp3
back7723.z13.web.core.windows.net/ |
196 KB 197 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 219 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
table.jpg
back7723.z13.web.core.windows.net/ |
66 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ |
65 KB 66 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| getVariableFromURl string| phone string| phone_number string| phone_number2 function| gtag object| dataLayer object| html5 object| Modernizr object| bootstrap object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| addEvent object| modal object| btn undefined| span object| gaplugins object| gaGlobal object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.windows.net/ | Name: _ga Value: GA1.2.1818192261.1680033404 |
|
.windows.net/ | Name: _gid Value: GA1.2.1629114190.1680033404 |
|
.windows.net/ | Name: _gac_UA-175474553-2 Value: 1.1680033404.EAIaIQobChMImOuXrc78_QIVfMmUCR0m4Ag7EAAYAiAAEgKxQ_D_BwE |
|
.windows.net/ | Name: _gat_gtag_UA_175474553_2 Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
back7723.z13.web.core.windows.net
maxcdn.bootstrapcdn.com
www.google-analytics.com
www.googletagmanager.com
20.209.1.4
2606:4700::6812:acf
2a00:1450:4001:827::2008
2a00:1450:4001:829::200e
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
130c20dc1ccd53d62bca74cf0c133188ca7b6e0a4530ea8d9c34e9caa48c71cd
298ed539220f4e885b35ef48194cee363f55c80501f2e4a132855b191189fbc6
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49
31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
3385c233c6be49bb2a756668fda6b33520836238080c354c50a883481db7afc0
3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701
3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887
42200afedd1bb515bac6942e5468510fe4edb6b5cdc47faadd11931903f16888
43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0
60606fba7358e67429449a2dab960459e156535a53344ac67b66330e424c62c8
6256a708928a53c640886d44955902023145eae40d0843f377c30bd8ffe69857
6398a9d8ad71194534ce91586ca298ac4f192518c07cc1b33f179af8c5590ba5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de915e2906c670d44e135896a4b0b141e5a058d02815bb704d6b766a732a8a8
8143b1deb3c16342bdaa23fd0e709a20345332ed49bdde5e87e08d78cec2dc33
8195905ab9eb8e03c54768687e667ac65db0b7444adeec1774274eba6a1c19fc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95cf11f0ac502c28a94ac6a7b2ea2889faf6e74d79a8be506505f1b1f0343806
9c0e4b219a100a5e5612344685f4bb9098da5729a87c007f75cc0598cd1d7a20
a05245b6f7fd752af4a7b0131bbdfdf3eaee6c5a25a81cb498e0f0759189473c
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e
be8b34c5a1dcbd12edc57c03a2dae0b84cca56439529af5c842eb800469a5d90
c5c1e83efb5c5f0a9744b63b6fc78ca41b2f24f3ae467ec7259aa92f58267c71
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d3176346bd3447d9a85644ac1eecaaa1316beda39c0e25bd2780eb9da85ecf71
d4bdfa845403c726a27180932767c2d5461d4ecd9ed276c5a9577b47298e9adb
dad8a8c717f99d4aea772e30651633122095ec7dc1e299f6f534ff6205b9d793
dafa05cda9de838b1e4677ed371b4be2290140fa5aba16d40dc7bd3a88dc9b69
de977d942df185e0c934a72e46ddbbb59097fcdff9257afe2758a828f2826d6b
e92cc6b142ee1ebaaa637b7de230d2b3e81cdb685b4b8ee53f587a3b35dff1d6
eb980646896184e6506e6d1d3a59cb8b02d9f23897b50b543b233921a7df6917
f3c687e8de6730a0442c86e5667492ee74f365a5562d13e37e660b1b25b68ea0
fbf3ae239d50235b1be591670ebee1b5daa9f64b5ca18d0aaea345b9513c2512
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995