![](/screenshots/d31c4f1b-04a4-4f56-8ba8-76a815d9a722.png)
iuahosd1-secondary.z11.web.core.windows.net
Open in
urlscan Pro
20.150.11.225
Malicious Activity!
Public Scan
Submission: On July 02 via api from US — Scanned from US
Summary
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 04 on June 12th 2024. Valid for: a year.
This is the only time iuahosd1-secondary.z11.web.core.windows.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
28 | 20.150.11.225 20.150.11.225 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 104.21.53.38 104.21.53.38 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
29 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
iuahosd1-secondary.z11.web.core.windows.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
windows.net
iuahosd1-secondary.z11.web.core.windows.net |
1 MB |
1 |
userstatics.com
userstatics.com — Cisco Umbrella Rank: 158052 |
726 B |
29 | 2 |
Domain | Requested by | |
---|---|---|
28 | iuahosd1-secondary.z11.web.core.windows.net |
iuahosd1-secondary.z11.web.core.windows.net
|
1 | userstatics.com |
iuahosd1-secondary.z11.web.core.windows.net
|
29 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.web.core.windows.net Microsoft Azure RSA TLS Issuing CA 04 |
2024-06-12 - 2025-06-07 |
a year | crt.sh |
userstatics.com E1 |
2024-05-26 - 2024-08-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/index.html
Frame ID: 25D357F08D6E7E3FBECF5263E9030158
Requests: 30 HTTP requests in this frame
Screenshot
![](/screenshots/d31c4f1b-04a4-4f56-8ba8-76a815d9a722.png)
Page Title
Security centerDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/ |
22 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tapa.css
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/css/ |
20 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/css/ |
216 KB 216 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/js/ |
83 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/js/ |
59 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/css/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
esc.js
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/js/ |
99 B 474 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flscn.js
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/js/ |
269 B 645 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/js/ |
2 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f24.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
818 KB 818 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mnc.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
187 B 557 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
msmm.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
168 B 538 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
set.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
364 B 734 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vsc.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
722 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scn.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg1.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
81 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bel.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
276 B 646 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dm.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
re.gif
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
14 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
349 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
beep.mp3
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/media/ |
8 KB 9 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eng.mp3
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/media/ |
108 KB 0 |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mnc.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
187 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
msmm.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
168 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
set.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
364 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vsc.png
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/images/ |
722 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
w3
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/ |
0 383 B |
Other
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
userstatics.com/get/ |
133 B 726 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
w3.html
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/ |
321 B 629 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
w1.html
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML/ |
321 B 629 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| $ function| jQuery object| bootstrap function| chat function| ddwqdqcqqcqvqwqweqwrqweeq string| bcda function| showd2 function| beep1 number| e number| isNS function| mischandler function| mousehandler function| win_onkeydown_handler function| addEvent1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
iuahosd1-secondary.z11.web.core.windows.net/werrx01USAHTML | Name: PHPREFS Value: full |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
iuahosd1-secondary.z11.web.core.windows.net
userstatics.com
104.21.53.38
20.150.11.225
04e7cab3f04cb7c718c7cb4e038de2e87e274788b00f2c2fe869bb12c29c5762
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd
34ccdb50687c38ca7f6f04c46aaba862b1e93f6bd1ab158915a4ae1034f2e65e
3616cf46b53ecac41813d66874380a99715b0b31baf1c27c5db0ba320b9369c8
36c93ecca4ea10ed850a8b04465a4141f6afc135419d644181e63a98da87a376
426eec34428ca37958c3697503680648f7d9658ae0fe6300e80ddc17797ceb85
436ecc90fab5ed1034b68a4a0e924e0132d93d9e7fb59b4fe23018eb7d9242c1
439b95dd7522b888586d9c7d7532f1b47747413e74befdb03210c575846a3349
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977
5fec869e22cef957a16d1b97cac7bc6493ae350696cd03469181679a2205781a
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
83a132d9141372a3c75799bd6194a5752b3db074ef77a9e9a3249ff9fbc38d23
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
9e3f599d1db72217010598a7411f62b877558b5f023db4754333a32328b8f893
ab73c43df3eb40f77ec6d37c19c60ce231e0ea68e812eeda663619e11c4a95cd
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
ba89dc4fd9bd9cb092158dc98be88f7367ef0f683621222f2c0d447e6840c50c
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41
ce26d1b76dae2f3b5d0ccc8d0ecd88d2edb411101b8a4c5edc4d9aa7008c9b04
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855