uuj3-secondary.z8.web.core.windows.net
Open in
urlscan Pro
52.239.133.193
Malicious Activity!
Public Scan
Effective URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Submission: On May 14 via api from US — Scanned from CH
Summary
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on April 16th 2024. Valid for: a year.
This is the only time uuj3-secondary.z8.web.core.windows.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.157.24.8 54.157.24.8 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 72.52.179.174 72.52.179.174 | 32244 (LIQUIDWEB) (LIQUIDWEB) | |
1 2 | 3.33.192.145 3.33.192.145 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 130.211.29.114 130.211.29.114 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 1 | 173.239.53.32 173.239.53.32 | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET) | |
1 1 | 172.67.142.136 172.67.142.136 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
25 | 52.239.133.193 52.239.133.193 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 35.241.15.240 35.241.15.240 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 | 142.250.184.200 142.250.184.200 | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.130.137 151.101.130.137 | 54113 (FASTLY) (FASTLY) | |
1 | 195.201.57.90 195.201.57.90 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 216.239.32.36 216.239.32.36 | 15169 (GOOGLE) (GOOGLE) | |
37 | 10 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-24-8.compute-1.amazonaws.com
thissubdomainshouldonlyresolveifwildcard.lidle.ch |
ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com
platdom-1.online |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
uuj3-secondary.z8.web.core.windows.net |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.90.57.201.195.clients.your-server.de
ipwho.is |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
windows.net
uuj3-secondary.z8.web.core.windows.net |
618 KB |
3 |
perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 22544 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 9249 |
90 KB |
3 |
lidle.ch
1 redirects
thissubdomainshouldonlyresolveifwildcard.lidle.ch ww99.lidle.ch |
4 KB |
2 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533 |
316 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
97 KB |
2 |
platdom-1.online
1 redirects
platdom-1.online — Cisco Umbrella Rank: 370994 |
1 KB |
1 |
ipwho.is
ipwho.is — Cisco Umbrella Rank: 66680 |
965 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 776 |
27 KB |
1 |
datevane.com
1 redirects
datevane.com |
467 B |
1 |
clouback-2.online
1 redirects
xml-v4.clouback-2.online |
491 B |
37 | 10 |
Domain | Requested by | |
---|---|---|
25 | uuj3-secondary.z8.web.core.windows.net |
platdom-1.online
uuj3-secondary.z8.web.core.windows.net |
2 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | www.googletagmanager.com |
uuj3-secondary.z8.web.core.windows.net
|
2 | cas.avalon.perfdrive.com |
cdn.perfdrive.com
|
2 | platdom-1.online |
1 redirects
ww99.lidle.ch
|
2 | ww99.lidle.ch |
ww99.lidle.ch
|
1 | ipwho.is |
uuj3-secondary.z8.web.core.windows.net
|
1 | code.jquery.com |
uuj3-secondary.z8.web.core.windows.net
|
1 | datevane.com | 1 redirects |
1 | xml-v4.clouback-2.online | 1 redirects |
1 | cdn.perfdrive.com |
platdom-1.online
|
1 | thissubdomainshouldonlyresolveifwildcard.lidle.ch | 1 redirects |
37 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
platdom-1.online Amazon RSA 2048 M02 |
2024-04-30 - 2025-05-29 |
a year | crt.sh |
*.perfdrive.com Go Daddy Secure Certificate Authority - G2 |
2023-09-21 - 2024-09-26 |
a year | crt.sh |
*.web.core.windows.net Microsoft Azure RSA TLS Issuing CA 03 |
2024-04-16 - 2025-04-11 |
a year | crt.sh |
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2 |
2023-07-24 - 2024-08-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
ipwho.is GoGetSSL ECC DV CA |
2024-03-13 - 2025-03-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Frame ID: B122AE2C9C2C2B4F687179919F65FB49
Requests: 38 HTTP requests in this frame
Screenshot
Page Title
Computer Err00r Code #B81TS100d83Page URL History Show full URLs
-
https://thissubdomainshouldonlyresolveifwildcard.lidle.ch/
HTTP 302
http://ww99.lidle.ch/ HTTP 307
https://ww99.lidle.ch/ HTTP 307
http://ww99.lidle.ch/ Page URL
- http://ww99.lidle.ch/page/bouncy.php?&bpae=GbhGdDsD4lx%2FjksT2d0i5BJj248r4x5BHlFQWYClbNs%2BA52rTb... Page URL
-
http://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W
HTTP 307
https://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W Page URL
-
https://platdom-1.online/api/v1/pxcheck?impId=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W&minfo=eyJjb29r...
HTTP 302
http://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0 HTTP 307
https://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0 HTTP 302
https://datevane.com/ms/?bid=0.05&conversion=CcgHhPUhx2E&source_subid=c44654220a43b9f753b2ffc8a&c... HTTP 302
https://uuj3-secondary.z8.web.core.windows.net/?bcda=00-1-808-470-2988 Page URL
- https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988 Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://thissubdomainshouldonlyresolveifwildcard.lidle.ch/
HTTP 302
http://ww99.lidle.ch/ HTTP 307
https://ww99.lidle.ch/ HTTP 307
http://ww99.lidle.ch/ Page URL
- http://ww99.lidle.ch/page/bouncy.php?&bpae=GbhGdDsD4lx%2FjksT2d0i5BJj248r4x5BHlFQWYClbNs%2BA52rTbnbvixQt9ZKw4b6UMhbX20cZ6xieAbBPS%2BS1zL3Iek3VBMxUQ1%2FNtTp9eFpzZFWk1TbZb4y9qY5BbozLEp2Jmkz0d9cOxV%2FgOzS3um37L%2Bj6FJs0QSamonLIFIEnMJMwcfES7uvtLrFvcmF19msAR1I%2FVIB13OIAjCc3Z8bTStNh8p2jMRkYmif2dM8Jb2dJTZ9u6UHB5%2BCUTCKn7VdZlYHXkfbgvrvVSsMHwfoHtzQWhciugfvB4YHcFLjhWQEH4hBVAKByw8qjuBgPh%2FwFccYXz1w66zIIh3%2FYr%2F5OiSvb4f1AEikHMf3wUf%2F%2FD90MS0H0A4SHOp2Y5hFMRT6ztsJPSOL7D6rzXmr6QboNOzT%2BBU4iORFBanVZL5Xke9mPYg0tANvJxU8p2Doc3sGtOdir%2FCxHQQwnXQ%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
-
http://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W
HTTP 307
https://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W Page URL
-
https://platdom-1.online/api/v1/pxcheck?impId=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaWZyYW1lIjpmYWxzZSwiZGV2aWNlUGl4ZWxSYXRpbyI6MSwid25kTG9jSHJlZiI6Imh0dHBzOi8vcGxhdGRvbS0xLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9eFA4TlFFZ1hoZmI1UFN5VVVtdGtkQXUyWElhOUtaUGhTY201REY2VyIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2UsImVmZmVjdGl2ZVR5cGUiOiI0ZyIsImlzQm90Ijoib2ZmIn0=
HTTP 302
http://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0 HTTP 307
https://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0 HTTP 302
https://datevane.com/ms/?bid=0.05&conversion=CcgHhPUhx2E&source_subid=c44654220a43b9f753b2ffc8a&campaign=1203156&search_referrer_domain=lidle.ch&query=lidle.ch&carrier=Iway&state=zh&banner=6124913&ip=145.40.212.228 HTTP 302
https://uuj3-secondary.z8.web.core.windows.net/?bcda=00-1-808-470-2988 Page URL
- https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://thissubdomainshouldonlyresolveifwildcard.lidle.ch/ HTTP 302
- http://ww99.lidle.ch/ HTTP 307
- https://ww99.lidle.ch/ HTTP 307
- http://ww99.lidle.ch/
- http://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W HTTP 307
- https://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W
- https://platdom-1.online/api/v1/pxcheck?impId=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaWZyYW1lIjpmYWxzZSwiZGV2aWNlUGl4ZWxSYXRpbyI6MSwid25kTG9jSHJlZiI6Imh0dHBzOi8vcGxhdGRvbS0xLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9eFA4TlFFZ1hoZmI1UFN5VVVtdGtkQXUyWElhOUtaUGhTY201REY2VyIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2UsImVmZmVjdGl2ZVR5cGUiOiI0ZyIsImlzQm90Ijoib2ZmIn0= HTTP 302
- http://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0 HTTP 307
- https://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0 HTTP 302
- https://datevane.com/ms/?bid=0.05&conversion=CcgHhPUhx2E&source_subid=c44654220a43b9f753b2ffc8a&campaign=1203156&search_referrer_domain=lidle.ch&query=lidle.ch&carrier=Iway&state=zh&banner=6124913&ip=145.40.212.228 HTTP 302
- https://uuj3-secondary.z8.web.core.windows.net/?bcda=00-1-808-470-2988
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
ww99.lidle.ch/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bouncy.php
ww99.lidle.ch/page/ |
766 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px
platdom-1.online/api/v1/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stormcaster.js
cdn.perfdrive.com/advanced/ |
237 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
uuj3-secondary.z8.web.core.windows.net/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
jsdata
cas.avalon.perfdrive.com/ |
360 B 423 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
jsdata
cas.avalon.perfdrive.com/ |
255 B 409 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
19 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
285 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tapa.css
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
18 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.4.4.min.js
code.jquery.com/ |
77 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
452 KB 452 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mnc.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
187 B 557 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
msmm.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
168 B 538 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
set.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
364 B 734 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vsc.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
722 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bx1.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
97 KB 97 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bel.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
276 B 646 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pcm.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dm.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
332 B 702 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
re.gif
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
14 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nvidia.js
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jupiter.js
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
503 B 879 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscode.js
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
285 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ipwho.is/ |
693 B 965 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
349 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mnc.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
187 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
msmm.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
168 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
set.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
364 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vsc.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
722 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Fm7-alert.wav
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
320 KB 0 |
Media
audio/wav |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 262 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ai2.mp3
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
321 B 629 B |
Media
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Fm7-alert.wav
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
16 KB 0 |
Media
audio/wav |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
msmm.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ |
168 B 0 |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| gtag object| dataLayer function| $ function| jQuery object| t function| jkdhasjkhdgwqhgehkqgweyuodq string| bcda object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| ipadd string| city string| country string| isp string| currtime function| toggleFullScreen function| addEvent function| getQueryParam10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.platdom-1.online/ | Name: __ssds Value: 2 |
|
.platdom-1.online/ | Name: __ssuzjsr2 Value: a9be0cd8e |
|
.platdom-1.online/ | Name: __uzmaj2 Value: 4d25d056-5d09-4896-89f5-964b1621f68a |
|
.platdom-1.online/ | Name: __uzmbj2 Value: 1715674851 |
|
.platdom-1.online/ | Name: __uzmcj2 Value: 209481057902 |
|
.platdom-1.online/ | Name: __uzmdj2 Value: 1715674851 |
|
.platdom-1.online/ | Name: __uzmlj2 Value: T2E7U5GW9VRriHRgRSrjU9YkEIcaAuVohNpLSAMo8cs= |
|
.platdom-1.online/ | Name: __uzmfj2 Value: 7f600051670bfe-b8a8-44ae-bb8a-45d8e6daa0ab17156748512450-8166de50c3b7290410 |
|
.windows.net/ | Name: _ga Value: GA1.1.347552170.1715674855 |
|
.windows.net/ | Name: _ga_GZ2WHBX513 Value: GS1.1.1715674854.1.1.1715674854.0.0.0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cas.avalon.perfdrive.com
cdn.perfdrive.com
code.jquery.com
datevane.com
ipwho.is
platdom-1.online
region1.google-analytics.com
thissubdomainshouldonlyresolveifwildcard.lidle.ch
uuj3-secondary.z8.web.core.windows.net
ww99.lidle.ch
www.googletagmanager.com
xml-v4.clouback-2.online
130.211.29.114
142.250.184.200
151.101.130.137
172.67.142.136
173.239.53.32
195.201.57.90
216.239.32.36
3.33.192.145
35.241.15.240
52.239.133.193
54.157.24.8
72.52.179.174
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115
272dacb99e8bba5bb2d9202883cb687c5a3b8cd1c71d940df619ae886eb6eddf
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd
3cbcbf9db3a155efee029d2ac9677aada1c65b57313b437c9c24551f829ebfa1
3fdf9d88d8012df1d3d2717cea4153a642cb5396a5553b2e1df85a882e15f977
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977
4eaf7b7f53ea1a27a22bae168f560d9dc78dc2e2185162be9ee4db59e1e1065a
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5
8f1d291b3ef3f79f0969c89912b13d554baeaf19c349f35b457efaf01e3007b5
9099223944aba1e8c14044f32fbcaa311f301e066cb13f672dc430e24c1d02c9
93ab9ddc223156f5f4ba7ff8fc14a885e9b5946fc10917571022d7c2d9a08886
a69cf4a83e71d9f45a9d171e93e61796ed677d0db63cf66addb601688a203881
afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41
ce8bf75fb0cd13e511e541e4180832d0d18574d66d4ada8c503af9642c027e5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855