| bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] | 20.60.248.68 | 200 OK | 14 kB |
URL User Request GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typeHTML document, Unicode text, UTF-8 text Hashb4ffdd1607fdff4953287bdfe31d5a49 d70d263c6de5054b3f030c1a60fabbc6c3872c37 c0f96ab7aeaf4e6b22150fd1ab16dee23f8209e3fa30b0c3109fca095a53711d
GET /?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 14042
Content-Type: text/html
Content-MD5: tP/dFgf9/0lTKHvf4x1aSQ==
Last-Modified: Fri, 10 May 2024 03:44:55 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A38EB8CF98"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4a439b37-701e-00b5-6094-a26b1e000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:51 GMT
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js | 142.250.74.170 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP142.250.74.170:443
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32061) Hashe40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 23:24:50 GMT
expires: Fri, 09 May 2025 23:24:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 19262
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bhftrrrrere.z11.web.core.windows.net/styles/style-browser-reset.css | 20.60.248.68 | 200 OK | 7.0 kB |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/styles/style-browser-reset.css IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
Hash6e6f1a0825d8e991c9425026368b5dfc 1c4098af50ba750231d8eaf563aa9550e9500690 6958062d752bd84b03a4389d5caccd7765ba55ecaaf5fff5208c1707931728dc
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /styles/style-browser-reset.css HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 6958
Content-Type: text/css
Content-MD5: bm8aCCXY6ZHJQlAmNotd/A==
Last-Modified: Fri, 10 May 2024 03:44:58 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A390A785D9"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4a439cf6-701e-00b5-6b94-a26b1e000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:51 GMT
|
|
| www.googletagmanager.com/gtag/js?id=UA-176875146-1 | 142.250.74.72 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-176875146-1 IP142.250.74.72:443
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash93ced5682c28e7d40e779f9f6ce93760 5bda9a8489d6f6b72ce296b95bcb74e9bdf31c0d f9c3a1f6dd5e60899d656f8abb612cc7fa8ab7d41e8a10c348a2e2924535c0bd
GET /gtag/js?id=UA-176875146-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 04:45:52 GMT
expires: Fri, 10 May 2024 04:45:52 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bhftrrrrere.z11.web.core.windows.net/styles/ss.css | 20.60.248.68 | 200 OK | 23 kB |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/styles/ss.css IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typeASCII text, with very long lines (10746) Hashb8d6c24aeae1c725fa315493f8285d4f e273cf0177edb070812b963acfb84315dab882da ef6cbf8944fc1b8d265839051dfe511a249f95ca1bffdb1624c8f3df6201a6c5
GET /styles/ss.css HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 22900
Content-Type: text/css
Content-MD5: uNbCSurhxyX6MVST+ChdTw==
Last-Modified: Fri, 10 May 2024 03:44:58 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A39057C3D5"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fe8fcad8-501e-0079-6594-a20428000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:51 GMT
|
|
| www.googletagmanager.com/gtag/js?id=G-9JLZ2BGNP7&l=dataLayer&cx=c | 142.250.74.72 | 200 OK | 90 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-9JLZ2BGNP7&l=dataLayer&cx=c IP142.250.74.72:443
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash492c75e4022458234352e7a4b197b998 3318cbe6062d1e04b9aa1da17471061b206b476a ce3fcaf5acf41cccc039979c93ec7db02c82b0823e0d75cacecae1284dd1dea4
GET /gtag/js?id=G-9JLZ2BGNP7&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 04:45:53 GMT
expires: Fri, 10 May 2024 04:45:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90479
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bhftrrrrere.z11.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:38:02 GMT
expires: Fri, 09 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 94071
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bhftrrrrere.z11.web.core.windows.net/images/image5.png | 20.60.248.68 | 200 OK | 465 B |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/images/image5.png IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typePNG image data, 74 x 74, 8-bit/color RGBA, non-interlaced Hash589b99962054369d67ea1d275036c643 09cd975587a064b882e39bbd9f40eb6b46bb23ff e4d3fcff9172df28321591ccdad3d9ee643df0719e38300f35576ef45760e474
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /images/image5.png HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 465
Content-Type: image/png
Content-MD5: WJuZliBUNp1n6h0nUDbGQw==
Last-Modified: Fri, 10 May 2024 03:44:57 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A38F9AF827"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4a439e86-701e-00b5-5f94-a26b1e000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:52 GMT
|
|
| bhftrrrrere.z11.web.core.windows.net/images/image7.svg | 20.60.248.68 | 200 OK | 153 B |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/images/image7.svg IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typeSVG Scalable Vector Graphics image Hashf98aab4e2a400b8b99ede8d0084336bc e95f5d0ab17a53519b248c9fececd314960604cd 9edaa2b6e53ac5e608b77f5622b1bad2529cee19906688138799e17adc3d0c87
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /images/image7.svg HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 153
Content-Type: image/svg+xml
Content-MD5: +YqrTipAC4uZ7ejQCEM2vA==
Last-Modified: Fri, 10 May 2024 03:44:56 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A38F4A4BE7"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fe8fcbf5-501e-0079-7194-a20428000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:51 GMT
|
|
| bhftrrrrere.z11.web.core.windows.net/images/image1.png | 20.60.248.68 | 200 OK | 204 B |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/images/image1.png IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashe40d1b1cb551eb3aa439e3aa58684506 360fd35b4a6a2a41220fb3a886d77f9ef416ee58 5e7a2650a477495975f4582dd7fda915eddc6636c280c814b3c340eac9e7991e
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /images/image1.png HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 204
Content-Type: image/png
Content-MD5: 5A0bHLVR6zqkOeOqWGhFBg==
Last-Modified: Fri, 10 May 2024 03:44:57 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A38FB7559D"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 57b97426-801e-00a1-4294-a22371000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:53 GMT
|
|
| bhftrrrrere.z11.web.core.windows.net/images/image3.png | 20.60.248.68 | 200 OK | 1.3 kB |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/images/image3.png IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typePNG image data, 132 x 105, 8-bit/color RGBA, non-interlaced Hash8544bdb08aeab60824f3274e1b23d72c a954a9b151155df801eba5eea1f6cb20b349e8c4 9887fc4cc99951ee5242c8138ac47b175a793819af078f20364603d839be556c
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /images/image3.png HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1324
Content-Type: image/png
Content-MD5: hUS9sIrqtggk8ydOGyPXLA==
Last-Modified: Fri, 10 May 2024 03:44:57 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A38FF9AC15"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 28b2792d-601e-0000-6794-a2f80c000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:52 GMT
|
|
| bhftrrrrere.z11.web.core.windows.net/images/image4.png | 20.60.248.68 | 200 OK | 3.5 kB |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/images/image4.png IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typePNG image data, 117 x 25, 8-bit/color RGBA, non-interlaced Hash9b1f21dd040a850687d989f804c982cb fc1697a3622ca7ebe68d15e3e59b1e5b693e2f35 148394202d5a332a7813d94e3911853e3ba70ea18cd4391d3e188ee8b60ba02e
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /images/image4.png HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 3526
Content-Type: image/png
Content-MD5: mx8h3QQKhQaH2Yn4BMmCyw==
Last-Modified: Fri, 10 May 2024 03:44:56 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A38F6DFB5C"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 28b2792c-601e-0000-6694-a2f80c000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:52 GMT
|
|
| bhftrrrrere.z11.web.core.windows.net/images/np.webp | 20.60.248.68 | 200 OK | 15 kB |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/images/np.webp IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typeRIFF (little-endian) data, Web/P image Hash1e021d2990a421939a476c93ee260737 70f918df08bcd95398ba86c498d7674369556d98 7decd8479058e70116d086114eb4de025975adb3aa8bb0628866b815380b37da
GET /images/np.webp HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 14894
Content-Type: image/webp
Content-MD5: HgIdKZCkIZOaR2yT7iYHNw==
Last-Modified: Fri, 10 May 2024 03:44:56 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A38F256433"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fe8fcc16-501e-0079-0f94-a20428000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:52 GMT
|
|
| www.clarity.ms/tag/i6wbidqrri | 13.107.213.53 | 200 OK | 667 B |
URL GET HTTP/2www.clarity.ms/tag/i6wbidqrri IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerDigiCert Inc Subjectwww.clarity.ms FingerprintAE:77:25:80:38:B8:E2:8F:C3:B2:EE:B5:0D:9C:7C:30:7E:30:75:2C ValidityThu, 07 Dec 2023 00:00:00 GMT - Sat, 07 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (667), with no line terminators Hash98d272b4672093a987ec0ab07eca9717 595c1a8f5d0d77722f8ad801d4f42697e367979a efa06e3db6705b868b76fc80410a7fc3b8a2cc88227c8e8ec2475c2e15097ce9
GET /tag/i6wbidqrri HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:45:53 GMT
content-type: application/x-javascript
content-length: 667
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=13d1e5f8e39c4d11babb20e4abe9d480.20240510.20250510; expires=Sat, 10 May 2025 04:45:53 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
x-azure-ref: 20240510T044553Z-er15bb998b7cbbjrva4gc3ezws00000006rg0000000048wy
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bhftrrrrere.z11.web.core.windows.net/images/image2.png | 20.60.248.68 | 200 OK | 724 B |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/images/image2.png IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typePNG image data, 79 x 63, 8-bit/color RGBA, non-interlaced Hashdb0e6825a0f394cc119f9dce51e87d0d 14ad5c784c8793da6d1793023d29a2ed941f999e d23448df7f1a2f0e32540a23dace5883a040f3934eda711ccbb786a9a3f85586
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /images/image2.png HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 724
Content-Type: image/png
Content-MD5: 2w5oJaDzlMwRn53OUeh9DQ==
Last-Modified: Fri, 10 May 2024 03:44:57 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A38FC53649"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 57b97513-801e-00a1-7894-a22371000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:53 GMT
|
|
| bhftrrrrere.z11.web.core.windows.net/images/img6.png | 20.60.248.68 | 404 The requested content does not exist. | 14 kB |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/images/img6.png IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typeHTML document, Unicode text, UTF-8 text Hashb4ffdd1607fdff4953287bdfe31d5a49 d70d263c6de5054b3f030c1a60fabbc6c3872c37 c0f96ab7aeaf4e6b22150fd1ab16dee23f8209e3fa30b0c3109fca095a53711d
GET /images/img6.png HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 The requested content does not exist.
Content-Length: 14042
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: fe8fccf6-501e-0079-6094-a20428000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:52 GMT
|
|
| bhftrrrrere.z11.web.core.windows.net/images/image8.png | 20.60.248.68 | 200 OK | 2.8 kB |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/images/image8.png IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typePNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced Hash85699ed3cd3def081b0180e34efed9c8 960b4cff42e0300ea66d8d99c2faaa266e6a5c09 76674a6ea02c18a1c146b4b7175cf365e51cff9762eb85fe22f056c25bcae9d6
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /images/image8.png HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 2808
Content-Type: image/png
Content-MD5: hWme08097wgbAYDjTv7ZyA==
Last-Modified: Fri, 10 May 2024 03:44:55 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A38EA80935"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 28b279f3-601e-0000-2094-a2f80c000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:52 GMT
|
|
| bhftrrrrere.z11.web.core.windows.net/images/image9.png | 20.60.248.68 | 200 OK | 2.3 kB |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/images/image9.png IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typePNG image data, 55 x 65, 8-bit/color RGBA, non-interlaced Hash6c9518d26a8fce8b5476854e26bf9bb5 b86604406df94513dc752331a3bc816cf618a26a 48ba31e331db64e10973ac1ea694095891cb555ec7122e4d3d70b92beaf269a2
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /images/image9.png HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 2334
Content-Type: image/png
Content-MD5: bJUY0mqPzotUdoVOJr+btQ==
Last-Modified: Fri, 10 May 2024 03:44:56 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A38EF4E56C"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 28b279f1-601e-0000-1e94-a2f80c000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:52 GMT
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bhftrrrrere.z11.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:38:02 GMT
expires: Fri, 09 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 94071
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| q.clarity.ms/collect | 20.231.53.73 | 204 No Content | 0 B |
IP20.231.53.73:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subjecta.clarity.ms FingerprintFA:A0:06:96:CF:68:F2:24:36:2B:8B:BF:D1:E0:5A:17:AC:96:CD:11 ValiditySun, 14 Jan 2024 10:23:37 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: q.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15992
Origin: https://bhftrrrrere.z11.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 04:45:53 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bhftrrrrere.z11.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
|
|
| bhftrrrrere.z11.web.core.windows.net/favicon.ico | 20.60.248.68 | 404 The requested content does not exist. | 14 kB |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/favicon.ico IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typeHTML document, Unicode text, UTF-8 text Hashb4ffdd1607fdff4953287bdfe31d5a49 d70d263c6de5054b3f030c1a60fabbc6c3872c37 c0f96ab7aeaf4e6b22150fd1ab16dee23f8209e3fa30b0c3109fca095a53711d
GET /favicon.ico HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Cookie: _ga_9JLZ2BGNP7=GS1.1.1715316353.1.0.1715316353.0.0.0; _ga=GA1.1.1646240387.1715316353; _clck=1czn2bx%7C2%7Cfln%7C0%7C1591
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 The requested content does not exist.
Content-Length: 14042
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: fe8fce92-501e-0079-6094-a20428000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:53 GMT
|
|
| bhftrrrrere.z11.web.core.windows.net/images/background-img2.png | 20.60.248.68 | 200 OK | 200 B |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/images/background-img2.png IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hash36ab0d6aef47162ecbc940362b8ec85a 360769d836fe40560d961d13ee24d4a39db098ab 9f8994aa205cd008cbc2b9abac9d2c84d3e3635bb26e304e7221ead9cdad315d
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /images/background-img2.png HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/styles/ss.css
Cookie: _ga_9JLZ2BGNP7=GS1.1.1715316353.1.0.1715316353.0.0.0; _ga=GA1.1.1646240387.1715316353; _clck=1czn2bx%7C2%7Cfln%7C0%7C1591
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 200
Content-Type: image/png
Content-MD5: NqsNau9HFi7LyUA2K47IWg==
Last-Modified: Fri, 10 May 2024 03:44:56 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A38F03D765"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 28b27bf5-601e-0000-7d94-a2f80c000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:53 GMT
|
|
| bhftrrrrere.z11.web.core.windows.net/images/background-img1.png | 20.60.248.68 | 200 OK | 505 kB |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/images/background-img1.png IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typePNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced Size505 kB (505377 bytes) Hash407d49fce150772038b651dc3807ce92 866cc35542ea4fb302048ba37365a92a8aedb224 1ff2dc3acf8cc925c20b6d0fd9918d51daf441bfc96bf0ee1db2c254f5b1dab8
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /images/background-img1.png HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/styles/ss.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 505377
Content-Type: image/png
Content-MD5: QH1J/OFQdyA4tlHcOAfOkg==
Last-Modified: Fri, 10 May 2024 03:45:02 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A392C66CCC"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4a439f47-701e-00b5-1494-a26b1e000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:52 GMT
|
|
| c.clarity.ms/c.gif | 68.219.88.97 | 302 Found | 0 B |
IP68.219.88.97:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subjectc.msn.com FingerprintD1:5C:88:F3:E8:11:5E:F3:50:B0:DE:BD:B8:F5:7F:C3:BA:12:BE:EC ValidityTue, 27 Feb 2024 20:55:40 GMT - Fri, 21 Feb 2025 20:55:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8E50B2B6E8B046C8B2C502DE8012C713&RedC=c.clarity.ms&MXFR=2E7398EB9569663F17938C90916968BE
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=2E7398EB9569663F17938C90916968BE; domain=.clarity.ms; expires=Wed, 04-Jun-2025 04:45:54 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Fri, 10 May 2024 04:45:54 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| c.bing.com/c.gif?ctsa=mr&CtsSyncId=8E50B2B6E8B046C8B2C502DE8012C713&RedC=c.clarity.ms&MXFR=2E7398EB9569663F17938C90916968BE | 204.79.197.237 | 302 Found | 0 B |
URL GET HTTP/2c.bing.com/c.gif?ctsa=mr&CtsSyncId=8E50B2B6E8B046C8B2C502DE8012C713&RedC=c.clarity.ms&MXFR=2E7398EB9569663F17938C90916968BE IP204.79.197.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint02:83:27:F9:50:D8:BE:B9:5E:DF:1A:4A:45:3B:6D:3C:BC:30:F2:58 ValidityWed, 01 May 2024 01:58:25 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?ctsa=mr&CtsSyncId=8E50B2B6E8B046C8B2C502DE8012C713&RedC=c.clarity.ms&MXFR=2E7398EB9569663F17938C90916968BE HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bhftrrrrere.z11.web.core.windows.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8E50B2B6E8B046C8B2C502DE8012C713&MUID=10086CC0600762F80D9E78BB61506358
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=10086CC0600762F80D9E78BB61506358; domain=.bing.com; expires=Wed, 04-Jun-2025 04:45:54 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.bing.com; expires=Fri, 17-May-2024 04:45:54 GMT; path=/; SameSite=None; Secure;
SRM_B=10086CC0600762F80D9E78BB61506358; domain=c.bing.com; expires=Wed, 04-Jun-2025 04:45:54 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 341AF2023E644470AB90FFBEA5EFB747 Ref B: OSL30EDGE0312 Ref C: 2024-05-10T04:45:54Z
date: Fri, 10 May 2024 04:45:54 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8E50B2B6E8B046C8B2C502DE8012C713&MUID=10086CC0600762F80D9E78BB61506358 | 68.219.88.97 | 200 OK | 42 B |
URL GET HTTP/2c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8E50B2B6E8B046C8B2C502DE8012C713&MUID=10086CC0600762F80D9E78BB61506358 IP68.219.88.97:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subjectc.msn.com FingerprintD1:5C:88:F3:E8:11:5E:F3:50:B0:DE:BD:B8:F5:7F:C3:BA:12:BE:EC ValidityTue, 27 Feb 2024 20:55:40 GMT - Fri, 21 Feb 2025 20:55:40 GMT
File typeGIF image data, version 89a, 1 x 1 Hash32023bb33cfb2a1990a4ef2d85b6ac16 23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?ctsa=mr&CtsSyncId=8E50B2B6E8B046C8B2C502DE8012C713&MUID=10086CC0600762F80D9E78BB61506358 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bhftrrrrere.z11.web.core.windows.net/
DNT: 1
Connection: keep-alive
Cookie: SM=T; MUID=2E7398EB9569663F17938C90916968BE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
accept-ranges: bytes
etag: "3e26b762b6cda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=C; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=10086CC0600762F80D9E78BB61506358; domain=.clarity.ms; expires=Wed, 04-Jun-2025 04:45:54 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.clarity.ms; expires=Fri, 17-May-2024 04:45:54 GMT; path=/; SameSite=None; Secure;
ANONCHK=0; domain=c.clarity.ms; expires=Fri, 10-May-2024 04:55:54 GMT; path=/; SameSite=None; Secure;
date: Fri, 10 May 2024 04:45:54 GMT
content-length: 42
X-Firefox-Spdy: h2
|
|
| q.clarity.ms/collect | 20.231.53.73 | 204 No Content | 0 B |
IP20.231.53.73:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subjecta.clarity.ms FingerprintFA:A0:06:96:CF:68:F2:24:36:2B:8B:BF:D1:E0:5A:17:AC:96:CD:11 ValiditySun, 14 Jan 2024 10:23:37 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: q.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 939
Origin: https://bhftrrrrere.z11.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/
Cookie: MUID=10086CC0600762F80D9E78BB61506358
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 04:45:55 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bhftrrrrere.z11.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
|
|
| q.clarity.ms/collect | 20.231.53.73 | 204 No Content | 0 B |
IP20.231.53.73:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subjecta.clarity.ms FingerprintFA:A0:06:96:CF:68:F2:24:36:2B:8B:BF:D1:E0:5A:17:AC:96:CD:11 ValiditySun, 14 Jan 2024 10:23:37 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: q.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 472
Origin: https://bhftrrrrere.z11.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/
Cookie: MUID=10086CC0600762F80D9E78BB61506358
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 10 May 2024 04:45:57 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bhftrrrrere.z11.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
|
|
| bhftrrrrere.z11.web.core.windows.net/src.mp3 | 20.60.248.68 | 206 Partial Content | 131 kB |
URL GET HTTP/1.1bhftrrrrere.z11.web.core.windows.net/src.mp3 IP20.60.248.68:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint9D:9F:D1:19:8B:95:C9:F6:B8:68:35:ED:B2:E4:C9:10:9E:57:E6:7F ValidityWed, 27 Sep 2023 09:15:24 GMT - Fri, 27 Sep 2024 09:15:24 GMT
File typeAudio file with ID3 version 2.4.0, contains:
- MPEG ADTS, layer III, v2, 48 kbps, 22.05 kHz, Monaural Size131 kB (130686 bytes) Hash1c7c140005ed7479422c91e9d77ce8f8 fbe085367fec877fef3635b21c2a49380a6fa06d 5581500a4f3763c401e2e488caa67e5804a0e811d866b9a5569eb595e42e86db
GET /src.mp3 HTTP/1.1
Host: bhftrrrrere.z11.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID]
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Content-Length: 231542
Content-Type: audio/mpeg
Content-Range: bytes 0-231541/231542
Last-Modified: Fri, 10 May 2024 03:45:00 GMT
Accept-Ranges: bytes
ETag: "0x8DC70A39190161D"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fe8fccdc-501e-0079-4694-a20428000000
x-ms-version: 2018-03-28
Date: Fri, 10 May 2024 04:45:52 GMT
|
|
| fonts.googleapis.com/css2?family=Montserrat:wght@600;700&display=swap | 142.250.74.106 | 200 OK | 3.7 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Montserrat:wght@600;700&display=swap IP142.250.74.106:443
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (3750), with no line terminators Hash27d380c6f6ae812130dd3b558b2159c2 2091ac73c0a96dee712bab5bce983cee528cd91b c406d5badd61b281c6681a798364594a2e1653eeb3f7b2f198f85b7b0fe83c8f
GET /css2?family=Montserrat:wght@600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 04:45:52 GMT
date: Fri, 10 May 2024 04:45:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.clarity.ms/s/0.7.32/clarity.js | 13.107.213.53 | 200 OK | 62 kB |
URL GET HTTP/2www.clarity.ms/s/0.7.32/clarity.js IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bhftrrrrere.z11.web.core.windows.net/?pub=[PUBLISHER_ID]&campid=[CAMPAIGN_ID]&Creative=[CREATIVE_ID] CertificateIssuerDigiCert Inc Subjectwww.clarity.ms FingerprintAE:77:25:80:38:B8:E2:8F:C3:B2:EE:B5:0D:9C:7C:30:7E:30:75:2C ValidityThu, 07 Dec 2023 00:00:00 GMT - Sat, 07 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/0.7.32/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bhftrrrrere.z11.web.core.windows.net/
Cookie: CLID=13d1e5f8e39c4d11babb20e4abe9d480.20240510.20250510
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:45:53 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 08 May 2024 21:14:23 GMT
etag: W/"0x8DC6FA3D56B9D1A"
x-ms-request-id: 32d7d42d-701e-0001-1b93-a17107000000
x-ms-version: 2018-03-28
access-control-allow-origin: *
x-azure-ref: 20240510T044553Z-er15bb998b7cbbjrva4gc3ezws00000006rg0000000048x4
cache-control: public, max-age=86400
x-fd-int-roxy-purgeid: 51562430
x-cache: TCP_HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|