Report - apppdf6a24.z13.web.core.windows.net/

Report Overview

Submitted URL
apppdf6a24.z13.web.core.windows.net/
IP
20.209.75.228
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2024-05-07 21:22:32
Access
public
Website Title
apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000
Final URL
apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-07	438 B	71 kB	142.250.74.168
m03lm.rdtk.io	unknown	2019-05-20	2024-02-27	2024-04-17	462 B	234 B	85.17.54.67
plausible.io	48197	2018-12-30	2019-02-01	2024-05-07	934 B	2.8 kB	194.242.11.186
userstatics.com	unknown	2020-11-05	2020-11-06	2024-05-03	534 B	825 B	0.0.0.0
apppdf6a24.z13.web.core.windows.net	unknown	unknown	No data	No data	15 kB	1.8 MB	20.209.75.228
ocsp.usertrust.com	899	1997-12-05	2012-05-21	2024-05-06	330 B	1.0 kB	172.64.149.23

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	unknown	19 B	2023-04-10	2024-05-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23:44 Last Seen2024-05-19 12:37:31 Times Seen2659 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000	466 B	2024-04-28	2024-05-08
Pretty URL apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 IP 20.209.75.228 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 19:11:17 Last Seen2024-05-08 23:02:22 Times Seen7 Hash 0363022eea253a949d31ec54b0df8211 4768d9e9581c1a888bd0d70b10af7879c1d2419e 5001595718c30049993bdc00f916bea2b18395534b3c54fb1ef5bcce20906d2a Loading...

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000	149 B	2023-03-07	2024-05-16
Pretty URL apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 IP 20.209.75.228 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:11:16 Last Seen2024-05-16 08:28:40 Times Seen65 Hash 1ef0d42ee74ef53d1d18bbe7a2d56bf2 9db93538573e87105b0f6aa4f55147fd56e6bca7 32e8240f3e8fae863d9d2094a5319b5d9949cac1318c0379dce62c9d8feb1fff Loading...

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000	20 B	2024-04-28	2024-05-08
Pretty URL apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 IP 20.209.75.228 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 19:11:17 Last Seen2024-05-08 23:02:22 Times Seen7 Hash d8d09b4f9db42424f4ab1945762a0c9e f6b880665843ea8693ace0c638335d46d250fe59 3a974176b7bf1ae8a35019bc21ce6ffbbf395a7c9e259b2ac7968c78efce9d13 Loading...

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/bootstrap.min.js	60 kB	2023-03-07	2024-05-19
Pretty URL apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/bootstrap.min.js IP 20.209.75.228 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2024-05-19 15:44:21 Times Seen7670 Hash 02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-19
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 18:01:41 Times Seen350246 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/main.js	1.4 kB	2024-03-03	2024-05-16
Pretty URL apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/main.js IP 20.209.75.228 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-03 07:45:36 Last Seen2024-05-16 07:57:43 Times Seen54 Hash da6aacc1ca8eaa4902d9fee5c9c984b7 a06f41817583ce6182dd7121460c0bd16ea8b088 989120d05b8f3d703fd6e63b49b94845d7e038d536dd27723619e1f00623683f Loading...

	userstatics.com/get/script.js?referrer=https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000	133 B	2023-11-04	2024-05-19
Pretty URL userstatics.com/get/script.js?referrer=https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-04 00:48:23 Last Seen2024-05-19 17:32:01 Times Seen1013 Hash fea7fbf2c619fd4b7716fcaa64070c6c f192732937981a26f526b7c1293a2ae13bc59a22 df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26 Loading...

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/scripts.js	464 B	2024-03-03	2024-05-16
Pretty URL apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/scripts.js IP 20.209.75.228 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-03 07:45:37 Last Seen2024-05-16 07:57:43 Times Seen61 Hash 2856b9008b89d67be19d586e43ae8521 d47ac3f1328fb58b19584d77d2e3acc93663fb10 19e9aaa12f8478366b3707ff49b0e3cfc4818f9343b48f5d43890c943d1b1a3d Loading...

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000	246 B	2023-08-26	2024-05-18
Pretty URL apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 IP 20.209.75.228 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45:17 Last Seen2024-05-18 12:51:18 Times Seen332 Hash 9ec45c98de528138d873351ee3004c1c be9c6a2c15144063bf95641ec4215a06199b4f5d 28bcb0154baedf9de9f39772f0e45b0c4d88d2e4a951fbd8b4234ea31bd9872a Loading...

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000	73 B	2023-08-26	2024-05-18
Pretty URL apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 IP 20.209.75.228 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45:18 Last Seen2024-05-18 12:51:18 Times Seen320 Hash cd05d2ea6e1e26930fe1232ce0f4709f 1e411c92606c409da1deff96d681bc7c03c3ad35 1515e9dededc6a4e090e8e60a43d98dcc6a44b5f6a8f146244c4e49b5f73f945 Loading...

	plausible.io/js/script.js	1.3 kB	2023-05-22	2024-05-19
Pretty URL plausible.io/js/script.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 17:22:24 Last Seen2024-05-19 17:46:25 Times Seen3588 Hash abd4e2373b2e8c4dac2e80159641c5f1 e273656e58ca934d873204e68dd35670fde657ed 021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94 Loading...

	www.googletagmanager.com/gtag/js?id=UA-xxx-x	195 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-xxx-x IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 23:22:39 Last Seen2024-05-07 23:22:39 Times Seen2 Hash b28ddd7dc944a265fe1248d23ceb2ecc dd45164da88efcb2531622123460811d4bcb8531 113a5131ca91bf36e17b9aec6c9f214ade76ba787223b423771ad44145641ffe Loading...

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/sandbox%20eval%20code	147 B	2023-04-11	2024-05-19
Pretty URL apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 18:01:39 Times Seen350762 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/jquery.min.js	85 kB	2023-12-11	2024-05-16
Pretty URL apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/jquery.min.js IP 20.209.75.228 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-11 03:59:36 Last Seen2024-05-16 07:57:44 Times Seen114 Hash 20c129bedb4a26db02fc0f54d026c3f5 093b9d2728788de24a728742070a348b2848573f 436ecc90fab5ed1034b68a4a0e924e0132d93d9e7fb59b4fe23018eb7d9242c1 Loading...

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000	90 B	2023-05-13	2024-05-18
Pretty URL apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 IP 20.209.75.228 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-13 00:31:26 Last Seen2024-05-18 12:51:18 Times Seen343 Hash e549f355ec9b013498cee4479b6c1734 ee702e014a1491972cf45f03d601a4cb1d722e2d 70fcad8ae74a4d5b135d85561562a134705ee5f42437d6a82dde5c1e6eb7f9d4 Loading...

		Size	First Seen	Last Seen
	#1 Write - 94c0b79cb5a08b343f1d59dbf317f7c6	15 B	2024-04-28	2024-05-07
Pretty Observations First Seen2024-04-28 19:11:18 Last Seen2024-05-07 23:22:39 Times Seen4 Hash 94c0b79cb5a08b343f1d59dbf317f7c6 a54fa26258d4bf8845f1ffa534c58dd8c97ed3ed 9eccf548bb08ab929bf11f140e35458e6fc808a2e74962caf6458c3135b24deb Loading...

HTTP Transactions (33)

	URL	IP	Response	Size
	apppdf6a24.z13.web.core.windows.net/	20.209.75.228		3.0 kB
URL apppdf6a24.z13.web.core.windows.net/ IP 20.209.75.228:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type JavaScript source, ASCII text Size 3.0 kB (3018 bytes) Hash 0f5442f1f0c4b9a93fb775764dde5fa7 7bfaae646de7f121a46d13c831864b79d6b1bd20 555051e1c2449af86f8c5fd39a33aa1a15e2426216abe49d0d929299ab81fa85 HTTP Headers `GET / HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Length: 3018 Content-Type: text/html Content-MD5: D1RC8fDEuak/t3V2Td5fpw== Last-Modified: Mon, 06 May 2024 12:15:55 GMT Accept-Ranges: bytes ETag: "0x8DC6DC647DC27B4" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: d4aa7135-a01e-0013-3dc4-a0adb7000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:06 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000	20.209.75.228	200 OK	23 kB
URL User Request GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (604) Size 23 kB (22736 bytes) Hash 0f12f0e84c90f49cbd43bd5d90a50ee8 706bad28e2d1ead77a582ebd6de6a01f61db4ef6 50c595b8132393c02b7aecfbee0416953ed74b4d73cb8fc6855a9be1f95adc9d HTTP Headers GET /Win0security-helpline07/index.html?ph0n=+1-000-000-0000 HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 22736 Content-Type: text/html Content-MD5: DxLw6EyQ9Jy9Q71dkKUO6A== Last-Modified: Mon, 06 May 2024 12:15:55 GMT Accept-Ranges: bytes ETag: "0x8DC6DC647DB8C1D" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: d4aa734c-a01e-0013-2ec4-a0adb7000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:06 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/css/styles.css	20.209.75.228	200 OK	9.0 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/css/styles.css IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type assembler source, ASCII text, with very long lines (1266) Size 9.0 kB (8998 bytes) Hash 6ef2560453a7b6bff8ea7ec4265a9816 1ed7044a0579bb751b10ba7353a36e9d208c659e a072681ff11d60e33eb625e1d75e828542f80c9362d905c3eb9626063e27b4cc HTTP Headers GET /Win0security-helpline07/css/styles.css HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 8998 Content-Type: text/css Content-MD5: bvJWBFOntr/46n7EJlqYFg== Last-Modified: Mon, 06 May 2024 12:15:57 GMT Accept-Ranges: bytes ETag: "0x8DC6DC648F168FB" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: d4aa7404-a01e-0013-4cc4-a0adb7000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:06 GMT`

	ocsp.usertrust.com/	172.64.149.23		472 B
URL ocsp.usertrust.com/ IP 172.64.149.23:0 ASN #13335 CLOUDFLARENET File type data Size 472 B (472 bytes) Hash 755cc3e26b37895db00507a7d0d0f8e3 58e39d959da55848c7f1fa7cd827f375ccf18ca1 0a0ad89649dcc19742cc3ba123ea2440f86844e2510e6382dc46206fdf1cdefb HTTP Headers `POST / HTTP/1.1 Host: ocsp.usertrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Tue, 07 May 2024 21:22:07 GMT Content-Type: application/ocsp-response Content-Length: 472 Connection: keep-alive Last-Modified: Tue, 07 May 2024 17:27:49 GMT Expires: Tue, 14 May 2024 17:27:48 GMT Etag: "58e39d959da55848c7f1fa7cd827f375ccf18ca1" Cache-Control: max-age=603426,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: HIT Age: 958 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 8804437b7c7856cb-OSL

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/css/font-awesome.min.css	20.209.75.228	200 OK	27 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/css/font-awesome.min.css IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type ASCII text, with very long lines (27265) Size 27 kB (27428 bytes) Hash fd1609eb97e739683acf23120fd6f6c9 19b2e83fe8df09b85e74835c398aefee816bdfcb ce26d1b76dae2f3b5d0ccc8d0ecd88d2edb411101b8a4c5edc4d9aa7008c9b04 HTTP Headers GET /Win0security-helpline07/css/font-awesome.min.css HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 27428 Content-Type: text/css Content-MD5: /RYJ65fnOWg6zyMSD9b2yQ== Last-Modified: Mon, 06 May 2024 12:15:57 GMT Accept-Ranges: bytes ETag: "0x8DC6DC648F0CD5B" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: d4aa7472-a01e-0013-2fc4-a0adb7000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:06 GMT`

	www.googletagmanager.com/gtag/js?id=UA-xxx-x	142.250.74.168	200 OK	71 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-xxx-x IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT File type JavaScript source, ASCII text, with very long lines (1822) Size 71 kB (70759 bytes) Hash b28ddd7dc944a265fe1248d23ceb2ecc dd45164da88efcb2531622123460811d4bcb8531 113a5131ca91bf36e17b9aec6c9f214ade76ba787223b423771ad44145641ffe HTTP Headers `GET /gtag/js?id=UA-xxx-x HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Tue, 07 May 2024 21:22:07 GMT expires: Tue, 07 May 2024 21:22:07 GMT cache-control: private, max-age=900 last-modified: Tue, 07 May 2024 21:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 70759 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	m03lm.rdtk.io/postback?format=img&sum={replace}	85.17.54.67	400 Bad Request	73 B
URL GET HTTP/1.1 m03lm.rdtk.io/postback?format=img&sum={replace} IP 85.17.54.67:443 ASN #60781 LeaseWeb Netherlands B.V. Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerGoGetSSL Subject.rdtk.io Fingerprint3F:B8:3B:F6:C3:51:99:DC:0C:C4:BD:84:8C:14:9D:BA:06:6F:F8:9F ValidityWed, 19 Jul 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT File type JSON text data Size 73 B (73 bytes) Hash 6742622fd8c56312fdeefb1afae72019 f060d7d23c7fbc50993bbf1d4980c0908acfa3e8 68399ccccc0b28cf635b2065f20e239ddbb33cc3a2e755879259e0ab23765795 HTTP Headers `GET /postback?format=img&sum={replace} HTTP/1.1 Host: m03lm.rdtk.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 400 Bad Request Server: nginx/1.20.2 Date: Tue, 07 May 2024 21:22:07 GMT Content-Type: application/json Content-Length: 73 Connection: keep-alive`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/minimize.jpg	20.209.75.228	200 OK	17 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/minimize.jpg IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=39, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=180], baseline, precision 8, 180x39, components 3 Size 17 kB (17173 bytes) Hash 4bf52eb9b3efce840add1a90d83a40e5 6348a7617dfce3165e07af53a48df7892d62ffe1 a85f1e749a829c5c909837844c6b53ce0a9ae2adb7c8eac0e7b96c372c679a0d HTTP Headers GET /Win0security-helpline07/images/minimize.jpg HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 17173 Content-Type: image/jpeg Content-MD5: S/UuubPvzoQK3RqQ2DpA5Q== Last-Modified: Mon, 06 May 2024 12:15:58 GMT Accept-Ranges: bytes ETag: "0x8DC6DC6494AE41D" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: d4aa74e4-a01e-0013-1bc4-a0adb7000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:06 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/main.js	20.209.75.228	200 OK	1.4 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/main.js IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 1.4 kB (1358 bytes) Hash da6aacc1ca8eaa4902d9fee5c9c984b7 a06f41817583ce6182dd7121460c0bd16ea8b088 989120d05b8f3d703fd6e63b49b94845d7e038d536dd27723619e1f00623683f HTTP Headers GET /Win0security-helpline07/js/main.js HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 1358 Content-Type: text/javascript Content-MD5: 2mqswcqOqkkC2f7lycmEtw== Last-Modified: Mon, 06 May 2024 12:15:59 GMT Accept-Ranges: bytes ETag: "0x8DC6DC64A47FD87" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: f68c79d4-e01e-0060-7fc4-a0f524000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:06 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/scripts.js	20.209.75.228	200 OK	464 B
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/scripts.js IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type JavaScript source, ASCII text Size 464 B (464 bytes) Hash 2856b9008b89d67be19d586e43ae8521 d47ac3f1328fb58b19584d77d2e3acc93663fb10 19e9aaa12f8478366b3707ff49b0e3cfc4818f9343b48f5d43890c943d1b1a3d HTTP Headers GET /Win0security-helpline07/js/scripts.js HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 464 Content-Type: text/javascript Content-MD5: KFa5AIuJ1nvhnVhuQ66FIQ== Last-Modified: Mon, 06 May 2024 12:16:00 GMT Accept-Ranges: bytes ETag: "0x8DC6DC64A89C59F" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 2b33f78f-c01e-003a-75c4-a093c3000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/kxFy-clip.png	20.209.75.228	200 OK	542 B
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/kxFy-clip.png IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type PNG image data, 66 x 68, 8-bit colormap, non-interlaced Size 542 B (542 bytes) Hash 0e9558d2d6e8000ce5c6c749c8fc67c2 f7ba9490807ef70bb6195150d6287cd54b7fefd0 91fb42a68a122344fd78cfd5f0cf9d06ff6d307fd4a5c68f40231c5950ece9a1 HTTP Headers GET /Win0security-helpline07/images/kxFy-clip.png HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 542 Content-Type: image/png Content-MD5: DpVY0tboAAzlxsdJyPxnwg== Last-Modified: Mon, 06 May 2024 12:15:59 GMT Accept-Ranges: bytes ETag: "0x8DC6DC64A32DF95" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: f5c5ebb4-701e-0000-77c4-a089bb000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:06 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/qsbs-firewall.png	20.209.75.228	200 OK	920 B
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/qsbs-firewall.png IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type PNG image data, 77 x 63, 8-bit colormap, non-interlaced Size 920 B (920 bytes) Hash b0495ede4c875843fec037c794e9ff9a c813aefba255a5cc53aea7811f987ccb551c3128 52b762d47c066e16300675d56cc359b504ffd3239438c96eb973864311bb7b79 HTTP Headers GET /Win0security-helpline07/images/qsbs-firewall.png HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 920 Content-Type: image/png Content-MD5: sEle3kyHWEP+wDfHlOn/mg== Last-Modified: Mon, 06 May 2024 12:15:58 GMT Accept-Ranges: bytes ETag: "0x8DC6DC6494F2513" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: d4aa756e-a01e-0013-1dc4-a0adb7000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/bootstrap.min.js	20.209.75.228	200 OK	60 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/bootstrap.min.js IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type JavaScript source, ASCII text, with very long lines (59765) Size 60 kB (60044 bytes) Hash 02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 HTTP Headers GET /Win0security-helpline07/js/bootstrap.min.js HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 60044 Content-Type: text/javascript Content-MD5: AtIjOT4AwnPv3LGt6PT4sQ== Last-Modified: Mon, 06 May 2024 12:15:59 GMT Accept-Ranges: bytes ETag: "0x8DC6DC64A414E50" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: a4260fb2-e01e-005f-78c4-a03d87000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/microsoft.png	20.209.75.228	200 OK	1.0 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/microsoft.png IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced Size 1.0 kB (1045 bytes) Hash bf2b460590fbb9d8e9611a6e9006b816 561e1dab259d61e798b3ce380527b71b61074ff3 ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03 HTTP Headers GET /Win0security-helpline07/images/microsoft.png HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 1045 Content-Type: image/png Content-MD5: vytGBZD7udjpYRpukAa4Fg== Last-Modified: Mon, 06 May 2024 12:15:58 GMT Accept-Ranges: bytes ETag: "0x8DC6DC64992E6B1" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: f5c5ec1c-701e-0000-4fc4-a089bb000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/jquery.min.js	20.209.75.228	200 OK	85 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/js/jquery.min.js IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type JavaScript source, ASCII text, with very long lines (32478) Size 85 kB (84817 bytes) Hash 20c129bedb4a26db02fc0f54d026c3f5 093b9d2728788de24a728742070a348b2848573f 436ecc90fab5ed1034b68a4a0e924e0132d93d9e7fb59b4fe23018eb7d9242c1 HTTP Headers GET /Win0security-helpline07/js/jquery.min.js HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 84817 Content-Type: text/javascript Content-MD5: IMEpvttKJtsC/A9U0CbD9Q== Last-Modified: Mon, 06 May 2024 12:15:59 GMT Accept-Ranges: bytes ETag: "0x8DC6DC64A41C2FF" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 7cb17012-301e-004c-7ac4-a0198b000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/media/speech.mp3	20.209.75.228	416 The range specified is invalid for the current size of the resource.	340 B
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/media/speech.mp3 IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type HTML document, ASCII text, with very long lines (340), with no line terminators Size 340 B (340 bytes) Hash 341228120a3fd695979bbabea359006b 86c6ac7d4b5b48032924aa57f9c99c26145a0d6c 4493f093264c1306c9a839ec83f779b6a093510ce2871b043239e102b093f467 HTTP Headers GET /Win0security-helpline07/media/speech.mp3 HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 416 The range specified is invalid for the current size of the resource. Content-Length: 340 Content-Type: text/html Content-Range: bytes /0 Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-error-code: InvalidRange x-ms-request-id: a426106d-e01e-005f-28c4-a03d87000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/s-S4-acc.png	20.209.75.228	200 OK	813 B
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/s-S4-acc.png IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type PNG image data, 77 x 72, 8-bit colormap, non-interlaced Size 813 B (813 bytes) Hash d648c1837d01495eccd63e053491f72a 991d8f6c72777239472410d6129fd5f25ed9d134 9edbf56b360080f5d6765dce77353b8130e9f8316ad34c68f6c2792cdc446321 HTTP Headers GET /Win0security-helpline07/images/s-S4-acc.png HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 813 Content-Type: image/png Content-MD5: 1kjBg30BSV7M1j4FNJH3Kg== Last-Modified: Mon, 06 May 2024 12:15:59 GMT Accept-Ranges: bytes ETag: "0x8DC6DC64A304A7D" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: f5c5ec62-701e-0000-14c4-a089bb000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/Z5BR-network.png	20.209.75.228	200 OK	607 B
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/Z5BR-network.png IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type PNG image data, 63 x 70, 8-bit colormap, non-interlaced Size 607 B (607 bytes) Hash 2cd03a547f00cad010f9038619df45de 912f919836a77a514c76b990aceaf5e930a24024 c56a8ae4818963e0d71eda4ebf46b4f2cdd3a238537dc8e99711fb690d272a73 HTTP Headers GET /Win0security-helpline07/images/Z5BR-network.png HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 607 Content-Type: image/png Content-MD5: LNA6VH8AytAQ+QOGGd9F3g== Last-Modified: Mon, 06 May 2024 12:15:57 GMT Accept-Ranges: bytes ETag: "0x8DC6DC648EE5F23" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 7cb171aa-301e-004c-7bc4-a0198b000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	plausible.io/api/event	194.242.11.186	202 Accepted	2 B
URL POST HTTP/2 plausible.io/api/event IP 194.242.11.186:443 ASN #34989 ServeTheWorld AS Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerLet's Encrypt Subjectplausible.io FingerprintAD:0F:7D:DD:AB:46:B3:42:B1:97:57:A4:EB:88:19:D6:08:6A:AD:65 ValidityTue, 23 Apr 2024 07:08:31 GMT - Mon, 22 Jul 2024 07:08:30 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash 444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df HTTP Headers `POST /api/event HTTP/1.1 Host: plausible.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 185 Origin: https://apppdf6a24.z13.web.core.windows.net DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 202 Accepted date: Tue, 07 May 2024 21:22:07 GMT content-type: text/plain; charset=utf-8 content-length: 2 server: BunnyCDN-NO1-830 cdn-pullzone: 682664 cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254 cdn-requestcountrycode: NO access-control-allow-credentials: true access-control-allow-origin: * alt-svc: h3=":443"; ma=2592000 cache-control: must-revalidate, max-age=0, private application: 10.0.0.3 permissions-policy: interest-cohort=() x-request-id: F81RwjswqGAite8Lleqo cdn-proxyver: 1.04 cdn-requestpullsuccess: True cdn-requestpullcode: 202 cdn-cachedat: 05/07/2024 21:22:07 cdn-edgestorageid: 830 cdn-requestid: 44d92903ba2770c9d3fb2c83071e3bfc X-Firefox-Spdy: h2

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/uZbx-si.png	20.209.75.228	200 OK	5.4 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/uZbx-si.png IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type PNG image data, 42 x 702, 8-bit grayscale, non-interlaced Size 5.4 kB (5377 bytes) Hash 51147eb9734c3c0caf22aa77a80d96f0 dc33807cd0c0c35bb98d8e23efe2d625137a43f5 92d8510869b3d581401a93130fa72e4b54c5bf28dc8005994c5248d9afbfc37b HTTP Headers GET /Win0security-helpline07/images/uZbx-si.png HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 5377 Content-Type: image/png Content-MD5: URR+uXNMPAyvIqp3qA2W8A== Last-Modified: Mon, 06 May 2024 12:15:59 GMT Accept-Ranges: bytes ETag: "0x8DC6DC649EF929E" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: a426110a-e01e-005f-2ec4-a03d87000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/nOxp-sett.png	20.209.75.228	200 OK	463 B
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/nOxp-sett.png IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type PNG image data, 33 x 31, 8-bit colormap, non-interlaced Size 463 B (463 bytes) Hash 905d91c276116928fa306ea732723fa9 092604f6a8786e46a7dee06065d29d2896fcf568 9cffd13c2ce05ebe032709a88fa59504e1218a12b175ec40d5aab280c18be51e HTTP Headers GET /Win0security-helpline07/images/nOxp-sett.png HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 463 Content-Type: image/png Content-MD5: kF2RwnYRaSj6MG6nMnI/qQ== Last-Modified: Mon, 06 May 2024 12:15:58 GMT Accept-Ranges: bytes ETag: "0x8DC6DC6499C2B20" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: f5c5ecc5-701e-0000-6fc4-a089bb000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/fonts/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2	20.209.75.228	200 OK	22 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/fonts/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type Web Open Font Format (Version 2), TrueType, length 21716, version 1.0 Size 22 kB (21716 bytes) Hash d4ff90db5da894c833f356f47a16e408 30606044507d81b996c992895ab16b8a8d68be97 f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7 HTTP Headers GET /Win0security-helpline07/fonts/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Cookie: PHPREFS=full Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 21716 Content-Type: application/octet-stream Content-MD5: 1P+Q212olMgz81b0ehbkCA== Last-Modified: Mon, 06 May 2024 12:16:02 GMT Accept-Ranges: bytes ETag: "0x8DC6DC64BCD0F08" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 7cb1722a-301e-004c-75c4-a0198b000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/-EBq-current.png	20.209.75.228	200 OK	1.2 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/-EBq-current.png IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type PNG image data, 27 x 28, 8-bit colormap, non-interlaced Size 1.2 kB (1162 bytes) Hash 35629cc2adc804353a548305f1217206 cda6e89c5f6a644683aea6999a5d11e00dc64275 c1d52e31f7fc13cbb3efca8b0ec937ddd97a5ec545c4dad26193429db10d8662 HTTP Headers GET /Win0security-helpline07/images/-EBq-current.png HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 1162 Content-Type: image/png Content-MD5: NWKcwq3IBDU6VIMF8SFyBg== Last-Modified: Mon, 06 May 2024 12:15:58 GMT Accept-Ranges: bytes ETag: "0x8DC6DC649484EF6" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: a4261196-e01e-005f-2bc4-a03d87000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/re.gif	20.209.75.228	200 OK	15 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/re.gif IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type GIF image data, version 89a, 193 x 71 Size 15 kB (14751 bytes) Hash 6fcb78e0cd7933a70eea2cf071f82118 70364bffd62fe33360abe70ecc7f7c0541b3b54c 4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86 HTTP Headers GET /Win0security-helpline07/images/re.gif HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 14751 Content-Type: image/gif Content-MD5: b8t44M15M6cO6izwcfghGA== Last-Modified: Mon, 06 May 2024 12:15:59 GMT Accept-Ranges: bytes ETag: "0x8DC6DC649EFE067" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 7cb172b4-301e-004c-73c4-a0198b000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/_Fm7-alert.mp3	20.209.75.228	404 The requested content does not exist.	321 B
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/_Fm7-alert.mp3 IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type HTML document, ASCII text, with very long lines (321), with no line terminators Size 321 B (321 bytes) Hash 8caf797e1fac5741c985745263ea7ffd 2d4078eaa551d33ab13e0b70d64011f5d07c0f51 93021e6151e46d30327e607db58757c62e1bdc736d7d088e5a45140d6854e396 HTTP Headers GET /Win0security-helpline07/_Fm7-alert.mp3 HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/*;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Cookie: PHPREFS=full Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 404 The requested content does not exist. Content-Length: 321 Content-Type: text/html Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-error-code: WebContentNotFound x-ms-request-id: d4aa7756-a01e-0013-5fc4-a0adb7000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/bg1.jpg	20.209.75.228	200 OK	463 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/bg1.jpg IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type PNG image data, 1920 x 4340, 8-bit colormap, non-interlaced Size 463 kB (462770 bytes) Hash ab996ed3b126f2b5f0c1f214b96afe7a 77223f12976d20e06058fe40040e261bd5688f39 4eaf7b7f53ea1a27a22bae168f560d9dc78dc2e2185162be9ee4db59e1e1065a HTTP Headers GET /Win0security-helpline07/images/bg1.jpg HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 462770 Content-Type: image/jpeg Content-MD5: q5lu07Em8rXwwfIUuWr+eg== Last-Modified: Mon, 06 May 2024 12:15:58 GMT Accept-Ranges: bytes ETag: "0x8DC6DC649D54A64" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: f68c7a87-e01e-0060-29c4-a0f524000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:06 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/bg2.jpg	20.209.75.228	200 OK	463 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/bg2.jpg IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type PNG image data, 1920 x 4340, 8-bit colormap, non-interlaced Size 463 kB (462770 bytes) Hash ab996ed3b126f2b5f0c1f214b96afe7a 77223f12976d20e06058fe40040e261bd5688f39 4eaf7b7f53ea1a27a22bae168f560d9dc78dc2e2185162be9ee4db59e1e1065a HTTP Headers GET /Win0security-helpline07/images/bg2.jpg HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 462770 Content-Type: image/jpeg Content-MD5: q5lu07Em8rXwwfIUuWr+eg== Last-Modified: Mon, 06 May 2024 12:15:59 GMT Accept-Ranges: bytes ETag: "0x8DC6DC649EED027" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 2b33f82a-c01e-003a-0ac4-a093c3000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/microsoft.png	20.209.75.228	200 OK	1.0 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/microsoft.png IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced Size 1.0 kB (1045 bytes) Hash bf2b460590fbb9d8e9611a6e9006b816 561e1dab259d61e798b3ce380527b71b61074ff3 ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03 HTTP Headers GET /Win0security-helpline07/images/microsoft.png HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Cookie: PHPREFS=full Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 1045 Content-Type: image/png Content-MD5: vytGBZD7udjpYRpukAa4Fg== Last-Modified: Mon, 06 May 2024 12:15:58 GMT Accept-Ranges: bytes ETag: "0x8DC6DC64992E6B1" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: f68c801a-e01e-0060-77c4-a0f524000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/cross.png	20.209.75.228	200 OK	386 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/images/cross.png IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type PNG image data, 2080 x 2080, 8-bit/color RGBA, non-interlaced Size 386 kB (386359 bytes) Hash be42ad7752720327d28bf52dbdbb64c2 f4cce31b9236319aa9c87fee038638d1de12c07d c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868 HTTP Headers GET /Win0security-helpline07/images/cross.png HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 386359 Content-Type: image/png Content-MD5: vkKtd1JyAyfSi/Utvbtkwg== Last-Modified: Mon, 06 May 2024 12:15:59 GMT Accept-Ranges: bytes ETag: "0x8DC6DC649E51711" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: f5c5ed0a-701e-0000-2fc4-a089bb000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/fonts/fontawesome-webfont.woff2	20.209.75.228	200 OK	67 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/fonts/fontawesome-webfont.woff2 IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262 Size 67 kB (66624 bytes) Hash db812d8a70a4e88e888744c1c9a27e89 638c652d623280a58144f93e7b552c66d1667a11 ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995 HTTP Headers GET /Win0security-helpline07/fonts/fontawesome-webfont.woff2 HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/css/font-awesome.min.css Cookie: PHPREFS=full Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 66624 Content-Type: application/octet-stream Content-MD5: 24EtinCk6I6Ih0TByaJ+iQ== Last-Modified: Mon, 06 May 2024 12:16:01 GMT Accept-Ranges: bytes ETag: "0x8DC6DC64B8E29D6" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 2b340077-c01e-003a-5bc4-a093c3000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:08 GMT`

	plausible.io/js/script.js	194.242.11.186	200 OK	1.3 kB
URL GET HTTP/2 plausible.io/js/script.js IP 194.242.11.186:443 ASN #34989 ServeTheWorld AS Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerLet's Encrypt Subjectplausible.io FingerprintAD:0F:7D:DD:AB:46:B3:42:B1:97:57:A4:EB:88:19:D6:08:6A:AD:65 ValidityTue, 23 Apr 2024 07:08:31 GMT - Mon, 22 Jul 2024 07:08:30 GMT File type ASCII text, with very long lines (1384), with no line terminators Size 1.3 kB (1346 bytes) Hash 16cfd1982a40489c41a52add24d36b85 344f1896d895c5d0a7c4caecafcf1942603cd026 72073aacecd145e525b16c4c845c07bff5798e813eeed702dff748a18b6186ce HTTP Headers `GET /js/script.js HTTP/1.1 Host: plausible.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 07 May 2024 21:22:07 GMT content-type: application/javascript server: BunnyCDN-NO1-830 cdn-pullzone: 682664 cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254 cdn-requestcountrycode: NO vary: Accept-Encoding, Accept-Encoding access-control-allow-origin: * alt-svc: h3=":443"; ma=2592000 cache-control: public, must-revalidate, max-age=86400 application: 10.0.1.5 cross-origin-resource-policy: cross-origin permissions-policy: interest-cohort=() x-content-type-options: nosniff cdn-proxyver: 1.04 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cdn-cachedat: 05/07/2024 07:14:52 cdn-edgestorageid: 830 cdn-status: 200 cdn-requestid: 5a7e01d436b55be2a0c0309e7e2ce714 cdn-cache: HIT content-encoding: br X-Firefox-Spdy: h2

	userstatics.com/get/script.js?referrer=https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000	0.0.0.0		0 B
URL GET userstatics.com/get/script.js?referrer=https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 IP 0.0.0.0:0 ASN #0 Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerLet's Encrypt Subjectuserstatics.com FingerprintAB:62:24:6D:5D:BB:D9:D8:00:B7:CB:47:DD:7C:74:69:C8:48:16:49 ValidityThu, 28 Mar 2024 13:34:23 GMT - Wed, 26 Jun 2024 13:34:22 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /get/script.js?referrer=https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 HTTP/1.1 Host: userstatics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 07 May 2024 21:22:08 GMT content-type: text/html; charset=utf-8 x-powered-by: PHP/8.2.1 access-control-allow-origin: https://apppdf6a24.z13.web.core.windows.net access-control-allow-methods: GET, POST access-control-allow-headers: X-Requested-With,content-type access-control-allow-credentials: true cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OuFJP8KO7i20tDopIc1Vdn0BrlYHkkhHU6zQuYl9p41oYqhVB0eytkM6NADq3SeeRWeUaAIyZ418GrMETSwuKOiiFmfSzkFOYujBjKSOZgkshdv3FjS5pwQoUDvQHWzgTpQ%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 88044384ccecb518-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/media/_Fm7-alert.mp3	20.209.75.228	206 Partial Content	98 kB
URL GET HTTP/1.1 apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/media/_Fm7-alert.mp3 IP 20.209.75.228:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net Fingerprint54:43:8D:1A:A6:8E:68:66:C7:8B:9F:B9:ED:26:B9:8F:B5:62:EF:24 ValidityFri, 05 Apr 2024 04:00:06 GMT - Mon, 31 Mar 2025 04:00:06 GMT File type Audio file with ID3 version 2.3.0, contains: - MPEG ADTS, layer III, v2, 64 kbps, 22.05 kHz, Monaural Size 98 kB (97918 bytes) Hash 448d23e86bb5f6511b680adbc990f103 db99a5cd7515d01b6753ac06d1f8db3d0def7d45 6e3690281e85672da4c9e01c053ee4d72500539ddb0a76865d65acdf5fe76e66 HTTP Headers GET /Win0security-helpline07/media/_Fm7-alert.mp3 HTTP/1.1 Host: apppdf6a24.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/*;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Referer: https://apppdf6a24.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=+1-000-000-0000 Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 206 Partial Content Content-Length: 200832 Content-Type: audio/mpeg Content-Range: bytes 0-200831/200832 Last-Modified: Mon, 06 May 2024 12:16:04 GMT Accept-Ranges: bytes ETag: "0x8DC6DC64CF48B32" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: d4aa75eb-a01e-0013-11c4-a0adb7000000 x-ms-version: 2018-03-28 Date: Tue, 07 May 2024 21:22:07 GMT`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL