| bahgytui.z28.web.core.windows.net/ | 20.60.13.228 | 200 OK | 9.4 kB |
URL User Request GET HTTP/1.1bahgytui.z28.web.core.windows.net/ IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typeHTML document, Unicode text, UTF-8 text Hash3bde50ee5df5b3ef000b4e161e32697c 3e84dcac9406ccd57ddce7fb57f8ee18a6d2d675 c4e829c43a84b0ff7ac533f6a31abe345392b2f65e70c4abf4a2d24267cfcb5c
GET / HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 9434
Content-Type: text/html
Content-MD5: O95Q7l31s+8AC04WHjJpfA==
Last-Modified: Sat, 04 May 2024 05:09:51 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86DBB275F"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 78a5a0ae-601e-0028-6df9-9dd37a000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:03 GMT
|
|
| bahgytui.z28.web.core.windows.net/css/style-browser-reset.css | 20.60.13.228 | 200 OK | 7.0 kB |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/css/style-browser-reset.css IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
Hash6e6f1a0825d8e991c9425026368b5dfc 1c4098af50ba750231d8eaf563aa9550e9500690 6958062d752bd84b03a4389d5caccd7765ba55ecaaf5fff5208c1707931728dc
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /css/style-browser-reset.css HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 6958
Content-Type: text/css
Content-MD5: bm8aCCXY6ZHJQlAmNotd/A==
Last-Modified: Sat, 04 May 2024 05:09:51 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86DB230C0"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 78a5a1da-601e-0028-7bf9-9dd37a000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:03 GMT
|
|
| bahgytui.z28.web.core.windows.net/css/style.css | 20.60.13.228 | 200 OK | 12 kB |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/css/style.css IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
Hash7cd3ea1e9c50e82eaa8edfc5a1b0a9c3 9f77286687fd6e118ffd5854c6205a0efa62fc2e f67daacd2dffefa3199b63c42b0964f121e8db5f524814abc45b3a99b97b449d
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /css/style.css HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 12154
Content-Type: text/css
Content-MD5: fNPqHpxQ6C6qjt/FobCpww==
Last-Modified: Sat, 04 May 2024 05:09:51 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86DCFF78D"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c694c63f-901e-003c-6ff9-9d9b15000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:04 GMT
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js | 142.250.74.138 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP142.250.74.138:443
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32061) Hashe40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:24:46 GMT
expires: Fri, 02 May 2025 23:24:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 117318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bahgytui.z28.web.core.windows.net/img/skip.svg | 20.60.13.228 | 200 OK | 153 B |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/img/skip.svg IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typeSVG Scalable Vector Graphics image Hashf98aab4e2a400b8b99ede8d0084336bc e95f5d0ab17a53519b248c9fececd314960604cd 9edaa2b6e53ac5e608b77f5622b1bad2529cee19906688138799e17adc3d0c87
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /img/skip.svg HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 153
Content-Type: image/svg+xml
Content-MD5: +YqrTipAC4uZ7ejQCEM2vA==
Last-Modified: Sat, 04 May 2024 05:09:52 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86E030333"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 78a5a275-601e-0028-08f9-9dd37a000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:03 GMT
|
|
| bahgytui.z28.web.core.windows.net/img/world-min.png | 20.60.13.228 | 200 OK | 2.3 kB |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/img/world-min.png IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typePNG image data, 55 x 65, 8-bit/color RGBA, non-interlaced Hash6c9518d26a8fce8b5476854e26bf9bb5 b86604406df94513dc752331a3bc816cf618a26a 48ba31e331db64e10973ac1ea694095891cb555ec7122e4d3d70b92beaf269a2
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /img/world-min.png HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 2334
Content-Type: image/png
Content-MD5: bJUY0mqPzotUdoVOJr+btQ==
Last-Modified: Sat, 04 May 2024 05:09:53 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86E8901CC"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c694c65d-901e-003c-0cf9-9d9b15000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:04 GMT
|
|
| bahgytui.z28.web.core.windows.net/img/icon-chat.png | 20.60.13.228 | 200 OK | 3.5 kB |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/img/icon-chat.png IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typePNG image data, 117 x 25, 8-bit/color RGBA, non-interlaced Hash9b1f21dd040a850687d989f804c982cb fc1697a3622ca7ebe68d15e3e59b1e5b693e2f35 148394202d5a332a7813d94e3911853e3ba70ea18cd4391d3e188ee8b60ba02e
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /img/icon-chat.png HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 3526
Content-Type: image/png
Content-MD5: mx8h3QQKhQaH2Yn4BMmCyw==
Last-Modified: Sat, 04 May 2024 05:09:53 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86EAEFCBA"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3465491e-701e-000b-07f9-9d49b9000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:04 GMT
|
|
| bahgytui.z28.web.core.windows.net/img/comp-min.png | 20.60.13.228 | 200 OK | 724 B |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/img/comp-min.png IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typePNG image data, 79 x 63, 8-bit/color RGBA, non-interlaced Hashdb0e6825a0f394cc119f9dce51e87d0d 14ad5c784c8793da6d1793023d29a2ed941f999e d23448df7f1a2f0e32540a23dace5883a040f3934eda711ccbb786a9a3f85586
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /img/comp-min.png HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 724
Content-Type: image/png
Content-MD5: 2w5oJaDzlMwRn53OUeh9DQ==
Last-Modified: Sat, 04 May 2024 05:09:52 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86E2E2878"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 34654920-701e-000b-09f9-9d49b9000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:04 GMT
|
|
| bahgytui.z28.web.core.windows.net/img/microsoft-min.png | 20.60.13.228 | 200 OK | 358 B |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/img/microsoft-min.png IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typePNG image data, 63 x 63, 8-bit/color RGBA, non-interlaced Hashb70b61fbaef16f92eda0c249926b3ffc fd089d0504c8e655fcda642ea23e970f9cb1fce2 0f76835451427509c2c509c34d7da48a0b3d3eba777be73f519e6853796b1987
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /img/microsoft-min.png HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 358
Content-Type: image/png
Content-MD5: twth+67xb5LtoMJJkms//A==
Last-Modified: Sat, 04 May 2024 05:09:52 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86E0DF36B"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 74bf9ba2-501e-0033-2ef9-9ded79000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:04 GMT
|
|
| bahgytui.z28.web.core.windows.net/img/close.png | 20.60.13.228 | 200 OK | 204 B |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/img/close.png IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashe40d1b1cb551eb3aa439e3aa58684506 360fd35b4a6a2a41220fb3a886d77f9ef416ee58 5e7a2650a477495975f4582dd7fda915eddc6636c280c814b3c340eac9e7991e
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /img/close.png HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 204
Content-Type: image/png
Content-MD5: 5A0bHLVR6zqkOeOqWGhFBg==
Last-Modified: Sat, 04 May 2024 05:09:53 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86ECE4869"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 25037cd8-501e-0051-6ff9-9d2f5e000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:04 GMT
|
|
| bahgytui.z28.web.core.windows.net/img/microsoft-label.png | 20.60.13.228 | 200 OK | 465 B |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/img/microsoft-label.png IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typePNG image data, 74 x 74, 8-bit/color RGBA, non-interlaced Hash589b99962054369d67ea1d275036c643 09cd975587a064b882e39bbd9f40eb6b46bb23ff e4d3fcff9172df28321591ccdad3d9ee643df0719e38300f35576ef45760e474
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /img/microsoft-label.png HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 465
Content-Type: image/png
Content-MD5: WJuZliBUNp1n6h0nUDbGQw==
Last-Modified: Sat, 04 May 2024 05:09:52 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86E7678F4"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 78a5a286-601e-0028-19f9-9dd37a000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:03 GMT
|
|
| bahgytui.z28.web.core.windows.net/img/speed-min.png | 20.60.13.228 | 200 OK | 2.8 kB |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/img/speed-min.png IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typePNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced Hash85699ed3cd3def081b0180e34efed9c8 960b4cff42e0300ea66d8d99c2faaa266e6a5c09 76674a6ea02c18a1c146b4b7175cf365e51cff9762eb85fe22f056c25bcae9d6
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /img/speed-min.png HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 2808
Content-Type: image/png
Content-MD5: hWme08097wgbAYDjTv7ZyA==
Last-Modified: Sat, 04 May 2024 05:09:52 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86E4C63EF"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c694c671-901e-003c-1ef9-9d9b15000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:04 GMT
|
|
| bahgytui.z28.web.core.windows.net/img/comp.png | 20.60.13.228 | 200 OK | 1.3 kB |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/img/comp.png IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typePNG image data, 132 x 105, 8-bit/color RGBA, non-interlaced Hash8544bdb08aeab60824f3274e1b23d72c a954a9b151155df801eba5eea1f6cb20b349e8c4 9887fc4cc99951ee5242c8138ac47b175a793819af078f20364603d839be556c
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /img/comp.png HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1324
Content-Type: image/png
Content-MD5: hUS9sIrqtggk8ydOGyPXLA==
Last-Modified: Sat, 04 May 2024 05:09:53 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86E90C140"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3465494b-701e-000b-30f9-9d49b9000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:04 GMT
|
|
| www.googletagmanager.com/gtag/js?id=UA-176875146-1 | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-176875146-1 IP142.250.74.168:443
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash5cd0e2d309b9f939423cf934acb40ecc c13a77173ffcb95f3c98bf2d328015f7c8ee6d88 4cbaa62fa3b492881a7fab35cf0e847e16ba9f3193efe42b750e8edcf875cb13
GET /gtag/js?id=UA-176875146-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 08:00:04 GMT
expires: Sat, 04 May 2024 08:00:04 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bahgytui.z28.web.core.windows.net/takashi.mp3 | 20.60.13.228 | 206 Partial Content | 232 kB |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/takashi.mp3 IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typeAudio file with ID3 version 2.4.0, contains:
- MPEG ADTS, layer III, v2, 48 kbps, 22.05 kHz, Monaural Size232 kB (231542 bytes) Hash111d7c5ab3c31515e383a9ed1d214a3c fb2bc54e6ce1d206abf56d423f1d1cc2d4c9f6a6 e3a8cebfbfeeb5d546b3f958b83a0371024436eef276133832ce697be3f81284
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /takashi.mp3 HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Content-Length: 231542
Content-Type: audio/mpeg
Content-Range: bytes 0-231541/231542
Last-Modified: Sat, 04 May 2024 05:09:52 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86E229CB1"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 78a5a2f4-601e-0028-7ff9-9dd37a000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:04 GMT
|
|
| www.googletagmanager.com/gtag/js?id=G-9JLZ2BGNP7&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 90 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-9JLZ2BGNP7&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash75d248c274b08d29f36d8fcfe26acdc9 77d7d6bcdc5ea6f8024597b18a0cffea8e00bc1c 9bebb9466b0eee7a963fc00924086609f255d0a97d128d5419dff859675fa47f
GET /gtag/js?id=G-9JLZ2BGNP7&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 08:00:04 GMT
expires: Sat, 04 May 2024 08:00:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bahgytui.z28.web.core.windows.net/img/supportmicrosoft2.png | 20.60.13.228 | 200 OK | 505 kB |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/img/supportmicrosoft2.png IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typePNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced Size505 kB (505377 bytes) Hash407d49fce150772038b651dc3807ce92 866cc35542ea4fb302048ba37365a92a8aedb224 1ff2dc3acf8cc925c20b6d0fd9918d51daf441bfc96bf0ee1db2c254f5b1dab8
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /img/supportmicrosoft2.png HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 505377
Content-Type: image/png
Content-MD5: QH1J/OFQdyA4tlHcOAfOkg==
Last-Modified: Sat, 04 May 2024 05:09:53 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86EA370F4"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c694c6d0-901e-003c-74f9-9d9b15000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:04 GMT
|
|
| bahgytui.z28.web.core.windows.net/favicon.ico | 20.60.13.228 | 404 The requested content does not exist. | 9.4 kB |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/favicon.ico IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typeHTML document, Unicode text, UTF-8 text Hash3bde50ee5df5b3ef000b4e161e32697c 3e84dcac9406ccd57ddce7fb57f8ee18a6d2d675 c4e829c43a84b0ff7ac533f6a31abe345392b2f65e70c4abf4a2d24267cfcb5c
GET /favicon.ico HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Cookie: _ga_9JLZ2BGNP7=GS1.1.1714809605.1.0.1714809605.0.0.0; _ga=GA1.1.1434019344.1714809605
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 The requested content does not exist.
Content-Length: 9434
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c694c790-901e-003c-22f9-9d9b15000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:04 GMT
|
|
| www.clarity.ms/tag/i6wbidqrri | 13.107.213.53 | 200 OK | 667 B |
URL GET HTTP/2www.clarity.ms/tag/i6wbidqrri IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerDigiCert Inc Subjectwww.clarity.ms FingerprintAE:77:25:80:38:B8:E2:8F:C3:B2:EE:B5:0D:9C:7C:30:7E:30:75:2C ValidityThu, 07 Dec 2023 00:00:00 GMT - Sat, 07 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (667), with no line terminators Hash1fb06db52df62cb8911ad131c42341c8 72aba8eb6087aa9c886aeaff588febd4b0fc9f0f 2e85a1896323616af16d8db134e2658704e7315b734e77ccd56dfa13e38f9563
GET /tag/i6wbidqrri HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:00:05 GMT
content-type: application/x-javascript
content-length: 667
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=5a44f14f28ea49759567991ac72f9ac5.20240504.20250504; expires=Sun, 04 May 2025 08:00:05 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
x-azure-ref: 20240504T080005Z-er15bb998b7gprm2wbgxb8rz7g00000001q0000000006eg8
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| c.clarity.ms/c.gif | 68.219.88.97 | 302 Found | 0 B |
IP68.219.88.97:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subjectc.msn.com FingerprintD1:5C:88:F3:E8:11:5E:F3:50:B0:DE:BD:B8:F5:7F:C3:BA:12:BE:EC ValidityTue, 27 Feb 2024 20:55:40 GMT - Fri, 21 Feb 2025 20:55:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=20B566A61809475789664784351FCAA8&RedC=c.clarity.ms&MXFR=1FD219CC0FA06A752D900DB90BA06406
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=1FD219CC0FA06A752D900DB90BA06406; domain=.clarity.ms; expires=Thu, 29-May-2025 08:00:05 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sat, 04 May 2024 08:00:05 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| c.bing.com/c.gif?ctsa=mr&CtsSyncId=20B566A61809475789664784351FCAA8&RedC=c.clarity.ms&MXFR=1FD219CC0FA06A752D900DB90BA06406 | 13.107.21.237 | 302 Found | 0 B |
URL GET HTTP/2c.bing.com/c.gif?ctsa=mr&CtsSyncId=20B566A61809475789664784351FCAA8&RedC=c.clarity.ms&MXFR=1FD219CC0FA06A752D900DB90BA06406 IP13.107.21.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint02:83:27:F9:50:D8:BE:B9:5E:DF:1A:4A:45:3B:6D:3C:BC:30:F2:58 ValidityWed, 01 May 2024 01:58:25 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?ctsa=mr&CtsSyncId=20B566A61809475789664784351FCAA8&RedC=c.clarity.ms&MXFR=1FD219CC0FA06A752D900DB90BA06406 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bahgytui.z28.web.core.windows.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=20B566A61809475789664784351FCAA8&MUID=23D5B96B2C0D65FD187CAD1E2DF864E6
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=23D5B96B2C0D65FD187CAD1E2DF864E6; domain=.bing.com; expires=Thu, 29-May-2025 08:00:05 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.bing.com; expires=Sat, 11-May-2024 08:00:05 GMT; path=/; SameSite=None; Secure;
SRM_B=23D5B96B2C0D65FD187CAD1E2DF864E6; domain=c.bing.com; expires=Thu, 29-May-2025 08:00:05 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2535577859DE41AD84F909D7BB54AE82 Ref B: OSL30EDGE0111 Ref C: 2024-05-04T08:00:05Z
date: Sat, 04 May 2024 08:00:05 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=20B566A61809475789664784351FCAA8&MUID=23D5B96B2C0D65FD187CAD1E2DF864E6 | 68.219.88.97 | 200 OK | 42 B |
URL GET HTTP/2c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=20B566A61809475789664784351FCAA8&MUID=23D5B96B2C0D65FD187CAD1E2DF864E6 IP68.219.88.97:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subjectc.msn.com FingerprintD1:5C:88:F3:E8:11:5E:F3:50:B0:DE:BD:B8:F5:7F:C3:BA:12:BE:EC ValidityTue, 27 Feb 2024 20:55:40 GMT - Fri, 21 Feb 2025 20:55:40 GMT
File typeGIF image data, version 89a, 1 x 1 Hash32023bb33cfb2a1990a4ef2d85b6ac16 23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?ctsa=mr&CtsSyncId=20B566A61809475789664784351FCAA8&MUID=23D5B96B2C0D65FD187CAD1E2DF864E6 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bahgytui.z28.web.core.windows.net/
DNT: 1
Connection: keep-alive
Cookie: SM=T; MUID=1FD219CC0FA06A752D900DB90BA06406
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
accept-ranges: bytes
etag: "3e26b762b6cda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=C; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=23D5B96B2C0D65FD187CAD1E2DF864E6; domain=.clarity.ms; expires=Thu, 29-May-2025 08:00:05 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.clarity.ms; expires=Sat, 11-May-2024 08:00:05 GMT; path=/; SameSite=None; Secure;
ANONCHK=0; domain=c.clarity.ms; expires=Sat, 04-May-2024 08:10:05 GMT; path=/; SameSite=None; Secure;
date: Sat, 04 May 2024 08:00:05 GMT
content-length: 42
X-Firefox-Spdy: h2
|
|
| bahgytui.z28.web.core.windows.net/img/microsoft-bg.png | 20.60.13.228 | 200 OK | 200 B |
URL GET HTTP/1.1bahgytui.z28.web.core.windows.net/img/microsoft-bg.png IP20.60.13.228:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subject*.web.core.windows.net Fingerprint5C:06:4B:CF:AA:07:6C:29:24:62:84:3F:8B:87:6E:61:27:AC:96:EB ValidityMon, 01 Apr 2024 07:03:23 GMT - Thu, 27 Mar 2025 07:03:23 GMT
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hash36ab0d6aef47162ecbc940362b8ec85a 360769d836fe40560d961d13ee24d4a39db098ab 9f8994aa205cd008cbc2b9abac9d2c84d3e3635bb26e304e7221ead9cdad315d
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /img/microsoft-bg.png HTTP/1.1
Host: bahgytui.z28.web.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/css/style.css
Cookie: _ga_9JLZ2BGNP7=GS1.1.1714809605.1.0.1714809605.0.0.0; _ga=GA1.1.1434019344.1714809605; _clck=10qvm56%7C2%7Cflh%7C0%7C1585
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 200
Content-Type: image/png
Content-MD5: NqsNau9HFi7LyUA2K47IWg==
Last-Modified: Sat, 04 May 2024 05:09:52 GMT
Accept-Ranges: bytes
ETag: "0x8DC6BF86E57A1F2"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c694c9c3-901e-003c-12f9-9d9b15000000
x-ms-version: 2018-03-28
Date: Sat, 04 May 2024 08:00:05 GMT
|
|
| y.clarity.ms/collect | 104.211.35.148 | 204 No Content | 0 B |
IP104.211.35.148:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subjecta.clarity.ms FingerprintFA:A0:06:96:CF:68:F2:24:36:2B:8B:BF:D1:E0:5A:17:AC:96:CD:11 ValiditySun, 14 Jan 2024 10:23:37 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 12363
Origin: https://bahgytui.z28.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 08:00:05 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bahgytui.z28.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bahgytui.z28.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:38:02 GMT
expires: Fri, 02 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 192124
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.227 | 200 OK | 33 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.227:443
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 33092, version 1.0 Hash057478083c1d55ea0c2182b24f6dd72f caf557cd276a76992084efc4c8857b66791a6b7f bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bahgytui.z28.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:38:02 GMT
expires: Fri, 02 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 192124
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| y.clarity.ms/collect | 104.211.35.148 | 204 No Content | 0 B |
IP104.211.35.148:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subjecta.clarity.ms FingerprintFA:A0:06:96:CF:68:F2:24:36:2B:8B:BF:D1:E0:5A:17:AC:96:CD:11 ValiditySun, 14 Jan 2024 10:23:37 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 425
Origin: https://bahgytui.z28.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Cookie: MUID=23D5B96B2C0D65FD187CAD1E2DF864E6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 08:00:06 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bahgytui.z28.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
|
|
| y.clarity.ms/collect | 104.211.35.148 | 204 No Content | 0 B |
IP104.211.35.148:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerMicrosoft Corporation Subjecta.clarity.ms FingerprintFA:A0:06:96:CF:68:F2:24:36:2B:8B:BF:D1:E0:5A:17:AC:96:CD:11 ValiditySun, 14 Jan 2024 10:23:37 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 444
Origin: https://bahgytui.z28.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Cookie: MUID=23D5B96B2C0D65FD187CAD1E2DF864E6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 04 May 2024 08:00:09 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://bahgytui.z28.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
|
|
| fonts.googleapis.com/css2?family=Montserrat:wght@600;700&display=swap | 142.250.74.138 | 200 OK | 3.7 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Montserrat:wght@600;700&display=swap IP142.250.74.138:443
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (3750), with no line terminators Hash27d380c6f6ae812130dd3b558b2159c2 2091ac73c0a96dee712bab5bce983cee528cd91b c406d5badd61b281c6681a798364594a2e1653eeb3f7b2f198f85b7b0fe83c8f
GET /css2?family=Montserrat:wght@600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 08:00:04 GMT
date: Sat, 04 May 2024 08:00:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.clarity.ms/s/0.7.32/clarity.js | 13.107.213.53 | 200 OK | 62 kB |
URL GET HTTP/2www.clarity.ms/s/0.7.32/clarity.js IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://bahgytui.z28.web.core.windows.net/ CertificateIssuerDigiCert Inc Subjectwww.clarity.ms FingerprintAE:77:25:80:38:B8:E2:8F:C3:B2:EE:B5:0D:9C:7C:30:7E:30:75:2C ValidityThu, 07 Dec 2023 00:00:00 GMT - Sat, 07 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/0.7.32/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bahgytui.z28.web.core.windows.net/
Cookie: CLID=5a44f14f28ea49759567991ac72f9ac5.20240504.20250504
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:00:05 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 01 May 2024 11:24:58 GMT
etag: W/"0x8DC69D155BAD85E"
x-ms-request-id: d23f8469-801e-0015-7fcf-9c3968000000
x-ms-version: 2018-03-28
access-control-allow-origin: *
x-azure-ref: 20240504T080005Z-er15bb998b7gprm2wbgxb8rz7g00000001q0000000006egc
cache-control: public, max-age=86400
x-fd-int-roxy-purgeid: 51562430
x-cache: TCP_HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|