baberticales.blob.core.windows.net Open in urlscan Pro
20.150.59.4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thenetwork18.net/adfa.html
Effective URL:
https://baberticales.blob.core.windows.net/$web/index.html
Submission: On April 02 via api (April 2nd 2024, 2:31:17 pm UTC) from US — Scanned from DE

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 9 domains to perform 30 HTTP transactions. The main IP is 20.150.59.4, located in Zurich, Switzerland and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is baberticales.blob.core.windows.net.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 05 on February 5th 2024. Valid for: 5 months.

This is the only time baberticales.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	172.64.138.20 172.64.138.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2604:9e00:1:1... 2604:9e00:1:129::2:b1f	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	2a02:128:7:54... 2a02:128:7:5427::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	2a02:128:7:54... 2a02:128:7:5417::2	50245 (SERVEREL-AS) (SERVEREL-AS)
24	20.150.59.4 20.150.59.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	195.201.57.90 195.201.57.90	24940 (HETZNER-AS) (HETZNER-AS)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	7

1 172.64.138.20 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

thenetwork18.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:9e00:1:129::2:b1f (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.adflyer.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5427::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, US)

kts.lqclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5417::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, US)

kts.vasstycom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 20.150.59.4 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

baberticales.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.57.90 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.90.57.201.195.clients.your-server.de

ipwho.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	windows.net baberticales.blob.core.windows.net	1 MB
1	userstatics.com userstatics.com — Cisco Umbrella Rank: 153582	643 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2042	267 B
1	ipwho.is ipwho.is — Cisco Umbrella Rank: 95913 Failed
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	98 KB
1	vasstycom.com 1 redirects kts.vasstycom.com — Cisco Umbrella Rank: 202969	246 B
1	lqclick.com 1 redirects kts.lqclick.com — Cisco Umbrella Rank: 755028	504 B
1	adflyer.media 1 redirects xml.adflyer.media — Cisco Umbrella Rank: 200331	1 KB
1	thenetwork18.net thenetwork18.net — Cisco Umbrella Rank: 381010	717 B
30	9

	Domain	Requested by
24	baberticales.blob.core.windows.net	thenetwork18.net baberticales.blob.core.windows.net
1	userstatics.com	baberticales.blob.core.windows.net
1	region1.google-analytics.com	www.googletagmanager.com
1	ipwho.is	baberticales.blob.core.windows.net
1	www.googletagmanager.com	baberticales.blob.core.windows.net
1	kts.vasstycom.com	1 redirects
1	kts.lqclick.com	1 redirects
1	xml.adflyer.media	1 redirects
1	thenetwork18.net
30	9

This site contains no links.

Subject Issuer	Validity	Valid
thenetwork18.net GTS CA 1P5	`2024-03-21` - `2024-06-19`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 05	`2024-02-05` - `2024-06-27`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
ipwho.is GoGetSSL ECC DV CA	`2024-03-13` - `2025-03-13`	a year	crt.sh
userstatics.com E1	`2024-03-28` - `2024-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://baberticales.blob.core.windows.net/$web/index.html
Frame ID: 98997CB0AFD1FADB7B463EBBF3F2400C
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Computer Sicherheitscode

Page URL History Show full URLs

https://thenetwork18.net/adfa.html Page URL
https://xml.adflyer.media/redirect?feed=474232&auth=yILiVK&subid=adfa&query=adfa&url=adflyer.media HTTP 302
https://kts.lqclick.com/in/769/?katds_ep=p8ZZAguCoA65fd7M357JxHa6iIZoRkZbl_no93-En3G35gnWCD0PNLVNtmO... HTTP 302
https://kts.vasstycom.com/in/d/?site=adflyer.media&p=http://adflyer.media&ad_tags=&tds_min_pr=0.905377... HTTP 302
https://baberticales.blob.core.windows.net/$web/index.html Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

30
Requests

97 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

7
IPs

5
Countries

1135 kB
Transfer

1431 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thenetwork18.net/adfa.html Page URL
https://xml.adflyer.media/redirect?feed=474232&auth=yILiVK&subid=adfa&query=adfa&url=adflyer.media HTTP 302
https://kts.lqclick.com/in/769/?katds_ep=p8ZZAguCoA65fd7M357JxHa6iIZoRkZbl_no93-En3G35gnWCD0PNLVNtmO5MdiXHGgOQSCkzvhY_q6XtLIfaRjn5UNVzmTxvPi584d4TDdAFXQPf0Qi83cQWdFXj91TNY1IWfHHAld_N7uqXeI7AOEta8FeHaWvid9-4UNsNQ-9PXDerEf2AgF_Yf4z3tfj9H0kI4aq9_Fmr_dCEDZ0EFH7OP7XYmqAIojdb6kwEvzwriqqNjpY4-RgII6xyqu84I08xeslnD9ZYnT_lI8Z8A5ewgiVROeo4zIA9Z-r_5P6PxrDyx7tuNLa8MhQdOEOp6lTaOIPVuWWsGQujCHFeD2myY-U4J5nE_LjS2p95rmT_tjclbDEHZCrldtlQYeqfWExb_IfA9AloqBq2D6sPdbPPJzFCFEdAY3sTuPaxt8Iy6yJJOy0Ymzu5pmJOz2lYBykOLuvDmOcTnpsyn8K5FdRQcwQCCcBChAvyYBrw4LajVA9ex_b2GajulP483MHayZYbu5Z1HGr0xwS6WqWzinH_9_4FF8PgIhRgBab4cFLC9TiY2NIMA3YfQa-9V2-AJ7om866ttXl_ELARR8MIuelYozJPLNeGhfcHn-LLD4XaYa5kBso2H0ZbD_87oXCCLzBW5Treuvz7D_62ZcwRjAhgnPCJmM3_9ckd5BbAflnAQNMNKzP0ykly59cCQEMc7Y3evr4a3ffJOp1oBxuRrWvrnVvmmq5CrpUTksQBMQlUpS4IuJB32nTCYAxmGp-5eaFPjV3hgbObrW5oLkk4mOxAgYjdfoQdE2fn67y1oJhA6xItENnqYFSGgIOQhIlQRTtOmxJyRrm_BRYwiNVfZW1M8u5678R-BGSr_IDicTrD4sVzc0oaWatUYvGd15SuPtQgflBPF5sH0bXibdROuS8gBsElamQcbN1y2O73sDu0pEkqH-iiio5l9ElnF7wWPxZoqZEC0y-wJP-x2X6TrgPAv9R5Fh65SwZuR9Ir0anJD0GLrjPQg HTTP 302
https://kts.vasstycom.com/in/d/?site=adflyer.media&p=http://adflyer.media&ad_tags=&tds_min_pr=0.905377&ic=IAB25&auid={{auid}}&related_score=100&bidding_price=0.90537652018999&spotid={{spotid}}&fromtc=36&ad_sub=332518610&tt=100&ts=0&sid=362&cid=253476&sp=0.905377&tcbc_b=0.905377&utm1=tcb&utm2=1156681820-100&utm3=362-253476-&utm4=63-11332434-0&click_id=9613455d-2c20-4136-9e8b-cdf476c45352&user_id=5613792878595053130&idzone=3 HTTP 302
https://baberticales.blob.core.windows.net/$web/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 adfa.html
thenetwork18.net/ 248 B
717 B 92ms
32ms Document
text/html 172.64.138.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://thenetwork18.net/adfa.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.138.20 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 317063
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=604800
cf-cache-status: HIT
cf-ray: 86e18569cdd99b2e-FRA
content-encoding: br
content-type: text/html
date: Tue, 02 Apr 2024 14:31:11 GMT
last-modified: Fri, 29 Mar 2024 22:26:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8ddYZEb1KAZCXajAt0NfT%2Brqa0QKyHZ6fjlamPrSI8BiCAZYdCO%2FthOY6%2Bq26NgfNRZiYf3iiQJotK9y61gHgQGrv8ewrxohhUqRDKa8he4Q%2BONkZGyzqaPtv2LyvS87Civ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-iplb-instance: 52335
x-iplb-request-id: A29E5760:5378_91EF25A2:0050_66074028_D6151:47B0

GET
H/1.1

200
OK

Primary Request index.html Show response
baberticales.blob.core.windows.net/$web/
Redirect Chain

https://xml.adflyer.media/redirect?feed=474232&auth=yILiVK&subid=adfa&query=adfa&url=adflyer.media
https://kts.lqclick.com/in/769/?katds_ep=p8ZZAguCoA65fd7M357JxHa6iIZoRkZbl_no93-En3G35gnWCD0PNLVNtmO5MdiXHGgOQSCkzvhY_q6XtLIfaRjn5UNVzmTxvPi584d4TDdAFXQPf0Qi83cQWdFXj91TNY1IWfHHAld_N7uqXeI7AOEta8Fe...
https://kts.vasstycom.com/in/d/?site=adflyer.media&p=http://adflyer.media&ad_tags=&tds_min_pr=0.905377&ic=IAB25&auid={{auid}}&related_score=100&bidding_price=0.90537652018999&spotid={{spotid}}&from...
https://baberticales.blob.core.windows.net/$web/index.html

43 KB
43 KB

158ms
29ms

Document
text/html

20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/index.html
Requested by: Host: thenetwork18.net
URL: https://thenetwork18.net/adfa.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 02edef21a4383265c8251985a9c5993b82834c954fd82362d680d7d5701725e9

Request headers

Referer: https://thenetwork18.net/adfa.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Content-Length: 43795
Content-MD5: TNv2SdIfWo7zYAbV/CgoUQ==
Content-Type: text/html
Date: Tue, 02 Apr 2024 14:31:12 GMT
ETag: 0x8DC531306BF3706
Last-Modified: Tue, 02 Apr 2024 12:47:16 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: a3f1553e-e01e-0038-290a-85f102000000
x-ms-version: 2009-09-19

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 02 Apr 2024 14:31:11 GMT
location: https://baberticales.blob.core.windows.net/$web/index.html
pragma: no-cache
server: nginx/1.20.1
vary: *

GET
H/1.1 200
OK tapa.css
baberticales.blob.core.windows.net/$web/css/ 18 KB
18 KB 47ms
28ms Stylesheet
text/css 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/css/tapa.css
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ba9acf1b233e5f71c214152945ebdcb4eefdf22abb2a52116d996608c15c0388

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:17 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: VsxtolBN1tVXmfe2vjztGg==
ETag: 0x8DC531307B2970E
Content-Type: text/css
x-ms-request-id: a3f1556f-e01e-0038-4c0a-85f102000000
x-ms-version: 2009-09-19
Content-Length: 18096

GET
H/1.1 200
OK noir.js Show response
baberticales.blob.core.windows.net/$web/js/ 83 KB
83 KB 76ms
29ms Script
text/javascript 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/js/noir.js
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e6aa5558980389b32f515fbccd1c46dd127ceb9705908f2df2405c96713a5e7c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:21 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: QzsHnHc65j9OGvL5uS0J8Q==
ETag: 0x8DC53130994EF2C
Content-Type: text/javascript
x-ms-request-id: a3f15585-e01e-0038-5c0a-85f102000000
x-ms-version: 2009-09-19
Content-Length: 84734

GET
H/1.1 200
OK script.compat.js Show response
baberticales.blob.core.windows.net/$web/js/ 1 KB
2 KB 31ms
30ms Script
text/javascript 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/js/script.compat.js
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5a1bc6ee4cc04b8e259bb929bb29d87e8b7eb540f2dc67cbd3bb7dbbe57fd28f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: gNNpkU2Z20SsSqYAJK31+A==
ETag: 0x8DC53130A45292A
Content-Type: text/javascript
x-ms-request-id: df612ec1-601e-0019-3e0a-85d579000000
x-ms-version: 2009-09-19
Content-Length: 1389

GET
H/1.1 404
The specified blob does not exist. _noi2r.js
baberticales.blob.core.windows.net/$web/ 0
0 111ms
28ms Script
application/xml 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/_noi2r.js
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-request-id: 455a8a30-b01e-0068-190a-853352000000
Date: Tue, 02 Apr 2024 14:31:11 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 404
The specified blob does not exist. _scrol.js
baberticales.blob.core.windows.net/$web/ 0
0 112ms
28ms Script
application/xml 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/_scrol.js
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-request-id: 69d9ecfe-201e-0037-540a-85876e000000
Date: Tue, 02 Apr 2024 14:31:11 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
98 KB 79ms
30ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CRHFY96Y07

Requested by

Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a4fd95493967c13c3c75e51f0d84e7f28b019540ab22fb5bf10ca91043b7d2ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:31:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99604
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 Apr 2024 14:31:12 GMT

GET
H/1.1 200
OK f24.png
baberticales.blob.core.windows.net/$web/images/ 859 KB
860 KB 121ms
34ms Image
image/png 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baberticales.blob.core.windows.net/$web/images/f24.png
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1f16b1d42385f5bb52bee1f7eadd8476666b69120f937453ea765d6248283cc8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:21 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: VHWtnNmEGVq5TI7ERXv7Pg==
ETag: 0x8DC531309BDCCFC
Content-Type: image/png
x-ms-request-id: d13e050b-d01e-0023-6c0a-85cf01000000
x-ms-version: 2009-09-19
Content-Length: 880020

GET
H/1.1 200
OK mnc.png
baberticales.blob.core.windows.net/$web/images/ 187 B
590 B 119ms
32ms Image
image/png 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baberticales.blob.core.windows.net/$web/images/mnc.png
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:18 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: JxAhz6RZQJeBhL4EiYQf0w==
ETag: 0x8DC5313084A5B87
Content-Type: image/png
x-ms-request-id: ea0af086-d01e-0033-070a-850a69000000
x-ms-version: 2009-09-19
Content-Length: 187

GET
H/1.1 200
OK msmm.png
baberticales.blob.core.windows.net/$web/images/ 168 B
571 B 33ms
30ms Image
image/png 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baberticales.blob.core.windows.net/$web/images/msmm.png
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:11 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:18 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: rLBevNX0iPyZFpz/ArbdBA==
ETag: 0x8DC53130848D69A
Content-Type: image/png
x-ms-request-id: 69d9ed04-201e-0037-5a0a-85876e000000
x-ms-version: 2009-09-19
Content-Length: 168

GET
H/1.1 200
OK set.png
baberticales.blob.core.windows.net/$web/images/ 364 B
767 B 33ms
29ms Image
image/png 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baberticales.blob.core.windows.net/$web/images/set.png
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:11 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:20 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 4UTDN4CQCHyM4SmjDLbLTg==
ETag: 0x8DC53130971B061
Content-Type: image/png
x-ms-request-id: 455a8a31-b01e-0068-1a0a-853352000000
x-ms-version: 2009-09-19
Content-Length: 364

GET
H/1.1 200
OK vsc.png
baberticales.blob.core.windows.net/$web/images/ 722 B
1 KB 32ms
28ms Image
image/png 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baberticales.blob.core.windows.net/$web/images/vsc.png
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:20 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: QtjyzBrldZwjafJV8268Aw==
ETag: 0x8DC5313097838B6
Content-Type: image/png
x-ms-request-id: a3f1559a-e01e-0038-710a-85f102000000
x-ms-version: 2009-09-19
Content-Length: 722

GET
H/1.1 200
OK bel.png
baberticales.blob.core.windows.net/$web/images/ 276 B
679 B 50ms
30ms Image
image/png 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baberticales.blob.core.windows.net/$web/images/bel.png
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:17 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: dhbZbDiDAeORZTZH4fXwVw==
ETag: 0x8DC531307B1D490
Content-Type: image/png
x-ms-request-id: ea0af08c-d01e-0033-0b0a-850a69000000
x-ms-version: 2009-09-19
Content-Length: 276

GET
H/1.1 200
OK pcm.png
baberticales.blob.core.windows.net/$web/images/ 1 KB
2 KB 51ms
31ms Image
image/png 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baberticales.blob.core.windows.net/$web/images/pcm.png
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:18 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Bc3xosL8jwe+oKj0+TVmNw==
ETag: 0x8DC53130849990D
Content-Type: image/png
x-ms-request-id: df612ec0-601e-0019-3d0a-85d579000000
x-ms-version: 2009-09-19
Content-Length: 1270

GET
H/1.1 200
OK dm.png
baberticales.blob.core.windows.net/$web/images/ 332 B
735 B 49ms
30ms Image
image/png 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baberticales.blob.core.windows.net/$web/images/dm.png
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:11 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:17 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: nYqQpj0g8F0n5dars14M0A==
ETag: 0x8DC531307B1D490
Content-Type: image/png
x-ms-request-id: 69d9ed08-201e-0037-5e0a-85876e000000
x-ms-version: 2009-09-19
Content-Length: 332

GET
H/1.1 200
OK cs.png
baberticales.blob.core.windows.net/$web/images/ 3 KB
3 KB 49ms
29ms Image
image/png 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baberticales.blob.core.windows.net/$web/images/cs.png
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:17 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: sBow01S/z1Ht8z4LDqB0Ag==
ETag: 0x8DC531307B1D490
Content-Type: image/png
x-ms-request-id: 455a8a33-b01e-0068-1c0a-853352000000
x-ms-version: 2009-09-19
Content-Length: 2681

GET
H/1.1 200
OK re.gif
baberticales.blob.core.windows.net/$web/images/ 14 KB
15 KB 48ms
28ms Image
image/gif 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baberticales.blob.core.windows.net/$web/images/re.gif
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:18 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: b8t44M15M6cO6izwcfghGA==
ETag: 0x8DC53130849990D
Content-Type: image/gif
x-ms-request-id: a3f1559e-e01e-0038-750a-85f102000000
x-ms-version: 2009-09-19
Content-Length: 14751

GET
H/1.1 200
OK nvidia.js Show response
baberticales.blob.core.windows.net/$web/js/ 2 KB
2 KB 34ms
31ms Script
text/javascript 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/js/nvidia.js
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 73310aa233204005c5d97ccd8b6c8c06dda83205f1de6571aa798400fb5bedeb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: bry+0NyVfNkpjiYp41oBOQ==
ETag: 0x8DC53130A450247
Content-Type: text/javascript
x-ms-request-id: df612ebd-601e-0019-3b0a-85d579000000
x-ms-version: 2009-09-19
Content-Length: 2055

GET
H/1.1 200
OK jupiter.js Show response
baberticales.blob.core.windows.net/$web/js/ 503 B
912 B 30ms
30ms Script
text/javascript 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/js/jupiter.js
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:20 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zWwz+8Ih0CcckQr5EObr7Q==
ETag: 0x8DC531309752EE3
Content-Type: text/javascript
x-ms-request-id: ea0af088-d01e-0033-090a-850a69000000
x-ms-version: 2009-09-19
Content-Length: 503

GET.html /
ipwho.is/ 0
0

OPTIONS
H/1.1 200
OK /
ipwho.is/ 0
0 95ms
27ms Preflight
application/json 195.201.57.90
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ipwho.is/?lang=en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 195.201.57.90 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.90.57.201.195.clients.your-server.de
Software: ipwhois /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET.html
Origin: https://baberticales.blob.core.windows.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Date: Tue, 02 Apr 2024 14:31:12 GMT
Server: ipwhois
Transfer-Encoding: chunked
X-Robots-Tag: noindex

GET
DATA 200
OK truncated
/ 349 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK _Fm7-alert.mp3
baberticales.blob.core.windows.net/$web/media/ 112 KB
0 31ms
31ms Media
audio/mpeg 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/media/_Fm7-alert.mp3
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://baberticales.blob.core.windows.net/$web/index.html
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: p1rzmzYHESXhFLU+HxQniA==
ETag: 0x8DC53130A45EB9E
Content-Type: audio/mpeg
x-ms-request-id: ea0af090-d01e-0033-0e0a-850a69000000
x-ms-version: 2009-09-19
Content-Length: 231335

POST
H/1.1 405
The resource doesn't support specified Http Verb. event Show response
baberticales.blob.core.windows.net/api/ 237 B
506 B 28ms
28ms XHR
application/xml 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/api/event
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/js/script.compat.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 98ba9457ca1c7bbc6db72cfeaaaaef6f1b873153e0f4ffb19275b6faf9e2c5c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

x-ms-request-id: df612ec8-601e-0019-410a-85d579000000
Date: Tue, 02 Apr 2024 14:31:12 GMT
Server: Microsoft-HTTPAPI/2.0
Content-Length: 237
Allow: GET,HEAD,PUT,DELETE
Content-Type: application/xml

GET
H/1.1 404
The specified blob does not exist. ai2.mp3
baberticales.blob.core.windows.net/$web/ 215 B
490 B 28ms
28ms Media
application/xml 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/ai2.mp3
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5a7551432ea122855c3e26e374855db9d8d3f841df51ef307b8295969c5b41a4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://baberticales.blob.core.windows.net/$web/index.html
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

x-ms-request-id: a3f155a3-e01e-0038-7a0a-85f102000000
Date: Tue, 02 Apr 2024 14:31:12 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

POST
H2 204 collect
region1.google-analytics.com/g/ 0
267 B 79ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CRHFY96Y07&gtm=45je4410v9176365669za200&_p=1712068272843&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=19805927.1712068273&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712068272&sct=1&seg=0&dl=https%3A%2F%2Fbaberticales.blob.core.windows.net%2F%24web%2Findex.html&dt=Computer%20Sicherheitscode&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1314
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CRHFY96Y07
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Apr 2024 14:31:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://baberticales.blob.core.windows.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK msmm.png
baberticales.blob.core.windows.net/$web/images/ 168 B
571 B 30ms
30ms Other
image/png 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/images/msmm.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Apr 2024 14:31:12 GMT
Last-Modified: Tue, 02 Apr 2024 12:47:18 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: rLBevNX0iPyZFpz/ArbdBA==
ETag: 0x8DC53130848D69A
Content-Type: image/png
x-ms-request-id: d13e0513-d01e-0023-720a-85cf01000000
x-ms-version: 2009-09-19
Content-Length: 168

GET
H3 200 script.js Show response
userstatics.com/get/ 133 B
643 B 126ms
64ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstatics.com/get/script.js?referrer=https://baberticales.blob.core.windows.net/$web/index.html
Requested by: Host: baberticales.blob.core.windows.net
URL: https://baberticales.blob.core.windows.net/$web/js/noir.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 14:31:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://baberticales.blob.core.windows.net
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQSVDM3%2BgrtmbtvgIGJU5iU5BSpLt5yOphzaoGUL5Cv5xhxptNaqMXhtalpt9ee4fsXEXz9HDdJXgYXwRSadaug3wdMfvvOWLP80xuXjYuTXg3PBrUUtRKQt5O7%2FYvVP6G0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 86e18577e9488edc-FRA
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

GET
H/1.1 404
The specified blob does not exist. w3.html
baberticales.blob.core.windows.net/$web/ 215 B
490 B 29ms
29ms Other
application/xml 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/w3.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 03132b34a9d9174233c8df2ddef310a6eb42fa199dbb3bb1a0cd1fdbf40bc530

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-request-id: d13e0710-d01e-0023-470a-85cf01000000
Date: Tue, 02 Apr 2024 14:31:13 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

GET
H/1.1 404
The specified blob does not exist. w1.html
baberticales.blob.core.windows.net/$web/ 215 B
490 B 29ms
29ms Other
application/xml 20.150.59.4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://baberticales.blob.core.windows.net/$web/w1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.59.4 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3db665cdbb307378039d4ca5e099ad5aa7963792154bb8d01abd4d90518f9258

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baberticales.blob.core.windows.net/$web/index.html
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-request-id: d13e0785-d01e-0023-300a-85cf01000000
Date: Tue, 02 Apr 2024 14:31:14 GMT
x-ms-version: 2009-09-19
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Length: 215
Content-Type: application/xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ipwho.is
URL: https://ipwho.is/?lang=en

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
baberticales.blob.core.windows.net/$web	1970-01-20 19:35:08	Name: PHPREFS Value: full
kts.lqclick.com/	1970-01-20 19:35:54	Name: 769.223226 Value: 1
kts.vasstycom.com/	1970-01-20 19:34:31	Name: 721.223309 Value: 1
.windows.net/	1970-01-21 05:10:28	Name: _ga_CRHFY96Y07 Value: GS1.1.1712068272.1.0.1712068272.0.0.0
.windows.net/	1970-01-21 05:10:28	Name: _ga Value: GA1.1.19805927.1712068273

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://baberticales.blob.core.windows.net/$web/_noi2r.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
network	error	URL: https://baberticales.blob.core.windows.net/$web/_scrol.js Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
javascript	error	URL: https://baberticales.blob.core.windows.net/$web/index.html Message: Access to XMLHttpRequest at 'https://ipwho.is/?lang=en' from origin 'https://baberticales.blob.core.windows.net' has been blocked by CORS policy: Method GET.html is not allowed by Access-Control-Allow-Methods in preflight response.
network	error	URL: https://ipwho.is/?lang=en Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://baberticales.blob.core.windows.net/api/event Message: Failed to load resource: the server responded with a status of 405 (The resource doesn't support specified Http Verb.)
network	error	URL: https://baberticales.blob.core.windows.net/$web/ai2.mp3 Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
network	error	URL: https://baberticales.blob.core.windows.net/$web/w3.html Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)
network	error	URL: https://baberticales.blob.core.windows.net/$web/w1.html Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baberticales.blob.core.windows.net
ipwho.is
kts.lqclick.com
kts.vasstycom.com
region1.google-analytics.com
thenetwork18.net
userstatics.com
www.googletagmanager.com
xml.adflyer.media
ipwho.is
172.64.138.20
188.114.96.3
195.201.57.90
20.150.59.4
2001:4860:4802:32::36
2604:9e00:1:129::2:b1f
2a00:1450:4001:828::2008
2a02:128:7:5417::2
2a02:128:7:5427::2
02edef21a4383265c8251985a9c5993b82834c954fd82362d680d7d5701725e9
03132b34a9d9174233c8df2ddef310a6eb42fa199dbb3bb1a0cd1fdbf40bc530
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115
1f16b1d42385f5bb52bee1f7eadd8476666b69120f937453ea765d6248283cc8
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd
3db665cdbb307378039d4ca5e099ad5aa7963792154bb8d01abd4d90518f9258
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977
5a1bc6ee4cc04b8e259bb929bb29d87e8b7eb540f2dc67cbd3bb7dbbe57fd28f
5a7551432ea122855c3e26e374855db9d8d3f841df51ef307b8295969c5b41a4
73310aa233204005c5d97ccd8b6c8c06dda83205f1de6571aa798400fb5bedeb
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5
98ba9457ca1c7bbc6db72cfeaaaaef6f1b873153e0f4ffb19275b6faf9e2c5c3
a4fd95493967c13c3c75e51f0d84e7f28b019540ab22fb5bf10ca91043b7d2ed
afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348
ba9acf1b233e5f71c214152945ebdcb4eefdf22abb2a52116d996608c15c0388
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6aa5558980389b32f515fbccd1c46dd127ceb9705908f2df2405c96713a5e7c

baberticales.blob.core.windows.net Open in urlscan Pro 20.150.59.4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

56 %IPv6

9 Domains

9 Subdomains

7 IPs

5 Countries

1135 kBTransfer

1431 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

baberticales.blob.core.windows.net Open in urlscan Pro
20.150.59.4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

7
IPs

5
Countries

1135 kB
Transfer

1431 kB
Size

5
Cookies

30 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!