staookilbainbfae.z1.web.core.windows.net Open in urlscan Pro
20.150.30.97 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html
Submission Tags: falconsandbox
Submission: On September 04 via api (September 4th 2024, 7:09:40 pm UTC) from US — Scanned from IT

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 25 HTTP transactions. The main IP is 20.150.30.97, located in Phoenix, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is staookilbainbfae.z1.web.core.windows.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 04 on June 17th 2024. Valid for: a year.

This is the only time staookilbainbfae.z1.web.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
24	20.150.30.97 20.150.30.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2

24 20.150.30.97 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

staookilbainbfae.z1.web.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	windows.net staookilbainbfae.z1.web.core.windows.net	3 MB
1	userstatics.com userstatics.com — Cisco Umbrella Rank: 303208	719 B
25	2

	Domain	Requested by
24	staookilbainbfae.z1.web.core.windows.net	staookilbainbfae.z1.web.core.windows.net
1	userstatics.com	staookilbainbfae.z1.web.core.windows.net
25	2

This site contains no links.

Subject Issuer	Validity	Valid
*.web.core.windows.net Microsoft Azure RSA TLS Issuing CA 04	`2024-06-17` - `2025-06-12`	a year	crt.sh
userstatics.com WE1	`2024-07-24` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html
Frame ID: 1BC9C03D5C866A73A3DD2804CAD2C1FC
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top Trend Update

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

3283 kB
Transfer

3275 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response staookilbainbfae.z1.web.core.windows.net/wintossfo/	16 KB 16 KB	1241ms 309ms	Document text/html	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `454416ec68477096729394f35a1b720eb956967a51ce1e574e9852b20000e4b2` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Content-Length 16211 Content-MD5 9MSiZK9FVtflfh55qj6CHQ== Content-Type text/html Date Wed, 04 Sep 2024 19:09:31 GMT ETag "0x8DCCCF057786821" Last-Modified Wed, 04 Sep 2024 14:46:21 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id 7a4323da-001e-00e4-08fd-fe37cd000000 x-ms-version 2018-03-28
GET H/1.1	200 OK	tapa.css staookilbainbfae.z1.web.core.windows.net/wintossfo/css/	19 KB 20 KB	295ms 292ms	Stylesheet text/css	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/css/tapa.css Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `e0e43d19124c60a22fea6be28fe321d3cd96a4c26e5eb8da36729d70c836fb4e` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:31 GMT Last-Modified Wed, 04 Sep 2024 14:46:30 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 dsWvdycjvlmH7haq6gOVpA== ETag "0x8DCCCF05D044DD0" Content-Type text/css x-ms-request-id 7a432434-001e-00e4-56fd-fe37cd000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 19789
GET H/1.1	200 OK	bootstrap.min.css staookilbainbfae.z1.web.core.windows.net/wintossfo/css/	216 KB 216 KB	599ms 302ms	Stylesheet text/css	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/css/bootstrap.min.css Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:31 GMT Last-Modified Wed, 04 Sep 2024 14:46:30 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 W0InazA56vGMwZnLTI23uA== ETag "0x8DCCCF05D0EAC7C" Content-Type text/css x-ms-request-id 7a43249b-001e-00e4-2efd-fe37cd000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 220780
GET H/1.1	200 OK	jquery.min.js Show response staookilbainbfae.z1.web.core.windows.net/wintossfo/js/	83 KB 83 KB	1079ms 291ms	Script text/javascript	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/js/jquery.min.js Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `436ecc90fab5ed1034b68a4a0e924e0132d93d9e7fb59b4fe23018eb7d9242c1` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:32 GMT Last-Modified Wed, 04 Sep 2024 14:46:35 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 IMEpvttKJtsC/A9U0CbD9Q== ETag "0x8DCCCF0600ECCC8" Content-Type text/javascript x-ms-request-id 4953819d-501e-009b-2cfd-fef856000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 84817
GET H/1.1	200 OK	bootstrap.min.js Show response staookilbainbfae.z1.web.core.windows.net/wintossfo/js/	59 KB 59 KB	1080ms 291ms	Script text/javascript	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/js/bootstrap.min.js Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Origin https://staookilbainbfae.z1.web.core.windows.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:32 GMT Last-Modified Wed, 04 Sep 2024 14:46:35 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 AtIjOT4AwnPv3LGt6PT4sQ== ETag "0x8DCCCF05FDA7E52" Content-Type text/javascript x-ms-request-id e6f60429-f01e-00df-5bfd-fe7269000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 60044
GET H/1.1	200 OK	font-awesome.min.css staookilbainbfae.z1.web.core.windows.net/wintossfo/css/	27 KB 27 KB	1048ms 285ms	Stylesheet text/css	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/css/font-awesome.min.css Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `ce26d1b76dae2f3b5d0ccc8d0ecd88d2edb411101b8a4c5edc4d9aa7008c9b04` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:32 GMT Last-Modified Wed, 04 Sep 2024 14:46:30 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 /RYJ65fnOWg6zyMSD9b2yQ== ETag "0x8DCCCF05D1AB890" Content-Type text/css x-ms-request-id a0cd1b13-d01e-0061-7ffd-fe1a10000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 27428
GET H/1.1	200 OK	esc.js Show response staookilbainbfae.z1.web.core.windows.net/wintossfo/js/	99 B 474 B	1117ms 280ms	Script text/javascript	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/js/esc.js Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `36c93ecca4ea10ed850a8b04465a4141f6afc135419d644181e63a98da87a376` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:35 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 iUrzbsNhGSYaNc4F36ax0A== ETag "0x8DCCCF05FEEED98" Content-Type text/javascript x-ms-request-id 3544b72a-801e-000e-2efd-fe10e3000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 99
GET H/1.1	200 OK	flscn.js Show response staookilbainbfae.z1.web.core.windows.net/wintossfo/js/	269 B 645 B	1162ms 278ms	Script text/javascript	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/js/flscn.js Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `34ccdb50687c38ca7f6f04c46aaba862b1e93f6bd1ab158915a4ae1034f2e65e` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:35 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 xjjfoiycBhbF11wUIQo4gQ== ETag "0x8DCCCF060072CCD" Content-Type text/javascript x-ms-request-id d13b6852-f01e-00bd-26fd-feb04e000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 269
GET H/1.1	200 OK	main.js Show response staookilbainbfae.z1.web.core.windows.net/wintossfo/js/	2 KB 3 KB	1360ms 276ms	Script text/javascript	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/js/main.js Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `3616cf46b53ecac41813d66874380a99715b0b31baf1c27c5db0ba320b9369c8` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:32 GMT Last-Modified Wed, 04 Sep 2024 14:46:35 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 4P0SSm59PAXFMP9OdrB0ZA== ETag "0x8DCCCF0600E7EAF" Content-Type text/javascript x-ms-request-id 7a432575-001e-00e4-67fd-fe37cd000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 2193
GET H/1.1	200 OK	f24.png staookilbainbfae.z1.web.core.windows.net/wintossfo/images/	3 MB 3 MB	342ms 341ms	Image image/png	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/images/f24.png Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `721664da709158888e363cb551254e6cc3c4b06b4af5be1466c0499261c3d961` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:36 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 EosfOuGwVhmuKobwqH9IVg== ETag "0x8DCCCF060B1AA99" Content-Type image/png x-ms-request-id 3544b766-801e-000e-61fd-fe10e3000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 2641779
GET H/1.1	200 OK	bx2.png staookilbainbfae.z1.web.core.windows.net/wintossfo/images/	35 KB 35 KB	316ms 316ms	Image image/png	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/images/bx2.png Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `e580866861ef53a03e486e128ad421357ce20cc66ac955d1601c9cfe2bbf3e03` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:33 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 BIKz0hb3HsXlQht+r5hsJQ== ETag "0x8DCCCF05EDFC9F1" Content-Type image/png x-ms-request-id d13b68a0-f01e-00bd-6ffd-feb04e000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 35825
GET H/1.1	200 OK	bg1.png staookilbainbfae.z1.web.core.windows.net/wintossfo/images/	81 KB 81 KB	288ms 287ms	Image image/png	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/images/bg1.png Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `83a132d9141372a3c75799bd6194a5752b3db074ef77a9e9a3249ff9fbc38d23` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:33 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 S1nt9HzWviqzT/zLextvog== ETag "0x8DCCCF05EE4D23D" Content-Type image/png x-ms-request-id 4953827b-501e-009b-5cfd-fef856000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 82975
GET H/1.1	200 OK	mnc.png staookilbainbfae.z1.web.core.windows.net/wintossfo/images/	187 B 557 B	276ms 275ms	Image image/png	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/images/mnc.png Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:34 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 JxAhz6RZQJeBhL4EiYQf0w== ETag "0x8DCCCF05F26DA35" Content-Type image/png x-ms-request-id 7a4325e9-001e-00e4-4afd-fe37cd000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 187
GET H/1.1	200 OK	msmm.png staookilbainbfae.z1.web.core.windows.net/wintossfo/images/	168 B 538 B	934ms 933ms	Image image/png	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/images/msmm.png Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:34 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 rLBevNX0iPyZFpz/ArbdBA== ETag "0x8DCCCF05F651229" Content-Type image/png x-ms-request-id e6f60637-f01e-00df-32fd-fe7269000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 168
GET H/1.1	200 OK	bel.png staookilbainbfae.z1.web.core.windows.net/wintossfo/images/	276 B 646 B	269ms 268ms	Image image/png	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/images/bel.png Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:33 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 dhbZbDiDAeORZTZH4fXwVw== ETag "0x8DCCCF05EB453C3" Content-Type image/png x-ms-request-id a0cd1be3-d01e-0061-2cfd-fe1a10000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 276
GET H/1.1	200 OK	set.png staookilbainbfae.z1.web.core.windows.net/wintossfo/images/	364 B 734 B	250ms 250ms	Image image/png	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/images/set.png Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:34 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 4UTDN4CQCHyM4SmjDLbLTg== ETag "0x8DCCCF05F9FEF4C" Content-Type image/png x-ms-request-id a0cd1c1f-d01e-0061-63fd-fe1a10000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 364
GET H/1.1	200 OK	ques.png staookilbainbfae.z1.web.core.windows.net/wintossfo/images/	349 B 719 B	284ms 284ms	Image image/png	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/images/ques.png Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:34 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 dFTGUuBzPZLebJIMLWRq4A== ETag "0x8DCCCF05F66E6A2" Content-Type image/png x-ms-request-id 7a432630-001e-00e4-09fd-fe37cd000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 349
GET H/1.1	200 OK	vsc.png staookilbainbfae.z1.web.core.windows.net/wintossfo/images/	722 B 1 KB	259ms 259ms	Image image/png	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/images/vsc.png Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:34 GMT Last-Modified Wed, 04 Sep 2024 14:46:35 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 QtjyzBrldZwjafJV8268Aw== ETag "0x8DCCCF05FD416B1" Content-Type image/png x-ms-request-id 495382d7-501e-009b-24fd-fef856000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 722
GET H/1.1	200 OK	1.jpg staookilbainbfae.z1.web.core.windows.net/wintossfo/images/	38 KB 39 KB	392ms 293ms	Image image/jpeg	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/images/1.jpg Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `a1f303eeebda55b956a0a38543a044a78ec37da52823f8957cc62c522f7b36d2` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:33 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 N2TOgVIPZ26wcoq4+dp+uw== ETag "0x8DCCCF05EC9FB58" Content-Type image/jpeg x-ms-request-id d13b6947-f01e-00bd-02fd-feb04e000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 39380
GET H/1.1	200 OK	msmm.png staookilbainbfae.z1.web.core.windows.net/wintossfo/images/	168 B 0	507ms 507ms	Image image/png	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/images/msmm.png Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:34 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 rLBevNX0iPyZFpz/ArbdBA== ETag "0x8DCCCF05F651229" Content-Type image/png x-ms-request-id e6f60637-f01e-00df-32fd-fe7269000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 168
GET H/1.1	206 Partial Content	beep.mp3 staookilbainbfae.z1.web.core.windows.net/wintossfo/media/	8 KB 9 KB	269ms 269ms	Media audio/mpeg	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/media/beep.mp3 Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Range bytes=0- Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:35 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 ETag "0x8DCCCF0602203B4" Content-Type audio/mpeg Content-Range bytes 0-8404/8405 x-ms-request-id a0cd1c51-d01e-0061-0efd-fe1a10000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 8405
GET H/1.1	206 Partial Content	eng.mp3 staookilbainbfae.z1.web.core.windows.net/wintossfo/media/	108 KB 108 KB	288ms 288ms	Media audio/mpeg	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/media/eng.mp3 Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `9fa4f2ad709ff397d792afa42087c38ac2d13ac10ee104e557f594ffbf93a603` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Range bytes=0- Response headers Date Wed, 04 Sep 2024 19:09:33 GMT Last-Modified Wed, 04 Sep 2024 14:46:35 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 ETag "0x8DCCCF06050D4B9" Content-Type audio/mpeg Content-Range bytes 0-110228/110229 x-ms-request-id 7a432677-001e-00e4-44fd-fe37cd000000 x-ms-version 2018-03-28 Accept-Ranges bytes Content-Length 110229
GET H2	200	script.js Show response userstatics.com/get/	133 B 719 B	251ms 101ms	Script text/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://userstatics.com/get/script.js?referrer=https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html Requested by Host: staookilbainbfae.z1.web.core.windows.net URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.2.1 Resource Hash `df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 04 Sep 2024 19:09:34 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.2.1 vary Accept-Encoding access-control-allow-methods GET, POST content-type text/javascript; charset=utf-8 access-control-allow-origin https://staookilbainbfae.z1.web.core.windows.net report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BMESxapJ500ijsGMBsqKXzhkdpWfXjOztpgBcTChHNKZ4szqyjyQENapaiE3KvDS0amZnNf06swKDFpEpGTgvbhQsyVuaQQUFt5hJBSHZ%2FjDSa90uNKgVPUMNi71pmNdpB8%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8be04654ef1465ae-FRA access-control-allow-headers X-Requested-With,content-type alt-svc h3=":443"; ma=86400
GET H/1.1	404 The requested content does not exist.	w3.html staookilbainbfae.z1.web.core.windows.net/wintossfo/	321 B 629 B	274ms 272ms	Other text/html	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/w3.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `62930ea036d5c32e44c5494f064992f80489ce53f17f5bc563d24e5641dfcd2e` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-request-id 3544ba7f-801e-000e-6bfd-fe10e3000000 Date Wed, 04 Sep 2024 19:09:37 GMT x-ms-version 2018-03-28 Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-error-code WebContentNotFound Content-Length 321 Content-Type text/html
GET H/1.1	404 The requested content does not exist.	w1.html staookilbainbfae.z1.web.core.windows.net/wintossfo/	321 B 629 B	469ms 467ms	Other text/html	20.150.30.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://staookilbainbfae.z1.web.core.windows.net/wintossfo/w1.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.150.30.97 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash `bec4f9f92b1a1a83c36be46a4e82724612c79c231315506f65efb262abd08836` Request headers Referer https://staookilbainbfae.z1.web.core.windows.net/wintossfo/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-request-id 3544bb43-801e-000e-73fd-fe10e3000000 Date Wed, 04 Sep 2024 19:09:37 GMT x-ms-version 2018-03-28 Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-error-code WebContentNotFound Content-Length 321 Content-Type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			staookilbainbfae.z1.web.core.windows.net/wintossfo	1970-01-20 23:18:36	Name: PHPREFS Value: full

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/w3.html Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)
network	error	URL: https://staookilbainbfae.z1.web.core.windows.net/wintossfo/w1.html Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

staookilbainbfae.z1.web.core.windows.net
userstatics.com
188.114.97.3
20.150.30.97
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd
34ccdb50687c38ca7f6f04c46aaba862b1e93f6bd1ab158915a4ae1034f2e65e
3616cf46b53ecac41813d66874380a99715b0b31baf1c27c5db0ba320b9369c8
36c93ecca4ea10ed850a8b04465a4141f6afc135419d644181e63a98da87a376
436ecc90fab5ed1034b68a4a0e924e0132d93d9e7fb59b4fe23018eb7d9242c1
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
454416ec68477096729394f35a1b720eb956967a51ce1e574e9852b20000e4b2
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977
62930ea036d5c32e44c5494f064992f80489ce53f17f5bc563d24e5641dfcd2e
721664da709158888e363cb551254e6cc3c4b06b4af5be1466c0499261c3d961
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
83a132d9141372a3c75799bd6194a5752b3db074ef77a9e9a3249ff9fbc38d23
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
9fa4f2ad709ff397d792afa42087c38ac2d13ac10ee104e557f594ffbf93a603
a1f303eeebda55b956a0a38543a044a78ec37da52823f8957cc62c522f7b36d2
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
bec4f9f92b1a1a83c36be46a4e82724612c79c231315506f65efb262abd08836
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41
ce26d1b76dae2f3b5d0ccc8d0ecd88d2edb411101b8a4c5edc4d9aa7008c9b04
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e0e43d19124c60a22fea6be28fe321d3cd96a4c26e5eb8da36729d70c836fb4e
e580866861ef53a03e486e128ad421357ce20cc66ac955d1601c9cfe2bbf3e03

staookilbainbfae.z1.web.core.windows.net Open in urlscan Pro 20.150.30.97 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

3283 kBTransfer

3275 kBSize

1 Cookies

0 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

staookilbainbfae.z1.web.core.windows.net Open in urlscan Pro
20.150.30.97 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

3283 kB
Transfer

3275 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!