alsk3.z13.web.core.windows.net
Open in
urlscan Pro
20.60.220.228
Malicious Activity!
Public Scan
Effective URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Submission: On July 31 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 08 on April 4th 2024. Valid for: a year.
This is the only time alsk3.z13.web.core.windows.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 151.101.194.132 151.101.194.132 | 54113 (FASTLY) (FASTLY) | |
1 1 | 172.67.36.125 172.67.36.125 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 144.202.49.180 144.202.49.180 | 20473 (AS-CHOOPA) (AS-CHOOPA) | |
18 | 20.60.220.228 20.60.220.228 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 151.101.66.137 151.101.66.137 | 54113 (FASTLY) (FASTLY) | |
1 | 108.181.64.139 108.181.64.139 | 40676 (AS40676) (AS40676) | |
26 | 5 |
ASN20473 (AS-CHOOPA, US)
PTR: 144.202.49.180.vultrusercontent.com
wirednewsscope.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
alsk3.z13.web.core.windows.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
windows.net
alsk3.z13.web.core.windows.net |
334 KB |
1 |
ipwho.is
ipwho.is — Cisco Umbrella Rank: 72804 |
950 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211 |
27 KB |
1 |
wirednewsscope.com
1 redirects
wirednewsscope.com |
271 B |
1 |
zemanta.com
1 redirects
r1-usc1.zemanta.com — Cisco Umbrella Rank: 44766 |
519 B |
1 |
outbrain.com
paid.outbrain.com — Cisco Umbrella Rank: 20253 |
2 KB |
26 | 6 |
Domain | Requested by | |
---|---|---|
18 | alsk3.z13.web.core.windows.net |
paid.outbrain.com
alsk3.z13.web.core.windows.net |
1 | ipwho.is |
alsk3.z13.web.core.windows.net
|
1 | code.jquery.com |
alsk3.z13.web.core.windows.net
|
1 | wirednewsscope.com | 1 redirects |
1 | r1-usc1.zemanta.com | 1 redirects |
1 | paid.outbrain.com | |
26 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.outbrain.com R11 |
2024-07-18 - 2024-10-16 |
3 months | crt.sh |
*.web.core.windows.net Microsoft Azure RSA TLS Issuing CA 08 |
2024-04-04 - 2025-03-30 |
a year | crt.sh |
*.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
ipwho.is GoGetSSL ECC DV CA |
2024-03-13 - 2025-03-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Frame ID: 95855B64A6A0A0345FC9B4DE09496248
Requests: 26 HTTP requests in this frame
Screenshot
Page Title
Defender smart screen errorPage URL History Show full URLs
- https://paid.outbrain.com/network/redir?p=31MWtxpLINzjFog5AkxA73UUL2utwo_bNF_ebmz4BXEm01XTSkLjqOEjf-dD... Page URL
-
https://r1-usc1.zemanta.com/rp3/b1_outbrainrtb/66673584/182254952/e24105c7-4f8c-11ef-a2ca-cd21807fe9b5/S...
HTTP 302
https://wirednewsscope.com/news/RAFY.php HTTP 302
https://alsk3.z13.web.core.windows.net/?bcda=1300-041-034 Page URL
- https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034 Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://paid.outbrain.com/network/redir?p=31MWtxpLINzjFog5AkxA73UUL2utwo_bNF_ebmz4BXEm01XTSkLjqOEjf-dD0DDuPJFUL-Y2axdEw8bSNu97YQu4FjHjSYxQFCsgLMnp-QtlUUPpBUle43Ojv_CHTsKtCqLz5oYhYCCoI-mcDKJuAC3qVAEJXKJokmYk0IDlwZDKxFt2GJulc5Vsd0ftSdQw66xsKd0aDEDv1Nrks6DlCBLJNNIVpuPAdglhP0a30Vt9AytIRTEoRfINtrW8snd_2BBCZLufeUNRYhXwl1QrmmQwdstxAcwrvNrA4y0lhEThjgwmO3lL81qYOuZEcJJ5ArJ5HLhwJnHQV6LdHihaIG48UJvt4Yi7zDEe21Mp-YGly5TPa-jstpqn2ijaa2JkJ4K-vXBfERdFHOeiMYhGz3fWITafgzbx_vBP68_xkGHO4ctlAuGyMTCcW-gVE_5qoGvdUeMbsw0rv26zOmZOBkM-1F2AU1T-CcAlLODnhzhct-0aWYH5X08RbrB9FJkkDRwqXIkznquLLp7gMIsxJQZOcR-jkuqSs0go8Aw_2YNcrSmhyppI4VrkNulCJW3yKesYB6icKmMe-9Bi4uq3JL2mb0hkubLEgHhL3ZF3JbgM2LzTA93XQFpvLansT7NGpf6IfdSCY62Ps4Y8wcSBuMrxESezDZTL-d3hEArFnqZ4uDAUD7wBpxZzAEDCya3YbRMMXhXGc2GSF-7itnoWUHMqCooX1G0oBGHvv4Cylm3j9qI_PgvE-rm6C9V5gB6-4NyStbGhJ3EWnaDScZO1Tsu-UVaO_mUqX3ETqpWaYy4JZkWwZpQ_osQN8dIdQp3QnNjtcdwQu-Pto2CDYrlD-NPNgCpZhh-yVFrDUV8j3cldQejnc_WVxLjqRwTB25pzZ68Qi_aZsst7b4bJr5GeRX5f2hre5lYc59U7yBXrwuu3Fo-hFFFaPgbndOBGr7GzB2QUsBM9byyRlQJ-AgeJCre-H41hJTyF5f5qumy-htOc9IJNy6vISJFODA1piVj4JohhoFP7jU_55txcAIaTPPIhSZCG72m2nM_Bh4u00EP_faicP8sX77dzqgiwYwy4B7KP7ZE8ER9LPd7qsF9GkPNWCYzpfis-jtNeSif5ij3fCido8y6yVVnQ1Lx7i8bOGgCPvysRTs54QyrjTReTckbDFbfIFeLdGRttfQrnt_cHK-vCMiBsoojVUmFafI1mjazYiKjfUL4MKWhu4Y-gSn_MfJDBe9n2RphHGMmJiOikETEDK9PtTVG8fV7koLWHbvMbnt6inpuapeUUW5mW_EPGcSXsdRHdQuKZTI_1uSYWW1ouKJADPFffh-wjUeaOQTsfzCGLj0SNkhZB6fIToepiWYA46GDX9aqNjsqu6GCUSjtUEULxdP7-jA-bZV_WZ1IrZgVgRneqYxCGJXM9JN7877BMUEINTS5dIKWBkhcJp0LTK1h8se4d1hvu4iuu6mSXqeJhJDJqL3-Cyiwca3KAWAQ0775e3UWbTb_LTDea7mGjLtLb58X_rsg8jUjvW-GOo2nz7bIIcpxTyBh8MjVS2dwn6pdpg2GQq1NQZ8dVEmngx_k1uzuQa7_UFTRU4He3PgOYcpB_ar9rpuoat_NYgTXDkCixy_yBZLT6CemO3luWIqPS8-lj3DQrbFWk8r1fBkt_LxzR63LZXCP2ulcydPzPPHS-fLJAgNDgZqz7SRsE8f4SDNh-i0atA4QmQMbagQb-mkDVeFkqaUfOyrO_c_oUULwDmt8uu0bVkgBaA_5VS4CRUIeiqYdS7pOz8snvu6FXj6aI49SujdvBz_QWz2oluel2hfUykTZRb7fNCz8rQRYOkJ33M3HqXklNKZ1bHZaZYUwSgf__VSa5BjrFjLb2Uz_lnmvIQw6CSMSx3T6rPPUiac0PkbwogLw-pBobZ4ItqQXqjfGnjgqjia1bqTYJmtyp6sLx6icSNTY31SNGPl-rRIwZ2roLLOqQGCFfpRa_APDzReyyzEJlVBxEHvy_T_xf_OuH7LSlszcdfJ4iMrPS-4YHDcrf7Ccs0p8xEfisaUf23ChSfPSNEy5im1KpjgBoMrXHAv5zJZZk51YMZZBuXM8_8Bj2xv6VvW1oy0VuS3to4DMpJYVwn0mrbUhNPxfgR0WfzIPdWdV6GjQDyDwi0NCJN2CNvctamozEdI1hlI-P4iXJUcTFZQH7phia0D6fgy5MOYIZbV5cFl5TMT4WjaUGptrXAv-3SIT8TpRDMuDpoPjYLTohNaNF-gWE1FdAH0x3DgtT86cU0orYylTfnzflpQWc-QyjsQuNRmW6OYNZ4ncRfsH5uAcKtbWrUKiOODVKkONlqKnOeYJdpjnYTzt0zWg90p7cn7DwkWHKveBbu466U0M47QOUuMf57mazWN-rpE1GX4JsIi8jRG-luazP4g9ha74c1RcZpg6pOOKndwzB6m8erg&c=c9039916&v=4 Page URL
-
https://r1-usc1.zemanta.com/rp3/b1_outbrainrtb/66673584/182254952/e24105c7-4f8c-11ef-a2ca-cd21807fe9b5/SM32UGXZ7PUDQNQL6QU46QUFGE7JKSNIBJY5SED43THK5KPYSY3BYU5OQFJA44T4XWLB54BWI3MHP6IZUQKF25ANOPAAPW7HRTK4MRGNF35C6SHPRUKAL66HUOIZT5NVIF4YAJQGYFN425CXTJEIJS46B42IWZ5OW6LSBXM6PXL6L4YQ2NJD3M6R5XB272NIR5JSZODVC4QEOLSC3JQ2FVAXIQAC3D2QFCCLPZOX2CNH6XKDBKI7IQUUNJ3BACTVMPY2QWQ7G4PMJFJTJCMLEDIP2GZW3OXQQLXR7UU3O6GFDXDSTHLYBX5DEUKPVXIAXZXEI7KOZMZHA7X5BBSR63RLG4CNUA737U3DIYH23MOKM2QAIHCW5YHTPX6PZFZP6YEXFKEK25JHOOFVOY2XTZ4ULHFY45J7WZ7JZSHOXUNBEYHDINTAVOZ5EC4VIH6H5TV73V7M2D5VQ4HQEB363LOZ7U4H4P4AHI4TQSKZOWUM6UOJIT4OBWKBQWSBWRSROOGOLRTU5DYWQV2O4EL6F3BNJOYCAXQA5UYKHZRPPSPPXF47IU3XKCPT2JBECYLJD4UZFSFTDVF32G4T7X5YWGDP4E6VD4KIYTO2L6UX7RT64KMFMS743AT7X44A5MD4EUJ3MGT4EEEX7DIRUJBQNE34IIIGCKIRC3IMSX2LBGOTXL46KURGXMQQJR4M2BSB5PFCQTTFHUK24S5DFEBBHPD7NZVMTIL7533XIKET562TBMNLZXXWFUDP33OYXGDGRHT56Z7CLVLPQQD2GKKLQOXR66NUMKR4ZSBEIH2BLJXCY3PSSS56427MGZLQXMTDBWNA7MITK6HWDCYZC3VZ5Y6YSYU3RZK43DNQ6MJRJDTSEQCCYVBZI7MG6BQNLDJCD55F2BRVS6CERJRH4P46R7U37ZOE7HLAS44HEIRGIHPLGSNLVRAOMIZ6DRQGBRZYXZ4NBDBUKJJRTHMGPQPF45STQW7UVZA3GZAFXHT7I7AVCDO7VMKU6H2A4HUCBWUWOHDQ5KJUVCDP4XNYB4AXVGO2YEALT5AB7DMKUZNI26DQV2PAXZIW4IZOMYJDYBTEMIQ7J7G45OI2TLNGWZ2PT5HXUSUTZ2IDQ2LTDSA/
HTTP 302
https://wirednewsscope.com/news/RAFY.php HTTP 302
https://alsk3.z13.web.core.windows.net/?bcda=1300-041-034 Page URL
- https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://r1-usc1.zemanta.com/rp3/b1_outbrainrtb/66673584/182254952/e24105c7-4f8c-11ef-a2ca-cd21807fe9b5/SM32UGXZ7PUDQNQL6QU46QUFGE7JKSNIBJY5SED43THK5KPYSY3BYU5OQFJA44T4XWLB54BWI3MHP6IZUQKF25ANOPAAPW7HRTK4MRGNF35C6SHPRUKAL66HUOIZT5NVIF4YAJQGYFN425CXTJEIJS46B42IWZ5OW6LSBXM6PXL6L4YQ2NJD3M6R5XB272NIR5JSZODVC4QEOLSC3JQ2FVAXIQAC3D2QFCCLPZOX2CNH6XKDBKI7IQUUNJ3BACTVMPY2QWQ7G4PMJFJTJCMLEDIP2GZW3OXQQLXR7UU3O6GFDXDSTHLYBX5DEUKPVXIAXZXEI7KOZMZHA7X5BBSR63RLG4CNUA737U3DIYH23MOKM2QAIHCW5YHTPX6PZFZP6YEXFKEK25JHOOFVOY2XTZ4ULHFY45J7WZ7JZSHOXUNBEYHDINTAVOZ5EC4VIH6H5TV73V7M2D5VQ4HQEB363LOZ7U4H4P4AHI4TQSKZOWUM6UOJIT4OBWKBQWSBWRSROOGOLRTU5DYWQV2O4EL6F3BNJOYCAXQA5UYKHZRPPSPPXF47IU3XKCPT2JBECYLJD4UZFSFTDVF32G4T7X5YWGDP4E6VD4KIYTO2L6UX7RT64KMFMS743AT7X44A5MD4EUJ3MGT4EEEX7DIRUJBQNE34IIIGCKIRC3IMSX2LBGOTXL46KURGXMQQJR4M2BSB5PFCQTTFHUK24S5DFEBBHPD7NZVMTIL7533XIKET562TBMNLZXXWFUDP33OYXGDGRHT56Z7CLVLPQQD2GKKLQOXR66NUMKR4ZSBEIH2BLJXCY3PSSS56427MGZLQXMTDBWNA7MITK6HWDCYZC3VZ5Y6YSYU3RZK43DNQ6MJRJDTSEQCCYVBZI7MG6BQNLDJCD55F2BRVS6CERJRH4P46R7U37ZOE7HLAS44HEIRGIHPLGSNLVRAOMIZ6DRQGBRZYXZ4NBDBUKJJRTHMGPQPF45STQW7UVZA3GZAFXHT7I7AVCDO7VMKU6H2A4HUCBWUWOHDQ5KJUVCDP4XNYB4AXVGO2YEALT5AB7DMKUZNI26DQV2PAXZIW4IZOMYJDYBTEMIQ7J7G45OI2TLNGWZ2PT5HXUSUTZ2IDQ2LTDSA/ HTTP 302
- https://wirednewsscope.com/news/RAFY.php HTTP 302
- https://alsk3.z13.web.core.windows.net/?bcda=1300-041-034
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
redir
paid.outbrain.com/network/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
alsk3.z13.web.core.windows.net/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
alsk3.z13.web.core.windows.net/win1bex33nz/ |
24 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tapa.css
alsk3.z13.web.core.windows.net/win1bex33nz/ |
19 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.4.4.min.js
code.jquery.com/ |
77 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
noir.js
alsk3.z13.web.core.windows.net/win1bex33nz/ |
82 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
def.gif
alsk3.z13.web.core.windows.net/win1bex33nz/ |
166 KB 166 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f24.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
464 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mnc.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
166 B 536 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
msmm.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
148 B 518 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
set.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
360 B 730 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ques.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
349 B 719 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vsc.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
752 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bxs.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bx1.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
96 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bel.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
296 B 666 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pcm.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
winlo.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dm.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
347 B 717 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cs.png
alsk3.z13.web.core.windows.net/win1bex33nz/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
re.gif
alsk3.z13.web.core.windows.net/win1bex33nz/ |
14 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
nvidia.js
alsk3.z13.web.core.windows.net/win1bex33nz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jupiter.js
alsk3.z13.web.core.windows.net/win1bex33nz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bxsafe.js
alsk3.z13.web.core.windows.net/win1bex33nz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
esc.js
alsk3.z13.web.core.windows.net/win1bex33nz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ipwho.is/ |
678 B 950 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- alsk3.z13.web.core.windows.net
- URL
- https://alsk3.z13.web.core.windows.net/win1bex33nz/pcm.png
- Domain
- alsk3.z13.web.core.windows.net
- URL
- https://alsk3.z13.web.core.windows.net/win1bex33nz/nvidia.js
- Domain
- alsk3.z13.web.core.windows.net
- URL
- https://alsk3.z13.web.core.windows.net/win1bex33nz/jupiter.js
- Domain
- alsk3.z13.web.core.windows.net
- URL
- https://alsk3.z13.web.core.windows.net/win1bex33nz/bxsafe.js
- Domain
- alsk3.z13.web.core.windows.net
- URL
- https://alsk3.z13.web.core.windows.net/win1bex33nz/esc.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| t function| ddwqdqcqqcqvqwqweqwrqweeq string| bcda string| ipadd string| city string| country string| isp string| currtime5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.outbrain.com/ | Name: ref-5677721838 Value: 6e15eadb0f38c844308f2774dd874e8e|5679607259||0|473944996|100|4556265|239950|1 |
|
.outbrain.com/ | Name: auid Value: JHL-xCdTjzDHRaKYlf_Wd53jKsjUneR6UUKY5It4AiCLsbETRwLQhBnayDcVIPHQ |
|
.outbrain.com/ | Name: obuid Value: ec8425b0-5597-4d21-9974-0d1253f608d0 |
|
.zemanta.com/ | Name: zuid Value: LPzK3-cdpJhtgCIijnjB |
|
.zemanta.com/ | Name: zpb Value: 73725_e24105c7-4f8c-11ef-a2ca-cd21807fe9b5 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alsk3.z13.web.core.windows.net
code.jquery.com
ipwho.is
paid.outbrain.com
r1-usc1.zemanta.com
wirednewsscope.com
alsk3.z13.web.core.windows.net
108.181.64.139
144.202.49.180
151.101.194.132
151.101.66.137
172.67.36.125
20.60.220.228
00b6cf6d38599c23ed66022a25c12e5ab478de5d862461b2393cf49ea0b6eae8
1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5
1901eeec960650f0c4c31673dde13f934f4e22bcb702383aefacaf00bdd743c7
23e2636c586a13f6dba4730d4d92fccd80ef8d0358e9c266e7cdd1d5123057f7
250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2
35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2
3ae89d2ef7f40289ea539ca31383ce5a529d7ad54b2b123c43d807f2cb038d88
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
689cfc046cb7a6b6e6f85452bfe224b645ae827d50fb80498326502465327199
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6
863547e9f5235aa4208737d9d86f4d62aa4146acb258399089842f30e79627de
b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4
d78dca445132754bf14e22d2dd76a8273a5c77e9a084b12e17ca76d500d3b6e3
de0b4f9c731965f1a4c1d96bc1e90ee4acb83308d5fa3a25c2742f503c1db500
ef35b00fa94fa0b4991c624c8bff042893b37d4e0c04f03f71533a9cd28c1953