dddvfvfvfddcddx.z13.web.core.windows.net Open in urlscan Pro
20.209.163.232 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Submission Tags: @phish_report
Submission: On July 22 via api (July 22nd 2024, 1:13:30 pm UTC) from FI — Scanned from FI

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 17 HTTP transactions. The main IP is 20.209.163.232, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is dddvfvfvfddcddx.z13.web.core.windows.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on April 5th 2024. Valid for: a year.

This is the only time dddvfvfvfddcddx.z13.web.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
12	20.209.163.232 20.209.163.232	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:26f0:ab0... 2a02:26f0:ab00:397::f03	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	6

12 20.209.163.232 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dddvfvfvfddcddx.z13.web.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:ab00:397::f03 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

support.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	windows.net dddvfvfvfddcddx.z13.web.core.windows.net	671 KB
2	microsoft.com 1 redirects support.microsoft.com — Cisco Umbrella Rank: 12550	344 B
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832	24 KB
1	tawk.to embed.tawk.to — Cisco Umbrella Rank: 12323	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	27 KB
17	5

	Domain	Requested by
12	dddvfvfvfddcddx.z13.web.core.windows.net	dddvfvfvfddcddx.z13.web.core.windows.net
2	support.microsoft.com	1 redirects dddvfvfvfddcddx.z13.web.core.windows.net
1	embed.tawk.to	dddvfvfvfddcddx.z13.web.core.windows.net
1	maxcdn.bootstrapcdn.com	dddvfvfvfddcddx.z13.web.core.windows.net
1	stackpath.bootstrapcdn.com	dddvfvfvfddcddx.z13.web.core.windows.net
1	cdnjs.cloudflare.com	dddvfvfvfddcddx.z13.web.core.windows.net
17	6

This site contains no links.

Subject Issuer	Validity	Valid
*.web.core.windows.net Microsoft Azure RSA TLS Issuing CA 03	`2024-04-05` - `2025-03-31`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
tawk.to GTS CA 1P5	`2024-05-26` - `2024-08-24`	3 months	crt.sh
support.microsoft.com Microsoft Azure ECC TLS Issuing CA 04	`2024-05-01` - `2025-04-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Frame ID: 62702E6B1E42D0DEA09613206CB4F332
Requests: 16 HTTP requests in this frame

Frame: https://support.microsoft.com/fi-FI
Frame ID: 6CBBFCF197ED6EA4FC34D6E576EC3859
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Service - Helpline

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

6
IPs

4
Countries

723 kB
Transfer

836 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://support.microsoft.com/ HTTP 301
https://support.microsoft.com/fi-FI

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.html Show response
dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ 13 KB
13 KB 603ms
146ms Document
text/html 20.209.163.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.163.232 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cd7c0700980b342bc745887d3c648bad6d8c5ab880fc8bec6ebd1ded63eb5251

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Length: 13151
Content-MD5: LCGKIfqw5s5Q4TtxyPFCcw==
Content-Type: text/html
Date: Mon, 22 Jul 2024 13:13:24 GMT
ETag: "0x8DCAA4C9AE51EE3"
Last-Modified: Mon, 22 Jul 2024 12:48:37 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3c15ef9b-701e-0050-5338-dca5db000000
x-ms-version: 2018-03-28

GET
H/1.1 200
OK styles.css
dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ 11 KB
11 KB 353ms
340ms Stylesheet
text/css 20.209.163.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/styles.css
Requested by: Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.163.232 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c39958089eebb1b3b8a3d0203efff9386ff364eaf5fa05f9fb037e9b5f7fcef3

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 13:13:24 GMT
Last-Modified: Mon, 22 Jul 2024 12:48:37 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: /SvFeKh0C4a2y2IbKSUNvw==
ETag: "0x8DCAA4C9AE289B8"
Content-Type: text/css
x-ms-request-id: 3c15f1ca-701e-0050-5038-dca5db000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 10814

GET
H/1.1 200
OK scripts.js Show response
dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ 843 B
1 KB 509ms
147ms Script
text/javascript 20.209.163.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/scripts.js
Requested by: Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.163.232 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3406b91395463f01155727e125df3d1dae7d01f1fe7c8ca20513e4913f8f1dd4

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 13:13:24 GMT
Last-Modified: Mon, 22 Jul 2024 12:48:38 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: G09BZ2wRN/7Xt8PIEYXpAA==
ETag: "0x8DCAA4C9BBBA22D"
Content-Type: text/javascript
x-ms-request-id: 3c15f42b-701e-0050-7f38-dca5db000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 843

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
27 KB 271ms
48ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 13:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 409543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26660
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ioj3A%2FRdcPD8PGuvudaCl91lZSEmAuQjLxLSUDaD2%2BDCU4qk9bWONjfhuTWt2AjEZfC%2FqrLGAD%2BxXtkKZ9OF5zre2wp4eBv3pO8WmbnkRDKMTm%2F%2BYdF7J56yPLvjb9BqBVZRARD%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a73b01c49d18d7d-HEL
expires: Sat, 12 Jul 2025 13:13:25 GMT

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/ 59 KB
17 KB 321ms
102ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

Requested by

Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/
Origin: https://dddvfvfvfddcddx.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 13:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1053
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-cachedat: 03/25/2024 22:48:44
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b9e9c74af851845a13f2d722106e8b45
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8a73b01c5ae04e1b-HEL
cdn-requestpullsuccess: True

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 185ms
56ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 13:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1047
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7060018
cdn-cachedat: 10/31/2023 18:58:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9bd489b3b47817325036093612d128df
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8a73b01bcfea8da4-HEL
cdn-requestpullsuccess: True

GET
H/1.1 200
OK cross.png
dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ 377 KB
378 KB 629ms
159ms Image
image/png 20.209.163.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/cross.png
Requested by: Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.163.232 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 13:13:25 GMT
Last-Modified: Mon, 22 Jul 2024 12:48:40 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: vkKtd1JyAyfSi/Utvbtkwg==
ETag: "0x8DCAA4C9C95A3E7"
Content-Type: image/png
x-ms-request-id: 1727406b-501e-0078-1038-dcc473000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 386359

GET
H/1.1 200
OK def.png
dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ 4 KB
4 KB 616ms
146ms Image
image/png 20.209.163.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/def.png
Requested by: Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.163.232 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 13:13:24 GMT
Last-Modified: Mon, 22 Jul 2024 12:48:37 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: d6L/xVRfh1UddHgSAd6bOw==
ETag: "0x8DCAA4C9B1E6525"
Content-Type: image/png
x-ms-request-id: 337bb813-001e-0028-7038-dc0623000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 3834

GET
H/1.1 200
OK gif1.gif
dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ 10 KB
10 KB 150ms
147ms Image
image/gif 20.209.163.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/gif1.gif
Requested by: Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.163.232 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a38ce8950f9fd31142fa9f3f673db29058f43989dd4415118bc8d223d0302f77

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 13:13:24 GMT
Last-Modified: Mon, 22 Jul 2024 12:48:36 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: z3V+N86Lir+2QYw5kbn35Q==
ETag: "0x8DCAA4C9A6816F0"
Content-Type: image/gif
x-ms-request-id: 3c15f57f-701e-0050-3238-dca5db000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 10261

GET
H/1.1 200
OK microsoft.png
dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ 17 KB
17 KB 150ms
148ms Image
image/png 20.209.163.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/microsoft.png
Requested by: Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.163.232 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fccaeb23b60aa3fd5130234f5ecfe5f07be02f2006311196de9884d4af9c7d74

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 13:13:25 GMT
Last-Modified: Mon, 22 Jul 2024 12:48:38 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: qy8VjjwTphMaMIwEzdamTA==
ETag: "0x8DCAA4C9B655797"
Content-Type: image/png
x-ms-request-id: c91bf23a-301e-0051-2d38-dcfa07000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 17003

GET
H/1.1 200
OK gif2.gif
dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ 16 KB
17 KB 202ms
157ms Image
image/gif 20.209.163.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/gif2.gif
Requested by: Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.163.232 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4e1c30469b24a3e29ff7ee42e124056a91e2d5c892d1693d3ac51f456d1e1df4

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 13:13:24 GMT
Last-Modified: Mon, 22 Jul 2024 12:48:36 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Bv1D+qKhC6AhppSd/9kY3w==
ETag: "0x8DCAA4C9A7D34F2"
Content-Type: image/gif
x-ms-request-id: 337bb8da-001e-0028-2c38-dc0623000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 16699

GET
H/1.1 200
OK msl.png
dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ 1 KB
1 KB 303ms
150ms Image
image/png 20.209.163.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/msl.png
Requested by: Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.163.232 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 13:13:25 GMT
Last-Modified: Mon, 22 Jul 2024 12:48:40 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: vytGBZD7udjpYRpukAa4Fg==
ETag: "0x8DCAA4C9CBF444A"
Content-Type: image/png
x-ms-request-id: 3c15f67e-701e-0050-1b38-dca5db000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 1045

GET
H/1.1 200
OK warn.png
dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ 4 KB
5 KB 266ms
148ms Image
image/png 20.209.163.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/warn.png
Requested by: Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.163.232 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a00268b274d7757a5c883c487083d4fd9914161e72cb528a9f3c9f1df1f3e032

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 13:13:25 GMT
Last-Modified: Mon, 22 Jul 2024 12:48:39 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: /xuxExiFpfAkRdj1eYmeIQ==
ETag: "0x8DCAA4C9C638192"
Content-Type: image/png
x-ms-request-id: c91bf33c-301e-0051-1c38-dcfa07000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 4242

GET
H/1.1 200
OK corssbg.png
dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ 17 KB
17 KB 211ms
149ms Image
image/png 20.209.163.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/corssbg.png
Requested by: Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.163.232 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9f4c0bd395a0c6dbb50714db9e76dc59cc531c83403ef29ecd5b43398df445ad

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 13:13:24 GMT
Last-Modified: Mon, 22 Jul 2024 12:48:37 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: tOfRS2ytHxgA+SRC/oDQDw==
ETag: "0x8DCAA4C9AE04262"
Content-Type: image/png
x-ms-request-id: 337bb983-001e-0028-4638-dc0623000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 17045

GET
H3 200 1hv29ibvf Show response
embed.tawk.to/665731739a809f19fb36a57b/ 2 KB
1 KB 344ms
227ms Script
application/x-javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/665731739a809f19fb36a57b/1hv29ibvf

Requested by

Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaaa681745d443dbbf6b864378cb7d78eb03007632962ec35c26398ea4c63b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/
Origin: https://dddvfvfvfddcddx.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 13:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"stable-v4-66909c6d5c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ty7N0qh2V9W%2BgEzc7Zu9qbkAzC3OXccXP1ZrPHBQ%2BDBifQPrSq3CYhS%2Fk2oB8a3%2B0EnA%2BeXEyhkQrBYgVo3Z1nIbA7yhoUf1Mh44WG3nDor1YTOW6E1mUnqOhTBaMYNG"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 8a73b01f6ae92d73-KBP
alt-svc: h3=":443"; ma=86400

GET
H2

200

fi-FI
support.microsoft.com/ Frame 6CBB
Redirect Chain

https://support.microsoft.com/
https://support.microsoft.com/fi-FI

0
0

145ms
144ms

Document
text/html

2a02:26f0:ab00:397::f03
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/fi-FI

Requested by

Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:397::f03 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 25606
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
date: Mon, 22 Jul 2024 13:13:25 GMT
expires: Mon, 22 Jul 2024 13:13:25 GMT
pragma: no-cache
request-context: appId=
server: Kestrel
strict-transport-security: max-age=86400 ; includeSubDomains
vary: Accept-Encoding
x-correlationid: 0HN55Q0J5G6C4:00000034
x-operationid: 8481a84e84ddcc4d1b68c1bab54cef72

Redirect headers

accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: max-age=0, no-cache, no-store
content-length: 0
critical-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
date: Mon, 22 Jul 2024 13:13:25 GMT
expires: Mon, 22 Jul 2024 13:13:25 GMT
location: https://support.microsoft.com/fi-FI
pragma: no-cache
request-context: appId=
server: Kestrel
strict-transport-security: max-age=86400 ; includeSubDomains
x-correlationid: 0HN55Q0J5G6C4:00000033
x-operationid: 6380e5af380368b9e45b7f456074fd4a

GET
H/1.1 206
Partial Content ado.mp3
dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ 196 KB
197 KB 342ms
195ms Media
audio/mpeg 20.209.163.232
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/ado.mp3
Requested by: Host: dddvfvfvfddcddx.z13.web.core.windows.net
URL: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.209.163.232 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Request headers

Referer: https://dddvfvfvfddcddx.z13.web.core.windows.net/Win01securityElnhelpline0042/index.html?clcsr=1&gad_source=5
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 22 Jul 2024 13:13:25 GMT
Last-Modified: Mon, 22 Jul 2024 12:48:36 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8DCAA4C9A7A2B13"
Content-Type: audio/mpeg
Content-Range: bytes 0-200831/200832
x-ms-request-id: 3c15f7b5-701e-0050-3b38-dca5db000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 200832

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
support.microsoft.com/signin-oidc	1970-01-20 22:14:14	Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8LWN6nmb9HBGpcIJvpEgkL0Vfcu5-7tzUeV67IG_QjeWbdr9j46zj1nMSAdHB-wX7ALZngcm329T5Dld0S7Roelf3D25ZXsprlm1yWpRDJ2PYyCGinYglJWtTt4SNrx7zb1mTCI7bzd3vPR2QSIujURXnWl6JFtlm40tLNW66Y84mvymsQxXc-LYiqC6JDKiEnPZW67_2C4eUhMdLusQzXeDot-Fa7O0laHWHpMucDkp5PUcfR1TKT4VADeyym7u7QrFVWIrhd0JXYDtHsA3D7U Value: N
support.microsoft.com/signin-oidc	1970-01-20 22:14:14	Name: .AspNetCore.Correlation.VKvILprFYNqAkH-5pW5pswiuHtlxEbdpcClnb-66XPI Value: N
support.microsoft.com/	1970-01-21 06:59:50	Name: EXPID Value: dd7f1aec-a221-4bb2-a219-6a82974bbe8d
login.microsoftonline.com/	1970-01-20 22:57:26	Name: buid Value: 0.ATQAMe_N-B6jSkuT5F9XHpElWhkrJ-4RRD9DjyhcE8tv1AcBAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMYUsCVXrIJMdeYjOX3wplGDoAfMladR95NdCM-a3eztD4IcrepTAqI6NBTLpLqRTVJvpXlBHEz5OgdYOayf8zVnyy05WwhIGTMGsNrigKGPUQgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMYYvp-7e5bpn_ZBRKlSijyga4DcngJSnRrJgFdC1nTAsSsTTB2WJiLsre4BRheLCJnkF0naEqKuOndXOqhAk3eM54BSKKOeb7qOkkdVRoKBNagVLs6wXmcJw7wCAm4VlLTIgMhli5Gto6GvCBvBi8f2gBV75FDR_xgmF82YyEoyDwgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-cp4Ib1AfLcU Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMY93X4QQj6g_KadX0iCErNT6vVFJC8P93tm69hBwwAJ2Gya4rmxOSUheLbcNdeeaACc_NHoapNgB8NExEodcUfCnQoq5uvVu79XNGRuoQcr3Hif_AuTyXj2Fo5Ow8ZlbuCEBuobG-kceM7sXgyRcuGTiAA
login.microsoftonline.com/	1970-01-20 22:57:26	Name: fpc Value: Asb_Q8_osB1GmYtc6UpurO1qwEtIAQAAAPhRMN4OAAAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
support.microsoft.com/	1970-01-21 06:59:50	Name: MicrosoftApplicationsTelemetryDeviceId Value: 330b5c97-277d-4bda-a05a-efc993cbe5bc
support.microsoft.com/	1970-01-20 22:14:15	Name: ai_session Value: DU7IJYcQMfxVEDGDDH336D\|1721654008943\|1721654008943

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Refused to frame 'https://mem.gfx.ms/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://support.microsoft.com".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
dddvfvfvfddcddx.z13.web.core.windows.net
embed.tawk.to
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
support.microsoft.com
104.17.24.14
104.18.10.207
104.18.11.207
188.114.96.3
20.209.163.232
2a02:26f0:ab00:397::f03
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
3406b91395463f01155727e125df3d1dae7d01f1fe7c8ca20513e4913f8f1dd4
4e1c30469b24a3e29ff7ee42e124056a91e2d5c892d1693d3ac51f456d1e1df4
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
9f4c0bd395a0c6dbb50714db9e76dc59cc531c83403ef29ecd5b43398df445ad
a00268b274d7757a5c883c487083d4fd9914161e72cb528a9f3c9f1df1f3e032
a38ce8950f9fd31142fa9f3f673db29058f43989dd4415118bc8d223d0302f77
c39958089eebb1b3b8a3d0203efff9386ff364eaf5fa05f9fb037e9b5f7fcef3
c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868
cd7c0700980b342bc745887d3c648bad6d8c5ab880fc8bec6ebd1ded63eb5251
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
eaaa681745d443dbbf6b864378cb7d78eb03007632962ec35c26398ea4c63b31
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65
fccaeb23b60aa3fd5130234f5ecfe5f07be02f2006311196de9884d4af9c7d74

dddvfvfvfddcddx.z13.web.core.windows.net Open in urlscan Pro 20.209.163.232 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

17 %IPv6

5 Domains

6 Subdomains

6 IPs

4 Countries

723 kBTransfer

836 kBSize

11 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

21 JavaScript Global Variables

11 Cookies

1 Console Messages

Indicators

dddvfvfvfddcddx.z13.web.core.windows.net Open in urlscan Pro
20.209.163.232 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

6
IPs

4
Countries

723 kB
Transfer

836 kB
Size

11
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!