alsk3.z13.web.core.windows.net Open in urlscan Pro
20.60.220.228  Malicious Activity! Public Scan

Submitted URL: https://paid.outbrain.com/network/redir?p=31MWtxpLINzjFog5AkxA73UUL2utwo_bNF_ebmz4BXEm01XTSkLjqOEjf-dD0DDuPJFUL-Y2axdEw8bS...
Effective URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Submission: On July 31 via manual from AU — Scanned from AU

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 26 HTTP transactions. The main IP is 20.60.220.228, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is alsk3.z13.web.core.windows.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 08 on April 4th 2024. Valid for: a year.
This is the only time alsk3.z13.web.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 151.101.194.132 54113 (FASTLY)
1 1 172.67.36.125 13335 (CLOUDFLAR...)
1 1 144.202.49.180 20473 (AS-CHOOPA)
18 20.60.220.228 8075 (MICROSOFT...)
1 151.101.66.137 54113 (FASTLY)
1 108.181.64.139 40676 (AS40676)
26 5
Apex Domain
Subdomains
Transfer
18 windows.net
alsk3.z13.web.core.windows.net
334 KB
1 ipwho.is
ipwho.is — Cisco Umbrella Rank: 72804
950 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
27 KB
1 wirednewsscope.com
wirednewsscope.com
271 B
1 zemanta.com
r1-usc1.zemanta.com — Cisco Umbrella Rank: 44766
519 B
1 outbrain.com
paid.outbrain.com — Cisco Umbrella Rank: 20253
2 KB
26 6
Domain Requested by
18 alsk3.z13.web.core.windows.net paid.outbrain.com
alsk3.z13.web.core.windows.net
1 ipwho.is alsk3.z13.web.core.windows.net
1 code.jquery.com alsk3.z13.web.core.windows.net
1 wirednewsscope.com 1 redirects
1 r1-usc1.zemanta.com 1 redirects
1 paid.outbrain.com
26 6

This site contains no links.

Subject Issuer Validity Valid
*.outbrain.com
R11
2024-07-18 -
2024-10-16
3 months crt.sh
*.web.core.windows.net
Microsoft Azure RSA TLS Issuing CA 08
2024-04-04 -
2025-03-30
a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
ipwho.is
GoGetSSL ECC DV CA
2024-03-13 -
2025-03-13
a year crt.sh

This page contains 1 frames:

Primary Page: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Frame ID: 95855B64A6A0A0345FC9B4DE09496248
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Defender smart screen error

Page URL History Show full URLs

  1. https://paid.outbrain.com/network/redir?p=31MWtxpLINzjFog5AkxA73UUL2utwo_bNF_ebmz4BXEm01XTSkLjqOEjf-dD... Page URL
  2. https://r1-usc1.zemanta.com/rp3/b1_outbrainrtb/66673584/182254952/e24105c7-4f8c-11ef-a2ca-cd21807fe9b5/S... HTTP 302
    https://wirednewsscope.com/news/RAFY.php HTTP 302
    https://alsk3.z13.web.core.windows.net/?bcda=1300-041-034 Page URL
  3. https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

81 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

364 kB
Transfer

968 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paid.outbrain.com/network/redir?p=31MWtxpLINzjFog5AkxA73UUL2utwo_bNF_ebmz4BXEm01XTSkLjqOEjf-dD0DDuPJFUL-Y2axdEw8bSNu97YQu4FjHjSYxQFCsgLMnp-QtlUUPpBUle43Ojv_CHTsKtCqLz5oYhYCCoI-mcDKJuAC3qVAEJXKJokmYk0IDlwZDKxFt2GJulc5Vsd0ftSdQw66xsKd0aDEDv1Nrks6DlCBLJNNIVpuPAdglhP0a30Vt9AytIRTEoRfINtrW8snd_2BBCZLufeUNRYhXwl1QrmmQwdstxAcwrvNrA4y0lhEThjgwmO3lL81qYOuZEcJJ5ArJ5HLhwJnHQV6LdHihaIG48UJvt4Yi7zDEe21Mp-YGly5TPa-jstpqn2ijaa2JkJ4K-vXBfERdFHOeiMYhGz3fWITafgzbx_vBP68_xkGHO4ctlAuGyMTCcW-gVE_5qoGvdUeMbsw0rv26zOmZOBkM-1F2AU1T-CcAlLODnhzhct-0aWYH5X08RbrB9FJkkDRwqXIkznquLLp7gMIsxJQZOcR-jkuqSs0go8Aw_2YNcrSmhyppI4VrkNulCJW3yKesYB6icKmMe-9Bi4uq3JL2mb0hkubLEgHhL3ZF3JbgM2LzTA93XQFpvLansT7NGpf6IfdSCY62Ps4Y8wcSBuMrxESezDZTL-d3hEArFnqZ4uDAUD7wBpxZzAEDCya3YbRMMXhXGc2GSF-7itnoWUHMqCooX1G0oBGHvv4Cylm3j9qI_PgvE-rm6C9V5gB6-4NyStbGhJ3EWnaDScZO1Tsu-UVaO_mUqX3ETqpWaYy4JZkWwZpQ_osQN8dIdQp3QnNjtcdwQu-Pto2CDYrlD-NPNgCpZhh-yVFrDUV8j3cldQejnc_WVxLjqRwTB25pzZ68Qi_aZsst7b4bJr5GeRX5f2hre5lYc59U7yBXrwuu3Fo-hFFFaPgbndOBGr7GzB2QUsBM9byyRlQJ-AgeJCre-H41hJTyF5f5qumy-htOc9IJNy6vISJFODA1piVj4JohhoFP7jU_55txcAIaTPPIhSZCG72m2nM_Bh4u00EP_faicP8sX77dzqgiwYwy4B7KP7ZE8ER9LPd7qsF9GkPNWCYzpfis-jtNeSif5ij3fCido8y6yVVnQ1Lx7i8bOGgCPvysRTs54QyrjTReTckbDFbfIFeLdGRttfQrnt_cHK-vCMiBsoojVUmFafI1mjazYiKjfUL4MKWhu4Y-gSn_MfJDBe9n2RphHGMmJiOikETEDK9PtTVG8fV7koLWHbvMbnt6inpuapeUUW5mW_EPGcSXsdRHdQuKZTI_1uSYWW1ouKJADPFffh-wjUeaOQTsfzCGLj0SNkhZB6fIToepiWYA46GDX9aqNjsqu6GCUSjtUEULxdP7-jA-bZV_WZ1IrZgVgRneqYxCGJXM9JN7877BMUEINTS5dIKWBkhcJp0LTK1h8se4d1hvu4iuu6mSXqeJhJDJqL3-Cyiwca3KAWAQ0775e3UWbTb_LTDea7mGjLtLb58X_rsg8jUjvW-GOo2nz7bIIcpxTyBh8MjVS2dwn6pdpg2GQq1NQZ8dVEmngx_k1uzuQa7_UFTRU4He3PgOYcpB_ar9rpuoat_NYgTXDkCixy_yBZLT6CemO3luWIqPS8-lj3DQrbFWk8r1fBkt_LxzR63LZXCP2ulcydPzPPHS-fLJAgNDgZqz7SRsE8f4SDNh-i0atA4QmQMbagQb-mkDVeFkqaUfOyrO_c_oUULwDmt8uu0bVkgBaA_5VS4CRUIeiqYdS7pOz8snvu6FXj6aI49SujdvBz_QWz2oluel2hfUykTZRb7fNCz8rQRYOkJ33M3HqXklNKZ1bHZaZYUwSgf__VSa5BjrFjLb2Uz_lnmvIQw6CSMSx3T6rPPUiac0PkbwogLw-pBobZ4ItqQXqjfGnjgqjia1bqTYJmtyp6sLx6icSNTY31SNGPl-rRIwZ2roLLOqQGCFfpRa_APDzReyyzEJlVBxEHvy_T_xf_OuH7LSlszcdfJ4iMrPS-4YHDcrf7Ccs0p8xEfisaUf23ChSfPSNEy5im1KpjgBoMrXHAv5zJZZk51YMZZBuXM8_8Bj2xv6VvW1oy0VuS3to4DMpJYVwn0mrbUhNPxfgR0WfzIPdWdV6GjQDyDwi0NCJN2CNvctamozEdI1hlI-P4iXJUcTFZQH7phia0D6fgy5MOYIZbV5cFl5TMT4WjaUGptrXAv-3SIT8TpRDMuDpoPjYLTohNaNF-gWE1FdAH0x3DgtT86cU0orYylTfnzflpQWc-QyjsQuNRmW6OYNZ4ncRfsH5uAcKtbWrUKiOODVKkONlqKnOeYJdpjnYTzt0zWg90p7cn7DwkWHKveBbu466U0M47QOUuMf57mazWN-rpE1GX4JsIi8jRG-luazP4g9ha74c1RcZpg6pOOKndwzB6m8erg&c=c9039916&v=4 Page URL
  2. https://r1-usc1.zemanta.com/rp3/b1_outbrainrtb/66673584/182254952/e24105c7-4f8c-11ef-a2ca-cd21807fe9b5/SM32UGXZ7PUDQNQL6QU46QUFGE7JKSNIBJY5SED43THK5KPYSY3BYU5OQFJA44T4XWLB54BWI3MHP6IZUQKF25ANOPAAPW7HRTK4MRGNF35C6SHPRUKAL66HUOIZT5NVIF4YAJQGYFN425CXTJEIJS46B42IWZ5OW6LSBXM6PXL6L4YQ2NJD3M6R5XB272NIR5JSZODVC4QEOLSC3JQ2FVAXIQAC3D2QFCCLPZOX2CNH6XKDBKI7IQUUNJ3BACTVMPY2QWQ7G4PMJFJTJCMLEDIP2GZW3OXQQLXR7UU3O6GFDXDSTHLYBX5DEUKPVXIAXZXEI7KOZMZHA7X5BBSR63RLG4CNUA737U3DIYH23MOKM2QAIHCW5YHTPX6PZFZP6YEXFKEK25JHOOFVOY2XTZ4ULHFY45J7WZ7JZSHOXUNBEYHDINTAVOZ5EC4VIH6H5TV73V7M2D5VQ4HQEB363LOZ7U4H4P4AHI4TQSKZOWUM6UOJIT4OBWKBQWSBWRSROOGOLRTU5DYWQV2O4EL6F3BNJOYCAXQA5UYKHZRPPSPPXF47IU3XKCPT2JBECYLJD4UZFSFTDVF32G4T7X5YWGDP4E6VD4KIYTO2L6UX7RT64KMFMS743AT7X44A5MD4EUJ3MGT4EEEX7DIRUJBQNE34IIIGCKIRC3IMSX2LBGOTXL46KURGXMQQJR4M2BSB5PFCQTTFHUK24S5DFEBBHPD7NZVMTIL7533XIKET562TBMNLZXXWFUDP33OYXGDGRHT56Z7CLVLPQQD2GKKLQOXR66NUMKR4ZSBEIH2BLJXCY3PSSS56427MGZLQXMTDBWNA7MITK6HWDCYZC3VZ5Y6YSYU3RZK43DNQ6MJRJDTSEQCCYVBZI7MG6BQNLDJCD55F2BRVS6CERJRH4P46R7U37ZOE7HLAS44HEIRGIHPLGSNLVRAOMIZ6DRQGBRZYXZ4NBDBUKJJRTHMGPQPF45STQW7UVZA3GZAFXHT7I7AVCDO7VMKU6H2A4HUCBWUWOHDQ5KJUVCDP4XNYB4AXVGO2YEALT5AB7DMKUZNI26DQV2PAXZIW4IZOMYJDYBTEMIQ7J7G45OI2TLNGWZ2PT5HXUSUTZ2IDQ2LTDSA/ HTTP 302
    https://wirednewsscope.com/news/RAFY.php HTTP 302
    https://alsk3.z13.web.core.windows.net/?bcda=1300-041-034 Page URL
  3. https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://r1-usc1.zemanta.com/rp3/b1_outbrainrtb/66673584/182254952/e24105c7-4f8c-11ef-a2ca-cd21807fe9b5/SM32UGXZ7PUDQNQL6QU46QUFGE7JKSNIBJY5SED43THK5KPYSY3BYU5OQFJA44T4XWLB54BWI3MHP6IZUQKF25ANOPAAPW7HRTK4MRGNF35C6SHPRUKAL66HUOIZT5NVIF4YAJQGYFN425CXTJEIJS46B42IWZ5OW6LSBXM6PXL6L4YQ2NJD3M6R5XB272NIR5JSZODVC4QEOLSC3JQ2FVAXIQAC3D2QFCCLPZOX2CNH6XKDBKI7IQUUNJ3BACTVMPY2QWQ7G4PMJFJTJCMLEDIP2GZW3OXQQLXR7UU3O6GFDXDSTHLYBX5DEUKPVXIAXZXEI7KOZMZHA7X5BBSR63RLG4CNUA737U3DIYH23MOKM2QAIHCW5YHTPX6PZFZP6YEXFKEK25JHOOFVOY2XTZ4ULHFY45J7WZ7JZSHOXUNBEYHDINTAVOZ5EC4VIH6H5TV73V7M2D5VQ4HQEB363LOZ7U4H4P4AHI4TQSKZOWUM6UOJIT4OBWKBQWSBWRSROOGOLRTU5DYWQV2O4EL6F3BNJOYCAXQA5UYKHZRPPSPPXF47IU3XKCPT2JBECYLJD4UZFSFTDVF32G4T7X5YWGDP4E6VD4KIYTO2L6UX7RT64KMFMS743AT7X44A5MD4EUJ3MGT4EEEX7DIRUJBQNE34IIIGCKIRC3IMSX2LBGOTXL46KURGXMQQJR4M2BSB5PFCQTTFHUK24S5DFEBBHPD7NZVMTIL7533XIKET562TBMNLZXXWFUDP33OYXGDGRHT56Z7CLVLPQQD2GKKLQOXR66NUMKR4ZSBEIH2BLJXCY3PSSS56427MGZLQXMTDBWNA7MITK6HWDCYZC3VZ5Y6YSYU3RZK43DNQ6MJRJDTSEQCCYVBZI7MG6BQNLDJCD55F2BRVS6CERJRH4P46R7U37ZOE7HLAS44HEIRGIHPLGSNLVRAOMIZ6DRQGBRZYXZ4NBDBUKJJRTHMGPQPF45STQW7UVZA3GZAFXHT7I7AVCDO7VMKU6H2A4HUCBWUWOHDQ5KJUVCDP4XNYB4AXVGO2YEALT5AB7DMKUZNI26DQV2PAXZIW4IZOMYJDYBTEMIQ7J7G45OI2TLNGWZ2PT5HXUSUTZ2IDQ2LTDSA/ HTTP 302
  • https://wirednewsscope.com/news/RAFY.php HTTP 302
  • https://alsk3.z13.web.core.windows.net/?bcda=1300-041-034

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
redir
paid.outbrain.com/network/
3 KB
2 KB
Document
General
Full URL
https://paid.outbrain.com/network/redir?p=31MWtxpLINzjFog5AkxA73UUL2utwo_bNF_ebmz4BXEm01XTSkLjqOEjf-dD0DDuPJFUL-Y2axdEw8bSNu97YQu4FjHjSYxQFCsgLMnp-QtlUUPpBUle43Ojv_CHTsKtCqLz5oYhYCCoI-mcDKJuAC3qVAEJXKJokmYk0IDlwZDKxFt2GJulc5Vsd0ftSdQw66xsKd0aDEDv1Nrks6DlCBLJNNIVpuPAdglhP0a30Vt9AytIRTEoRfINtrW8snd_2BBCZLufeUNRYhXwl1QrmmQwdstxAcwrvNrA4y0lhEThjgwmO3lL81qYOuZEcJJ5ArJ5HLhwJnHQV6LdHihaIG48UJvt4Yi7zDEe21Mp-YGly5TPa-jstpqn2ijaa2JkJ4K-vXBfERdFHOeiMYhGz3fWITafgzbx_vBP68_xkGHO4ctlAuGyMTCcW-gVE_5qoGvdUeMbsw0rv26zOmZOBkM-1F2AU1T-CcAlLODnhzhct-0aWYH5X08RbrB9FJkkDRwqXIkznquLLp7gMIsxJQZOcR-jkuqSs0go8Aw_2YNcrSmhyppI4VrkNulCJW3yKesYB6icKmMe-9Bi4uq3JL2mb0hkubLEgHhL3ZF3JbgM2LzTA93XQFpvLansT7NGpf6IfdSCY62Ps4Y8wcSBuMrxESezDZTL-d3hEArFnqZ4uDAUD7wBpxZzAEDCya3YbRMMXhXGc2GSF-7itnoWUHMqCooX1G0oBGHvv4Cylm3j9qI_PgvE-rm6C9V5gB6-4NyStbGhJ3EWnaDScZO1Tsu-UVaO_mUqX3ETqpWaYy4JZkWwZpQ_osQN8dIdQp3QnNjtcdwQu-Pto2CDYrlD-NPNgCpZhh-yVFrDUV8j3cldQejnc_WVxLjqRwTB25pzZ68Qi_aZsst7b4bJr5GeRX5f2hre5lYc59U7yBXrwuu3Fo-hFFFaPgbndOBGr7GzB2QUsBM9byyRlQJ-AgeJCre-H41hJTyF5f5qumy-htOc9IJNy6vISJFODA1piVj4JohhoFP7jU_55txcAIaTPPIhSZCG72m2nM_Bh4u00EP_faicP8sX77dzqgiwYwy4B7KP7ZE8ER9LPd7qsF9GkPNWCYzpfis-jtNeSif5ij3fCido8y6yVVnQ1Lx7i8bOGgCPvysRTs54QyrjTReTckbDFbfIFeLdGRttfQrnt_cHK-vCMiBsoojVUmFafI1mjazYiKjfUL4MKWhu4Y-gSn_MfJDBe9n2RphHGMmJiOikETEDK9PtTVG8fV7koLWHbvMbnt6inpuapeUUW5mW_EPGcSXsdRHdQuKZTI_1uSYWW1ouKJADPFffh-wjUeaOQTsfzCGLj0SNkhZB6fIToepiWYA46GDX9aqNjsqu6GCUSjtUEULxdP7-jA-bZV_WZ1IrZgVgRneqYxCGJXM9JN7877BMUEINTS5dIKWBkhcJp0LTK1h8se4d1hvu4iuu6mSXqeJhJDJqL3-Cyiwca3KAWAQ0775e3UWbTb_LTDea7mGjLtLb58X_rsg8jUjvW-GOo2nz7bIIcpxTyBh8MjVS2dwn6pdpg2GQq1NQZ8dVEmngx_k1uzuQa7_UFTRU4He3PgOYcpB_ar9rpuoat_NYgTXDkCixy_yBZLT6CemO3luWIqPS8-lj3DQrbFWk8r1fBkt_LxzR63LZXCP2ulcydPzPPHS-fLJAgNDgZqz7SRsE8f4SDNh-i0atA4QmQMbagQb-mkDVeFkqaUfOyrO_c_oUULwDmt8uu0bVkgBaA_5VS4CRUIeiqYdS7pOz8snvu6FXj6aI49SujdvBz_QWz2oluel2hfUykTZRb7fNCz8rQRYOkJ33M3HqXklNKZ1bHZaZYUwSgf__VSa5BjrFjLb2Uz_lnmvIQw6CSMSx3T6rPPUiac0PkbwogLw-pBobZ4ItqQXqjfGnjgqjia1bqTYJmtyp6sLx6icSNTY31SNGPl-rRIwZ2roLLOqQGCFfpRa_APDzReyyzEJlVBxEHvy_T_xf_OuH7LSlszcdfJ4iMrPS-4YHDcrf7Ccs0p8xEfisaUf23ChSfPSNEy5im1KpjgBoMrXHAv5zJZZk51YMZZBuXM8_8Bj2xv6VvW1oy0VuS3to4DMpJYVwn0mrbUhNPxfgR0WfzIPdWdV6GjQDyDwi0NCJN2CNvctamozEdI1hlI-P4iXJUcTFZQH7phia0D6fgy5MOYIZbV5cFl5TMT4WjaUGptrXAv-3SIT8TpRDMuDpoPjYLTohNaNF-gWE1FdAH0x3DgtT86cU0orYylTfnzflpQWc-QyjsQuNRmW6OYNZ4ncRfsH5uAcKtbWrUKiOODVKkONlqKnOeYJdpjnYTzt0zWg90p7cn7DwkWHKveBbu466U0M47QOUuMf57mazWN-rpE1GX4JsIi8jRG-luazP4g9ha74c1RcZpg6pOOKndwzB6m8erg&c=c9039916&v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3ae89d2ef7f40289ea539ca31383ce5a529d7ad54b2b123c43d807f2cb038d88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache
content-encoding
br
content-length
974
content-type
text/html;charset=UTF-8
date
Wed, 31 Jul 2024 22:37:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
traffic-path
SADC1, SJC, SYD, APAC1
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-sjc1000102-SJC, cache-syd10167-SYD
x-timer
S1722465450.490899,VS0,VE159
x-traceid
c5b2043489596fcc39b458fb30524423
/
alsk3.z13.web.core.windows.net/
Redirect Chain
  • https://r1-usc1.zemanta.com/rp3/b1_outbrainrtb/66673584/182254952/e24105c7-4f8c-11ef-a2ca-cd21807fe9b5/SM32UGXZ7PUDQNQL6QU46QUFGE7JKSNIBJY5SED43THK5KPYSY3BYU5OQFJA44T4XWLB54BWI3MHP6IZUQKF25ANOPAAPW...
  • https://wirednewsscope.com/news/RAFY.php
  • https://alsk3.z13.web.core.windows.net/?bcda=1300-041-034
1 KB
2 KB
Document
General
Full URL
https://alsk3.z13.web.core.windows.net/?bcda=1300-041-034
Requested by
Host: paid.outbrain.com
URL: https://paid.outbrain.com/network/redir?p=31MWtxpLINzjFog5AkxA73UUL2utwo_bNF_ebmz4BXEm01XTSkLjqOEjf-dD0DDuPJFUL-Y2axdEw8bSNu97YQu4FjHjSYxQFCsgLMnp-QtlUUPpBUle43Ojv_CHTsKtCqLz5oYhYCCoI-mcDKJuAC3qVAEJXKJokmYk0IDlwZDKxFt2GJulc5Vsd0ftSdQw66xsKd0aDEDv1Nrks6DlCBLJNNIVpuPAdglhP0a30Vt9AytIRTEoRfINtrW8snd_2BBCZLufeUNRYhXwl1QrmmQwdstxAcwrvNrA4y0lhEThjgwmO3lL81qYOuZEcJJ5ArJ5HLhwJnHQV6LdHihaIG48UJvt4Yi7zDEe21Mp-YGly5TPa-jstpqn2ijaa2JkJ4K-vXBfERdFHOeiMYhGz3fWITafgzbx_vBP68_xkGHO4ctlAuGyMTCcW-gVE_5qoGvdUeMbsw0rv26zOmZOBkM-1F2AU1T-CcAlLODnhzhct-0aWYH5X08RbrB9FJkkDRwqXIkznquLLp7gMIsxJQZOcR-jkuqSs0go8Aw_2YNcrSmhyppI4VrkNulCJW3yKesYB6icKmMe-9Bi4uq3JL2mb0hkubLEgHhL3ZF3JbgM2LzTA93XQFpvLansT7NGpf6IfdSCY62Ps4Y8wcSBuMrxESezDZTL-d3hEArFnqZ4uDAUD7wBpxZzAEDCya3YbRMMXhXGc2GSF-7itnoWUHMqCooX1G0oBGHvv4Cylm3j9qI_PgvE-rm6C9V5gB6-4NyStbGhJ3EWnaDScZO1Tsu-UVaO_mUqX3ETqpWaYy4JZkWwZpQ_osQN8dIdQp3QnNjtcdwQu-Pto2CDYrlD-NPNgCpZhh-yVFrDUV8j3cldQejnc_WVxLjqRwTB25pzZ68Qi_aZsst7b4bJr5GeRX5f2hre5lYc59U7yBXrwuu3Fo-hFFFaPgbndOBGr7GzB2QUsBM9byyRlQJ-AgeJCre-H41hJTyF5f5qumy-htOc9IJNy6vISJFODA1piVj4JohhoFP7jU_55txcAIaTPPIhSZCG72m2nM_Bh4u00EP_faicP8sX77dzqgiwYwy4B7KP7ZE8ER9LPd7qsF9GkPNWCYzpfis-jtNeSif5ij3fCido8y6yVVnQ1Lx7i8bOGgCPvysRTs54QyrjTReTckbDFbfIFeLdGRttfQrnt_cHK-vCMiBsoojVUmFafI1mjazYiKjfUL4MKWhu4Y-gSn_MfJDBe9n2RphHGMmJiOikETEDK9PtTVG8fV7koLWHbvMbnt6inpuapeUUW5mW_EPGcSXsdRHdQuKZTI_1uSYWW1ouKJADPFffh-wjUeaOQTsfzCGLj0SNkhZB6fIToepiWYA46GDX9aqNjsqu6GCUSjtUEULxdP7-jA-bZV_WZ1IrZgVgRneqYxCGJXM9JN7877BMUEINTS5dIKWBkhcJp0LTK1h8se4d1hvu4iuu6mSXqeJhJDJqL3-Cyiwca3KAWAQ0775e3UWbTb_LTDea7mGjLtLb58X_rsg8jUjvW-GOo2nz7bIIcpxTyBh8MjVS2dwn6pdpg2GQq1NQZ8dVEmngx_k1uzuQa7_UFTRU4He3PgOYcpB_ar9rpuoat_NYgTXDkCixy_yBZLT6CemO3luWIqPS8-lj3DQrbFWk8r1fBkt_LxzR63LZXCP2ulcydPzPPHS-fLJAgNDgZqz7SRsE8f4SDNh-i0atA4QmQMbagQb-mkDVeFkqaUfOyrO_c_oUULwDmt8uu0bVkgBaA_5VS4CRUIeiqYdS7pOz8snvu6FXj6aI49SujdvBz_QWz2oluel2hfUykTZRb7fNCz8rQRYOkJ33M3HqXklNKZ1bHZaZYUwSgf__VSa5BjrFjLb2Uz_lnmvIQw6CSMSx3T6rPPUiac0PkbwogLw-pBobZ4ItqQXqjfGnjgqjia1bqTYJmtyp6sLx6icSNTY31SNGPl-rRIwZ2roLLOqQGCFfpRa_APDzReyyzEJlVBxEHvy_T_xf_OuH7LSlszcdfJ4iMrPS-4YHDcrf7Ccs0p8xEfisaUf23ChSfPSNEy5im1KpjgBoMrXHAv5zJZZk51YMZZBuXM8_8Bj2xv6VvW1oy0VuS3to4DMpJYVwn0mrbUhNPxfgR0WfzIPdWdV6GjQDyDwi0NCJN2CNvctamozEdI1hlI-P4iXJUcTFZQH7phia0D6fgy5MOYIZbV5cFl5TMT4WjaUGptrXAv-3SIT8TpRDMuDpoPjYLTohNaNF-gWE1FdAH0x3DgtT86cU0orYylTfnzflpQWc-QyjsQuNRmW6OYNZ4ncRfsH5uAcKtbWrUKiOODVKkONlqKnOeYJdpjnYTzt0zWg90p7cn7DwkWHKveBbu466U0M47QOUuMf57mazWN-rpE1GX4JsIi8jRG-luazP4g9ha74c1RcZpg6pOOKndwzB6m8erg&c=c9039916&v=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://paid.outbrain.com/network/redir?p=31MWtxpLINzjFog5AkxA73UUL2utwo_bNF_ebmz4BXEm01XTSkLjqOEjf-dD0DDuPJFUL-Y2axdEw8bSNu97YQu4FjHjSYxQFCsgLMnp-QtlUUPpBUle43Ojv_CHTsKtCqLz5oYhYCCoI-mcDKJuAC3qVAEJXKJokmYk0IDlwZDKxFt2GJulc5Vsd0ftSdQw66xsKd0aDEDv1Nrks6DlCBLJNNIVpuPAdglhP0a30Vt9AytIRTEoRfINtrW8snd_2BBCZLufeUNRYhXwl1QrmmQwdstxAcwrvNrA4y0lhEThjgwmO3lL81qYOuZEcJJ5ArJ5HLhwJnHQV6LdHihaIG48UJvt4Yi7zDEe21Mp-YGly5TPa-jstpqn2ijaa2JkJ4K-vXBfERdFHOeiMYhGz3fWITafgzbx_vBP68_xkGHO4ctlAuGyMTCcW-gVE_5qoGvdUeMbsw0rv26zOmZOBkM-1F2AU1T-CcAlLODnhzhct-0aWYH5X08RbrB9FJkkDRwqXIkznquLLp7gMIsxJQZOcR-jkuqSs0go8Aw_2YNcrSmhyppI4VrkNulCJW3yKesYB6icKmMe-9Bi4uq3JL2mb0hkubLEgHhL3ZF3JbgM2LzTA93XQFpvLansT7NGpf6IfdSCY62Ps4Y8wcSBuMrxESezDZTL-d3hEArFnqZ4uDAUD7wBpxZzAEDCya3YbRMMXhXGc2GSF-7itnoWUHMqCooX1G0oBGHvv4Cylm3j9qI_PgvE-rm6C9V5gB6-4NyStbGhJ3EWnaDScZO1Tsu-UVaO_mUqX3ETqpWaYy4JZkWwZpQ_osQN8dIdQp3QnNjtcdwQu-Pto2CDYrlD-NPNgCpZhh-yVFrDUV8j3cldQejnc_WVxLjqRwTB25pzZ68Qi_aZsst7b4bJr5GeRX5f2hre5lYc59U7yBXrwuu3Fo-hFFFaPgbndOBGr7GzB2QUsBM9byyRlQJ-AgeJCre-H41hJTyF5f5qumy-htOc9IJNy6vISJFODA1piVj4JohhoFP7jU_55txcAIaTPPIhSZCG72m2nM_Bh4u00EP_faicP8sX77dzqgiwYwy4B7KP7ZE8ER9LPd7qsF9GkPNWCYzpfis-jtNeSif5ij3fCido8y6yVVnQ1Lx7i8bOGgCPvysRTs54QyrjTReTckbDFbfIFeLdGRttfQrnt_cHK-vCMiBsoojVUmFafI1mjazYiKjfUL4MKWhu4Y-gSn_MfJDBe9n2RphHGMmJiOikETEDK9PtTVG8fV7koLWHbvMbnt6inpuapeUUW5mW_EPGcSXsdRHdQuKZTI_1uSYWW1ouKJADPFffh-wjUeaOQTsfzCGLj0SNkhZB6fIToepiWYA46GDX9aqNjsqu6GCUSjtUEULxdP7-jA-bZV_WZ1IrZgVgRneqYxCGJXM9JN7877BMUEINTS5dIKWBkhcJp0LTK1h8se4d1hvu4iuu6mSXqeJhJDJqL3-Cyiwca3KAWAQ0775e3UWbTb_LTDea7mGjLtLb58X_rsg8jUjvW-GOo2nz7bIIcpxTyBh8MjVS2dwn6pdpg2GQq1NQZ8dVEmngx_k1uzuQa7_UFTRU4He3PgOYcpB_ar9rpuoat_NYgTXDkCixy_yBZLT6CemO3luWIqPS8-lj3DQrbFWk8r1fBkt_LxzR63LZXCP2ulcydPzPPHS-fLJAgNDgZqz7SRsE8f4SDNh-i0atA4QmQMbagQb-mkDVeFkqaUfOyrO_c_oUULwDmt8uu0bVkgBaA_5VS4CRUIeiqYdS7pOz8snvu6FXj6aI49SujdvBz_QWz2oluel2hfUykTZRb7fNCz8rQRYOkJ33M3HqXklNKZ1bHZaZYUwSgf__VSa5BjrFjLb2Uz_lnmvIQw6CSMSx3T6rPPUiac0PkbwogLw-pBobZ4ItqQXqjfGnjgqjia1bqTYJmtyp6sLx6icSNTY31SNGPl-rRIwZ2roLLOqQGCFfpRa_APDzReyyzEJlVBxEHvy_T_xf_OuH7LSlszcdfJ4iMrPS-4YHDcrf7Ccs0p8xEfisaUf23ChSfPSNEy5im1KpjgBoMrXHAv5zJZZk51YMZZBuXM8_8Bj2xv6VvW1oy0VuS3to4DMpJYVwn0mrbUhNPxfgR0WfzIPdWdV6GjQDyDwi0NCJN2CNvctamozEdI1hlI-P4iXJUcTFZQH7phia0D6fgy5MOYIZbV5cFl5TMT4WjaUGptrXAv-3SIT8TpRDMuDpoPjYLTohNaNF-gWE1FdAH0x3DgtT86cU0orYylTfnzflpQWc-QyjsQuNRmW6OYNZ4ncRfsH5uAcKtbWrUKiOODVKkONlqKnOeYJdpjnYTzt0zWg90p7cn7DwkWHKveBbu466U0M47QOUuMf57mazWN-rpE1GX4JsIi8jRG-luazP4g9ha74c1RcZpg6pOOKndwzB6m8erg&c=c9039916&v=4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Length
1364
Content-MD5
3KAJXnuP69jt+/DpQtuvRQ==
Content-Type
text/html
Date
Wed, 31 Jul 2024 22:37:32 GMT
ETag
"0x8DCB1AEB35DBD6E"
Last-Modified
Wed, 31 Jul 2024 22:18:27 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
335477f5-d01e-0064-579a-e33b25000000
x-ms-version
2018-03-28

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 31 Jul 2024 22:37:31 GMT
location
https://alsk3.z13.web.core.windows.net/?bcda=1300-041-034
server
LiteSpeed
Primary Request /
alsk3.z13.web.core.windows.net/win1bex33nz/
24 KB
24 KB
Document
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
de0b4f9c731965f1a4c1d96bc1e90ee4acb83308d5fa3a25c2742f503c1db500

Request headers

Referer
https://alsk3.z13.web.core.windows.net/?bcda=1300-041-034
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Length
24162
Content-MD5
gqgejCbbfqwCMzb8rChOjg==
Content-Type
text/html
Date
Wed, 31 Jul 2024 22:37:33 GMT
ETag
"0x8DCB1AEB43660D8"
Last-Modified
Wed, 31 Jul 2024 22:18:28 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
33547920-d01e-0064-7b9a-e33b25000000
x-ms-version
2018-03-28
tapa.css
alsk3.z13.web.core.windows.net/win1bex33nz/
19 KB
19 KB
Stylesheet
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/tapa.css
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
863547e9f5235aa4208737d9d86f4d62aa4146acb258399089842f30e79627de

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:33 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:29 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
UHCRdCgGiSCeChzkKQgYzA==
ETag
"0x8DCB1AEB4FA81E6"
Content-Type
text/css
x-ms-request-id
33547ac0-d01e-0064-0d9a-e33b25000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
19500
jquery-1.4.4.min.js
code.jquery.com/
77 KB
27 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.4.4.min.js
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Request headers

Referer
https://alsk3.z13.web.core.windows.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:37:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
736049
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
27078
x-served-by
cache-lga21980-LGA, cache-syd10169-SYD
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1722465453.495103,VS0,VE0
etag
W/"28feccc0-13309"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
598, 50
noir.js
alsk3.z13.web.core.windows.net/win1bex33nz/
82 KB
83 KB
Script
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/noir.js
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:33 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:29 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
qDJajd3HXrTNeKTJ0geq8w==
ETag
"0x8DCB1AEB4AD0726"
Content-Type
text/javascript
x-ms-request-id
33547ba4-d01e-0064-6b9a-e33b25000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
84272
def.gif
alsk3.z13.web.core.windows.net/win1bex33nz/
166 KB
166 KB
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/def.gif
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:33 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:28 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
G30pExj2QoWKUwV9oUABmg==
ETag
"0x8DCB1AEB427568B"
Content-Type
image/gif
x-ms-request-id
0bda5414-601e-00c8-209a-e3288c000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
169529
f24.png
alsk3.z13.web.core.windows.net/win1bex33nz/
464 KB
0
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/f24.png
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:33 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:30 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
pSkSKdLMqwMW5i6gUoLzNQ==
ETag
"0x8DCB1AEB52A35D8"
Content-Type
image/png
x-ms-request-id
a44dee84-401e-00f0-319a-e38c4c000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
1832599
mnc.png
alsk3.z13.web.core.windows.net/win1bex33nz/
166 B
536 B
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/mnc.png
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1901eeec960650f0c4c31673dde13f934f4e22bcb702383aefacaf00bdd743c7

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:34 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:28 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Ueu7GHkJOJOzm7tulwIXrg==
ETag
"0x8DCB1AEB44019E0"
Content-Type
image/png
x-ms-request-id
33547d85-d01e-0064-3d9a-e33b25000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
166
msmm.png
alsk3.z13.web.core.windows.net/win1bex33nz/
148 B
518 B
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/msmm.png
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:33 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:28 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
eG5FG4kRHQTLH7o9MsOY+g==
ETag
"0x8DCB1AEB47801FC"
Content-Type
image/png
x-ms-request-id
f24ebfb4-101e-00a0-0c9a-e34e1c000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
148
set.png
alsk3.z13.web.core.windows.net/win1bex33nz/
360 B
730 B
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/set.png
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d78dca445132754bf14e22d2dd76a8273a5c77e9a084b12e17ca76d500d3b6e3

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:33 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:29 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
B7JU2bpmXo/foaV3hRpJQg==
ETag
"0x8DCB1AEB4F9E655"
Content-Type
image/png
x-ms-request-id
e438358b-801e-0079-169a-e33699000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
360
ques.png
alsk3.z13.web.core.windows.net/win1bex33nz/
349 B
719 B
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/ques.png
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:34 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:29 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
dFTGUuBzPZLebJIMLWRq4A==
ETag
"0x8DCB1AEB4CB9061"
Content-Type
image/png
x-ms-request-id
3354807f-d01e-0064-239a-e33b25000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
349
vsc.png
alsk3.z13.web.core.windows.net/win1bex33nz/
752 B
1 KB
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/vsc.png
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
23e2636c586a13f6dba4730d4d92fccd80ef8d0358e9c266e7cdd1d5123057f7

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:34 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:30 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
hwc2RJkMskC8yaykKa8mcA==
ETag
"0x8DCB1AEB5529F02"
Content-Type
image/png
x-ms-request-id
6482d835-801e-008d-7e9a-e3fd6f000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
752
bxs.png
alsk3.z13.web.core.windows.net/win1bex33nz/
5 KB
5 KB
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/bxs.png
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
689cfc046cb7a6b6e6f85452bfe224b645ae827d50fb80498326502465327199

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:34 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:27 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
3RrL2UNcRBXOUDqY2KX/Kw==
ETag
"0x8DCB1AEB35F901C"
Content-Type
image/png
x-ms-request-id
f24ec260-101e-00a0-289a-e34e1c000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
4776
bx1.png
alsk3.z13.web.core.windows.net/win1bex33nz/
96 KB
0
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/bx1.png
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:33 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:27 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
N18q7ceiyVXzo9YIarlWCw==
ETag
"0x8DCB1AEB38B77CF"
Content-Type
image/png
x-ms-request-id
e43836ca-801e-0079-4c9a-e33699000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
119079
bel.png
alsk3.z13.web.core.windows.net/win1bex33nz/
296 B
666 B
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/bel.png
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ef35b00fa94fa0b4991c624c8bff042893b37d4e0c04f03f71533a9cd28c1953

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:34 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:27 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
XMwz/dJdl28hV57djidBRQ==
ETag
"0x8DCB1AEB35DBD6E"
Content-Type
image/png
x-ms-request-id
0bda5986-601e-00c8-709a-e3288c000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
296
pcm.png
alsk3.z13.web.core.windows.net/win1bex33nz/
0
0

winlo.png
alsk3.z13.web.core.windows.net/win1bex33nz/
12 KB
12 KB
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/winlo.png
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:34 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:30 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
IPxzD3sa57kA9m28fdw/ww==
ETag
"0x8DCB1AEB57B0829"
Content-Type
image/png
x-ms-request-id
33547f75-d01e-0064-249a-e33b25000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
12386
dm.png
alsk3.z13.web.core.windows.net/win1bex33nz/
347 B
717 B
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/dm.png
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:34 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:27 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
SjmHbQZgz+Wx9csHNJjGbQ==
ETag
"0x8DCB1AEB3D87DD0"
Content-Type
image/png
x-ms-request-id
33547e93-d01e-0064-4a9a-e33b25000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
347
cs.png
alsk3.z13.web.core.windows.net/win1bex33nz/
3 KB
3 KB
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/cs.png
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:34 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:27 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
kR8Ewh15GiBXSksoe2DTrw==
ETag
"0x8DCB1AEB3D87DD0"
Content-Type
image/png
x-ms-request-id
f24ec3ad-101e-00a0-669a-e34e1c000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
3152
re.gif
alsk3.z13.web.core.windows.net/win1bex33nz/
14 KB
15 KB
Image
General
Full URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/re.gif
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Request headers

Referer
https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:34 GMT
Last-Modified
Wed, 31 Jul 2024 22:18:29 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
b8t44M15M6cO6izwcfghGA==
ETag
"0x8DCB1AEB4F8AF2F"
Content-Type
image/gif
x-ms-request-id
f24ec130-101e-00a0-019a-e34e1c000000
x-ms-version
2018-03-28
Accept-Ranges
bytes
Content-Length
14751
nvidia.js
alsk3.z13.web.core.windows.net/win1bex33nz/
0
0

jupiter.js
alsk3.z13.web.core.windows.net/win1bex33nz/
0
0

bxsafe.js
alsk3.z13.web.core.windows.net/win1bex33nz/
0
0

esc.js
alsk3.z13.web.core.windows.net/win1bex33nz/
0
0

/
ipwho.is/
678 B
950 B
XHR
General
Full URL
https://ipwho.is/?lang=en
Requested by
Host: alsk3.z13.web.core.windows.net
URL: https://alsk3.z13.web.core.windows.net/win1bex33nz/?bcda=1300-041-034
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
108.181.64.139 Sydney, Australia, ASN40676 (AS40676, US),
Reverse DNS
Software
ipwhois /
Resource Hash
00b6cf6d38599c23ed66022a25c12e5ab478de5d862461b2393cf49ea0b6eae8

Request headers

Referer
https://alsk3.z13.web.core.windows.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 22:37:34 GMT
Server
ipwhois
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Robots-Tag
noindex
Access-Control-Allow-Headers
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
alsk3.z13.web.core.windows.net
URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/pcm.png
Domain
alsk3.z13.web.core.windows.net
URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/nvidia.js
Domain
alsk3.z13.web.core.windows.net
URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/jupiter.js
Domain
alsk3.z13.web.core.windows.net
URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/bxsafe.js
Domain
alsk3.z13.web.core.windows.net
URL
https://alsk3.z13.web.core.windows.net/win1bex33nz/esc.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| t function| ddwqdqcqqcqvqwqweqwrqweeq string| bcda string| ipadd string| city string| country string| isp string| currtime

5 Cookies

Domain/Path Name / Value
.outbrain.com/ Name: ref-5677721838
Value: 6e15eadb0f38c844308f2774dd874e8e|5679607259||0|473944996|100|4556265|239950|1
.outbrain.com/ Name: auid
Value: JHL-xCdTjzDHRaKYlf_Wd53jKsjUneR6UUKY5It4AiCLsbETRwLQhBnayDcVIPHQ
.outbrain.com/ Name: obuid
Value: ec8425b0-5597-4d21-9974-0d1253f608d0
.zemanta.com/ Name: zuid
Value: LPzK3-cdpJhtgCIijnjB
.zemanta.com/ Name: zpb
Value: 73725_e24105c7-4f8c-11ef-a2ca-cd21807fe9b5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alsk3.z13.web.core.windows.net
code.jquery.com
ipwho.is
paid.outbrain.com
r1-usc1.zemanta.com
wirednewsscope.com
alsk3.z13.web.core.windows.net
108.181.64.139
144.202.49.180
151.101.194.132
151.101.66.137
172.67.36.125
20.60.220.228
00b6cf6d38599c23ed66022a25c12e5ab478de5d862461b2393cf49ea0b6eae8
1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5
1901eeec960650f0c4c31673dde13f934f4e22bcb702383aefacaf00bdd743c7
23e2636c586a13f6dba4730d4d92fccd80ef8d0358e9c266e7cdd1d5123057f7
250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2
35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2
3ae89d2ef7f40289ea539ca31383ce5a529d7ad54b2b123c43d807f2cb038d88
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
689cfc046cb7a6b6e6f85452bfe224b645ae827d50fb80498326502465327199
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6
863547e9f5235aa4208737d9d86f4d62aa4146acb258399089842f30e79627de
b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4
d78dca445132754bf14e22d2dd76a8273a5c77e9a084b12e17ca76d500d3b6e3
de0b4f9c731965f1a4c1d96bc1e90ee4acb83308d5fa3a25c2742f503c1db500
ef35b00fa94fa0b4991c624c8bff042893b37d4e0c04f03f71533a9cd28c1953