csdconstructionllcinfo.z26.web.core.windows.net
Open in
urlscan Pro
20.60.32.4
Malicious Activity!
Public Scan
Effective URL: https://csdconstructionllcinfo.z26.web.core.windows.net/?client_id=3kx9BfE8XHYnp8MrWJS9JRPmy4SVlSgSYy3qL5IQLQ46xfSuTOY11QYPvNE6FMgBpHxkfNA98Ya5ckP7eyg7F...
Submission: On December 28 via manual from US — Scanned from AU
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on October 25th 2022. Valid for: a year.
This is the only time csdconstructionllcinfo.z26.web.core.windows.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 20.60.32.4 20.60.32.4 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
24 | 23.185.0.1 23.185.0.1 | 54113 (FASTLY) (FASTLY) | |
4 | 172.64.169.22 172.64.169.22 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 4 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
csdconstructionllcinfo.z26.web.core.windows.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
pantheonsite.io
dev-git0123x.pantheonsite.io |
512 KB |
4 |
fontawesome.com
ka-f.fontawesome.com — Cisco Umbrella Rank: 5927 |
35 KB |
2 |
windows.net
csdconstructionllcinfo.z26.web.core.windows.net |
179 KB |
32 | 3 |
Domain | Requested by | |
---|---|---|
24 | dev-git0123x.pantheonsite.io |
csdconstructionllcinfo.z26.web.core.windows.net
dev-git0123x.pantheonsite.io |
4 | ka-f.fontawesome.com |
dev-git0123x.pantheonsite.io
|
2 | csdconstructionllcinfo.z26.web.core.windows.net |
csdconstructionllcinfo.z26.web.core.windows.net
|
32 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.web.core.windows.net Microsoft Azure TLS Issuing CA 02 |
2022-10-25 - 2023-10-20 |
a year | crt.sh |
pantheonsite.io Sectigo RSA Organization Validation Secure Server CA |
2022-07-14 - 2023-06-23 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-12 - 2023-08-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://csdconstructionllcinfo.z26.web.core.windows.net/?client_id=3kx9BfE8XHYnp8MrWJS9JRPmy4SVlSgSYy3qL5IQLQ46xfSuTOY11QYPvNE6FMgBpHxkfNA98Ya5ckP7eyg7FTAXU9f0gjN5bjgpI2xPJN9rgFwCce0AEv82479s9NQmsVsQcZxKZA81QHcdYJpK2v0yRpZN8nbTreGK0gCLISr80w8FMNHsIs9dNw3dCKzO4vxRQgzqGJAyx9LgcBwhlmpbYfz9Ia9MBvxR1e5un4ghwdeKgsmbcEAzf0rRi83VhTzmiDqlfJnLMqNmVdnO7SxGyhEBhlxV357PVpyIJa5niW&redirect_uri=ccc26d8i896b2ifc8f0270j836f0655446g08246353e7gc3911d0j746ae9hejage7gfh64d8048hg0icb5b6h9ggg8if2j4i84i2f4eh00bfc00ec90f7ib4cch1981b8gfc1e5e8jfd5e4hci8h2&response_type=222e0de002553dcecd2e2ab244de4a3410babc40ebe4bd50d5cbbac4c5d2cee31a551a0435c
Frame ID: DE2A5D81AC48B17F11C882D164A64069
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountPage URL History Show full URLs
- https://csdconstructionllcinfo.z26.web.core.windows.net/ Page URL
- https://csdconstructionllcinfo.z26.web.core.windows.net/?client_id=3kx9BfE8XHYnp8MrWJS9JRPmy4SVlSgSYy3qL5IQLQ46xfSuTOY11QYPvNE6FMgBp... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://csdconstructionllcinfo.z26.web.core.windows.net/ Page URL
- https://csdconstructionllcinfo.z26.web.core.windows.net/?client_id=3kx9BfE8XHYnp8MrWJS9JRPmy4SVlSgSYy3qL5IQLQ46xfSuTOY11QYPvNE6FMgBpHxkfNA98Ya5ckP7eyg7FTAXU9f0gjN5bjgpI2xPJN9rgFwCce0AEv82479s9NQmsVsQcZxKZA81QHcdYJpK2v0yRpZN8nbTreGK0gCLISr80w8FMNHsIs9dNw3dCKzO4vxRQgzqGJAyx9LgcBwhlmpbYfz9Ia9MBvxR1e5un4ghwdeKgsmbcEAzf0rRi83VhTzmiDqlfJnLMqNmVdnO7SxGyhEBhlxV357PVpyIJa5niW&redirect_uri=ccc26d8i896b2ifc8f0270j836f0655446g08246353e7gc3911d0j746ae9hejage7gfh64d8048hg0icb5b6h9ggg8if2j4i84i2f4eh00bfc00ec90f7ib4cch1981b8gfc1e5e8jfd5e4hci8h2&response_type=222e0de002553dcecd2e2ab244de4a3410babc40ebe4bd50d5cbbac4c5d2cee31a551a0435c Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
csdconstructionllcinfo.z26.web.core.windows.net/ |
89 KB 89 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
84 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.1.1.min.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
85 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
276 KB 98 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5051251.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
dev-git0123x.pantheonsite.io/git/r3p0/ |
142 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
family=Archivo+Narrow&display=swap.css
dev-git0123x.pantheonsite.io/git/r3p0/ |
1 KB 650 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.style.css
dev-git0123x.pantheonsite.io/git/r3p0/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.2/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.2/css/ |
26 KB 5 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.slim.min.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
68 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
x-ms0ftl0g0.svg
dev-git0123x.pantheonsite.io/git/r3p0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
x-k3y.svg
dev-git0123x.pantheonsite.io/git/r3p0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
19 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
48 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x-bgr0und.svg
dev-git0123x.pantheonsite.io/git/r3p0/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
csdconstructionllcinfo.z26.web.core.windows.net/ |
89 KB 89 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
84 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.1.1.min.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
85 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
276 KB 98 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5051251.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
11 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
dev-git0123x.pantheonsite.io/git/r3p0/ |
142 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
family=Archivo+Narrow&display=swap.css
dev-git0123x.pantheonsite.io/git/r3p0/ |
1 KB 649 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.style.css
dev-git0123x.pantheonsite.io/git/r3p0/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.2/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.2/css/ |
26 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.slim.min.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
68 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x-ms0ftl0g0.svg
dev-git0123x.pantheonsite.io/git/r3p0/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x-k3y.svg
dev-git0123x.pantheonsite.io/git/r3p0/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
19 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
dev-git0123x.pantheonsite.io/git/r3p0/ |
48 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
x-bgr0und.svg
dev-git0123x.pantheonsite.io/git/r3p0/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- dev-git0123x.pantheonsite.io
- URL
- https://dev-git0123x.pantheonsite.io/git/r3p0/x-ms0ftl0g0.svg
- Domain
- dev-git0123x.pantheonsite.io
- URL
- https://dev-git0123x.pantheonsite.io/git/r3p0/x-k3y.svg
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| O function| d function| f function| P function| c function| b function| a string| git0123x function| e function| $ function| jQuery object| FontAwesomeKitConfig function| S function| T function| Popper object| bootstrap function| M function| randomString function| turnUrlToRandom function| L0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
20 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
csdconstructionllcinfo.z26.web.core.windows.net
dev-git0123x.pantheonsite.io
ka-f.fontawesome.com
dev-git0123x.pantheonsite.io
172.64.169.22
20.60.32.4
23.185.0.1
1c33a3ad9d8c1c203f1b2983ef70c39ed4d76729561aaef9271d46bef04c85a2
1d37929e4e22afc90684e889ba8234d62d86c1ba92666fd619f3577e9f9bf514
28b94eb970ba237da606a805736be221599f4f380a82acfa3c342aa7d4ab2077
450fca8a717252e0b5820af945aa199405db752bde94a452e6612441768d44f4
601efe74969011a6cfca3a0f6af5a8d00f7b5e40ae9365c368f9034805c3eb85
64cd5496b42aded48b7ea8df1c9acb9883f5ed07b259795dd421f1a4c35a8ce8
68a1677b053990fbd5202650a1419b5fc6eb601b107fc7068aee77dceb6b806b
8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94
95f83df6f553a54f7bc19f98ed8156831866536beb7e7da62e482c67002f662c
986c917d17ec24e5a60ae9e927211d20e896eb08f10785d6e9eae27f45697ad5
9cf3ee046e22744b4200c422f5efcd15f6e29ed3be01278a2ec5267c0588e7a0
b25f56393c15f8519c94e4f49ed48146a1ee4c18636b6bb059ba2c417a99925b
d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101
e37e22918c90ebda6f4dc411aa5fd0ae0e6751ea1d82bb759d3cf2882f2c2f88
ea2f31b4467106823149d7be6f76247b70e6432f31e2bfe0440226f7321d8ec7
f83216f410ad89deecec2566f9271a1ca3ce6b5f621b4dc53c9e09f9c6c2d9b4