urlscan.io logo urlscan.io
SecurityTrails logo

costcologisticsbilling.blob.core.windows.net Open in urlscan Pro
20.150.30.68  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://costcologisticsbilling.blob.core.windows.net/reports/invoice.html
Submission Tags: falconsandbox
Submission: On July 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 6 domains to perform 10 HTTP transactions. The main IP is 20.150.30.68, located in Phoenix, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is costcologisticsbilling.blob.core.windows.net.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 01 on May 24th 2023. Valid for: a year.
This is the only time costcologisticsbilling.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Costco (Retail)

Domain & IP information

IP Address AS Autonomous System
1 20.150.30.68 8075 (MICROSOFT...)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 170.167.103.202 11283 (COSTCO)
2 20.69.152.48 8075 (MICROSOFT...)
2 108.156.60.47 16509 (AMAZON-02)
1 20.14.96.35 8075 (MICROSOFT...)
10 8
1    20.150.30.68 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
costcologisticsbilling.blob.core.windows.net
2    2606:4700:20::681a:95b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tailwindcss.com
2    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    170.167.103.202 (United States)

ASN11283 (COSTCO, US)
PTR: login.costco.com
login.costco.com
2    20.69.152.48 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
logistics.costco.com
2    108.156.60.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-47.ams1.r.cloudfront.net
ok6static.oktacdn.com
1    20.14.96.35 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cloudmigration.westus3.cloudapp.azure.com
Apex Domain
Subdomains		 Transfer
3 costco.com
login.costco.com — Cisco Umbrella Rank: 319407
logistics.costco.com — Cisco Umbrella Rank: 894160
99 KB
2 oktacdn.com
ok6static.oktacdn.com — Cisco Umbrella Rank: 18319
13 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1037
108 KB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 72755
107 KB
1 azure.com
cloudmigration.westus3.cloudapp.azure.com
1 windows.net
costcologisticsbilling.blob.core.windows.net
13 KB
10 6
Domain Requested by
2 ok6static.oktacdn.com costcologisticsbilling.blob.core.windows.net
2 logistics.costco.com costcologisticsbilling.blob.core.windows.net
2 unpkg.com 1 redirects costcologisticsbilling.blob.core.windows.net
2 cdn.tailwindcss.com 1 redirects costcologisticsbilling.blob.core.windows.net
1 cloudmigration.westus3.cloudapp.azure.com costcologisticsbilling.blob.core.windows.net
1 login.costco.com costcologisticsbilling.blob.core.windows.net
1 costcologisticsbilling.blob.core.windows.net
10 7

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 01		 2023-05-24 -
2024-05-18		 a year crt.sh
login.costco.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-12 -
2024-06-11		 a year crt.sh
logistics.costco.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-12 -
2024-06-11		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-01-02		 a year crt.sh
cloudmigration.westus3.cloudapp.azure.com
R3		 2023-06-12 -
2023-09-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://costcologisticsbilling.blob.core.windows.net/reports/invoice.html
Frame ID: 43CB0912ACB50B5DD631CAD83039BA76
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to Costco Logistics

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

70 %
HTTPS

29 %
IPv6

6
Domains

7
Subdomains

8
IPs

1
Countries

340 kB
Transfer

934 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cdn.tailwindcss.com/ HTTP 302
  • https://cdn.tailwindcss.com/3.3.2
Request Chain 1
  • https://unpkg.com/vue@3/dist/vue.global.js HTTP 302
  • https://unpkg.com/vue@3.3.4/dist/vue.global.js

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request invoice.html
costcologisticsbilling.blob.core.windows.net/reports/ 		12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://costcologisticsbilling.blob.core.windows.net/reports/invoice.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.30.68 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f79c84926f48fb9540400b34f5e55c64965eaee458006fad72c82f79c30814f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
12514
Content-MD5
nkxNYNA9mMx8zqshgu2KZw==
Content-Type
text/html
Date
Tue, 18 Jul 2023 09:00:17 GMT
ETag
0x8DB8724B71E3F11
Last-Modified
Tue, 18 Jul 2023 00:19:56 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
6149c914-001e-0076-7a56-b92b22000000
x-ms-version
2009-09-19
3.3.2
cdn.tailwindcss.com/
Redirect Chain
  • https://cdn.tailwindcss.com/
  • https://cdn.tailwindcss.com/3.3.2
349 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tailwindcss.com/3.3.2
Requested by
Host: costcologisticsbilling.blob.core.windows.net
URL: https://costcologisticsbilling.blob.core.windows.net/reports/invoice.html
Protocol
H2
Server
2606:4700:20::681a:95b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c95bd79683ca29f1edd1735e87a50a2180cc0e73509d4c81a8ec7744a3c04650
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://costcologisticsbilling.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:00:18 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Jul 2023 12:31:43 GMT
x-vercel-id
gru1::iad1::xkk7f-1689337901547-c71b5edf2616
server
cloudflare
age
332915
x-vercel-cache
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPTuMdnDiU%2FAUmYmDZvnZ5SYNrPw70%2BeNBtaiEjw2TTV7mi44SF8V7Axgzr%2FwJQ9R3dIT5%2FkMXoZ24hHDUZhtAipvGl1i%2FBGzKq88KJ6Y6JYg8n0q5ywJ5johl1VECmEKg%2BmoNys8H87ZZjU7oYYMLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=31536000
cf-ray
7e898898ccec3738-FRA

Redirect headers

date
Tue, 18 Jul 2023 09:00:18 GMT
strict-transport-security
max-age=63072000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id
gru1::iad1::bgkkx-1689669778548-89df1a964e83
server
cloudflare
age
175
x-vercel-cache
MISS
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c90ul2oy8n%2FpS93jVywKPMi8dSwt9AXk4tpV2A2NyP%2FILLj3ehOEGS6T%2BH89btnwN%2F2mhs%2BtWhGMzwgqnnp%2Brzh%2BoG%2BTMVaoE0GKJueYobQAvDx1dP8ptuGhoMRSS0jehPAXCDOEg3Y%2FH17DSyAukUk%3D"}],"group":"cf-nel","max_age":604800}
location
/3.3.2
cache-control
max-age=14400
cf-ray
7e898898acae3738-FRA
content-length
0
vue.global.js
unpkg.com/vue@3.3.4/dist/
Redirect Chain
  • https://unpkg.com/vue@3/dist/vue.global.js
  • https://unpkg.com/vue@3.3.4/dist/vue.global.js
463 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/vue@3.3.4/dist/vue.global.js
Requested by
Host: costcologisticsbilling.blob.core.windows.net
URL: https://costcologisticsbilling.blob.core.windows.net/reports/invoice.html
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21755031dfd12b4d329ff9923ababc9dca8e61432b1223338cd63dd072326a2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://costcologisticsbilling.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:00:18 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5272069
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H0PZTBC9TXM0WB7F2K2YEP5P-fra
server
cloudflare
etag
W/"73b2c-4okjvXBLweSylyJtGUFv0c1rdFc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7e898898ac6fbba1-FRA

Redirect headers

date
Tue, 18 Jul 2023 09:00:18 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H5M3FZ5XC7RPWQFCJJQ0XAQP-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
172
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/vue@3.3.4/dist/vue.global.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7e8988988c38bba1-FRA
costco_logo_160px.png
login.costco.com/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.costco.com/assets/images/costco_logo_160px.png
Requested by
Host: costcologisticsbilling.blob.core.windows.net
URL: https://costcologisticsbilling.blob.core.windows.net/reports/invoice.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.167.103.202 , United States, ASN11283 (COSTCO, US),
Reverse DNS
login.costco.com
Software
/
Resource Hash
ec147ba6fc006244c0505530e092b3027eeb63d9998d776f125ff53a3a536bbb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://costcologisticsbilling.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 09:00:19 GMT
Strict-Transport-Security
max-age=16070400; includeSubDomains
Referrer-Policy
origin
Last-Modified
Tue, 24 Jan 2023 00:39:18 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=0, must-revalidate
Content-Length
7993
costcoLogistics_s.31f49a59.png
logistics.costco.com/static/media/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logistics.costco.com/static/media/costcoLogistics_s.31f49a59.png
Requested by
Host: costcologisticsbilling.blob.core.windows.net
URL: https://costcologisticsbilling.blob.core.windows.net/reports/invoice.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.152.48 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash
3f451f7beec59cb9a3ca8cb818b7b4f2084386ddb22ab4269cf7d45ea54929ab
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://costcologisticsbilling.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:00:19 GMT
last-modified
Fri, 07 Jul 2023 02:44:34 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux)
etag
"b21f-5ffdc9ce9a880"
x-frame-options
DENY
target-group
innovel-tracking-client-v3
content-type
image/png
accept-ranges
bytes
content-length
45599
custom-header
server-name=tracking-v3
instance
10.6.0.49 - innovel-tracking-v3
truck_costco_scheduler.043b798a.jpg
logistics.costco.com/static/media/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logistics.costco.com/static/media/truck_costco_scheduler.043b798a.jpg
Requested by
Host: costcologisticsbilling.blob.core.windows.net
URL: https://costcologisticsbilling.blob.core.windows.net/reports/invoice.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.152.48 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) /
Resource Hash
e93d06886172663a3b59fdc0ddf15b74b3b77b7b2a638920c29d67aa7e1f48c9
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://costcologisticsbilling.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 09:00:19 GMT
last-modified
Fri, 07 Jul 2023 02:40:13 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux)
etag
"b6e2-5ffdc8d5b1d40"
x-frame-options
DENY
target-group
innovel-tracking-client-v3
content-type
image/jpeg
accept-ranges
bytes
content-length
46818
custom-header
server-name=tracking-v3
instance
10.6.0.49 - innovel-tracking-v3
fs0ilqx9shqRii9Sn2p6
ok6static.oktacdn.com/fs/bco/1/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok6static.oktacdn.com/fs/bco/1/fs0ilqx9shqRii9Sn2p6
Requested by
Host: costcologisticsbilling.blob.core.windows.net
URL: https://costcologisticsbilling.blob.core.windows.net/reports/invoice.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-47.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
1cd22045cdbbf046aab1bffc23703a0b69e1205990d034a53ff56d7a4f071ac4
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://costcologisticsbilling.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 08:58:20 GMT
strict-transport-security
max-age=315360000; includeSubDomains
via
1.1 b4b344356515496fe04e908f6ee73f4e.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P2
age
119
x-cache
Hit from cloudfront
content-length
10429
last-modified
Wed, 07 Aug 2019 20:06:53 GMT
server
nginx
etag
"b98325dc6b5ee3c6f1a25e5e3fb339c0"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
5WJD9cy0P8JzrM9C2108EeLEnyn-okEN67OFooN9emOfPVnjfznapQ==
expires
Wed, 17 Jul 2024 08:58:20 GMT
default.png
ok6static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.3.1/img/security/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ok6static.oktacdn.com/assets/js/sdk/okta-signin-widget/7.3.1/img/security/default.png
Requested by
Host: costcologisticsbilling.blob.core.windows.net
URL: https://costcologisticsbilling.blob.core.windows.net/reports/invoice.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-47.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
da75c3f3ce27c081541dfb59edd7e756fefe054a9e0e976356c4b0d3778bb434
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://costcologisticsbilling.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 12:57:16 GMT
x-amz-meta-sha1sum
8db73b75bc7547a90aebd1377852ea3bf7cbc5ea
via
1.1 b4b344356515496fe04e908f6ee73f4e.cloudfront.net (CloudFront)
strict-transport-security
max-age=315360000; includeSubDomains
x-amz-cf-pop
AMS1-P2
age
1281783
x-cache
Hit from cloudfront
content-length
1800
last-modified
Wed, 22 Feb 2023 18:44:58 GMT
server
nginx
etag
"04eeeba5b3538c4524d8e6828ba2c405"
public-key-pins-report-only
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
AfLCcfkR6eB4YhajKL-6pttUhppuxOFO0pJvuaZYAe24uuGdKkYAZA==
expires
Tue, 02 Jul 2024 12:57:16 GMT
health
cloudmigration.westus3.cloudapp.azure.com/admin/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudmigration.westus3.cloudapp.azure.com/admin/health?id=null&m=invoice
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.14.96.35 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://costcologisticsbilling.blob.core.windows.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Allow
OPTIONS, GET, HEAD
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 18 Jul 2023 09:00:19 GMT
Server
nginx/1.18.0 (Ubuntu)
health
cloudmigration.westus3.cloudapp.azure.com/admin/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cloudmigration.westus3.cloudapp.azure.com
URL
https://cloudmigration.westus3.cloudapp.azure.com/admin/health?id=null&m=invoice

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Costco (Retail)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| tailwind object| Vue object| __VUE_HMR_RUNTIME__ object| devtoolsFormatters string| /template.html boolean| __VUE__ object| __VUE_DEVTOOLS_HOOK_REPLAY__

0 Cookies

2 Console Messages

Source Level URL
Text
javascript error URL: https://costcologisticsbilling.blob.core.windows.net/reports/invoice.html
Message:
Access to fetch at 'https://cloudmigration.westus3.cloudapp.azure.com/admin/health?id=null&m=invoice' from origin 'https://costcologisticsbilling.blob.core.windows.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://cloudmigration.westus3.cloudapp.azure.com/admin/health?id=null&m=invoice
Message:
Failed to load resource: net::ERR_FAILED