urlscan.io logo urlscan.io
SecurityTrails logo

hisplavv4237link113.z11.web.core.windows.net Open in urlscan Pro
20.150.85.193  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Submission Tags: @phish_report
Submission: On November 18 via api from FI — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 37 HTTP transactions. The main IP is 20.150.85.193, located in Tokyo, Japan and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is hisplavv4237link113.z11.web.core.windows.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on October 29th 2024. Valid for: 6 months.
This is the only time hisplavv4237link113.z11.web.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

IP Address AS Autonomous System
24 20.150.85.193 8075 (MICROSOFT...)
4 2404:6800:400... 15169 (GOOGLE)
1 3 142.250.207.36 15169 (GOOGLE)
1 2 142.250.207.2 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 142.251.222.34 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 172.217.26.227 15169 (GOOGLE)
37 8
24    20.150.85.193 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hisplavv4237link113.z11.web.core.windows.net
4    2404:6800:4004:811::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    142.250.207.36 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f4.1e100.net
www.google.com
2    142.250.207.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net
googleads.g.doubleclick.net
2    2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    142.251.222.34 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f2.1e100.net
www.googleadservices.com
1    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    172.217.26.227 (United States)

ASN15169 (GOOGLE, US)
PTR: bom05s09-in-f3.1e100.net
www.google.co.jp
Apex Domain
Subdomains		 Transfer
24 windows.net
hisplavv4237link113.z11.web.core.windows.net
2 MB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
td.doubleclick.net — Cisco Umbrella Rank: 182
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
312 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
88 B
2 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 25693
128 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
3 KB
37 7
Domain Requested by
24 hisplavv4237link113.z11.web.core.windows.net hisplavv4237link113.z11.web.core.windows.net
4 www.googletagmanager.com hisplavv4237link113.z11.web.core.windows.net
www.googletagmanager.com
3 www.google.com 1 redirects www.googletagmanager.com
hisplavv4237link113.z11.web.core.windows.net
2 www.google.co.jp hisplavv4237link113.z11.web.core.windows.net
2 td.doubleclick.net www.googletagmanager.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
37 8

This site contains no links.

Subject Issuer Validity Valid
*.web.core.windows.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-10-29 -
2025-04-27		 6 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.googleadservices.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.co.jp
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Frame ID: 97100DCC59044C859CF35731D8C8C722
Requests: 34 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16611109097?random=1731963814190&cv=11&fst=1731963814190&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: FD00F3E97BB81BD315CA8E129AE687EC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16611109097?random=1731963814206&cv=11&fst=1731963814206&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0
Frame ID: 83E7896ACD97C0CA71F3DA259B1CB491
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net
Frame ID: 8B1B6CC8A35C47CD27467C91F77D0C96
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Windows page

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

97 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

2749 kB
Transfer

3360 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16611109097/?random=1243524118&cv=11&fst=1731963814206&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIhNOn_-PmiQMVaEsPAh11EC_rMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjVodHRwczovL2hpc3BsYXZ2NDIzN2xpbmsxMTMuejExLndlYi5jb3JlLndpbmRvd3MubmV0L0JYQ2hFSWdPanJ1UVlRX2MyWnlxckN4ZWo3QVJJdEFENXhTYU1ZREFSdzRrUExLUWlOWDhVRlkwUkpoM3BFWFROaVpuUE9pQ1kzOXRWTktIUVZBNDZUMDRVMA HTTP 302
  • https://www.google.com/pagead/1p-conversion/16611109097/?random=1243524118&cv=11&fst=1731963814206&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIhNOn_-PmiQMVaEsPAh11EC_rMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjVodHRwczovL2hpc3BsYXZ2NDIzN2xpbmsxMTMuejExLndlYi5jb3JlLndpbmRvd3MubmV0L0JYQ2hFSWdPanJ1UVlRX2MyWnlxckN4ZWo3QVJJdEFENXhTYU1ZREFSdzRrUExLUWlOWDhVRlkwUkpoM3BFWFROaVpuUE9pQ1kzOXRWTktIUVZBNDZUMDRVMA&is_vtc=1&cid=CAQSKQCa7L7d1GnCczXoJueyz28buCLlFMDVW66rMBvX7qrDOCDEENPMnIzp&random=3973613958 HTTP 302
  • https://www.google.co.jp/pagead/1p-conversion/16611109097/?random=1243524118&cv=11&fst=1731963814206&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIhNOn_-PmiQMVaEsPAh11EC_rMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjVodHRwczovL2hpc3BsYXZ2NDIzN2xpbmsxMTMuejExLndlYi5jb3JlLndpbmRvd3MubmV0L0JYQ2hFSWdPanJ1UVlRX2MyWnlxckN4ZWo3QVJJdEFENXhTYU1ZREFSdzRrUExLUWlOWDhVRlkwUkpoM3BFWFROaVpuUE9pQ1kzOXRWTktIUVZBNDZUMDRVMA&is_vtc=1&cid=CAQSKQCa7L7d1GnCczXoJueyz28buCLlFMDVW66rMBvX7qrDOCDEENPMnIzp&random=3973613958&ipr=y

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/ 		15 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8184941ca3d59534ed1be08c0cd5c6a8fe0fcbf734c6e83831182b8c8b1d222a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Length
15260
Content-MD5
anbHOqnRlN3vfNpz49N+GQ==
Content-Type
text/html
Date
Mon, 18 Nov 2024 21:03:33 GMT
ETag
"0x8DD08126D70A2D3"
Last-Modified
Mon, 18 Nov 2024 20:48:59 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
241b2426-801e-008e-6bfd-39953b000000
x-ms-version
2018-03-28
tapa.css
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		19 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/tapa.css
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
863547e9f5235aa4208737d9d86f4d62aa4146acb258399089842f30e79627de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
UHCRdCgGiSCeChzkKQgYzA==
x-ms-version
2018-03-28
ETag
"0x8DD08126FF40ADB"
x-ms-request-id
241b242a-801e-008e-6ffd-39953b000000
Accept-Ranges
bytes
Content-Length
19500
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
text/css
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
js
www.googletagmanager.com/gtag/ 		322 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MPTCR82JNF
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
43d851b1a1f603a789e5a50f76c1fb752def2a738441293082044735374f07b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 18 Nov 2024 21:03:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 21:03:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109692
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		281 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3deea2a56f1923f285343c1e002786dd1c8051b6b6b24d8c92deb7feff6445d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 18 Nov 2024 21:03:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 21:03:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99279
x-xss-protection
0
server
Google Tag Manager
jquery-1.4.4.min.js
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		77 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/jquery-1.4.4.min.js
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
c6nDNMXKcdcNCStCBk9kdg==
x-ms-version
2018-03-28
ETag
"0x8DD08126F88FC60"
x-ms-request-id
241b242d-801e-008e-72fd-39953b000000
Accept-Ranges
bytes
Content-Length
78601
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
text/javascript
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
def.gif
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/def.gif
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
G30pExj2QoWKUwV9oUABmg==
x-ms-version
2018-03-28
ETag
"0x8DD08126F3F2CC5"
x-ms-request-id
8e11304c-501e-0079-3dfd-39bfa9000000
Accept-Ranges
bytes
Content-Length
169529
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/gif
Last-Modified
Mon, 18 Nov 2024 20:49:02 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
f24.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/f24.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
58ad7ea2ca500817266dd0a83b8c4edb0739fd456664b5a2da132204a2240419

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
pSkSKdLMqwMW5i6gUoLzNQ==
x-ms-version
2018-03-28
ETag
"0x8DD0812701BD87A"
x-ms-request-id
8cb5e0bf-001e-0029-4dfd-397df9000000
Accept-Ranges
bytes
Content-Length
1832599
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
mnc.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		166 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/mnc.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1901eeec960650f0c4c31673dde13f934f4e22bcb702383aefacaf00bdd743c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
Ueu7GHkJOJOzm7tulwIXrg==
x-ms-version
2018-03-28
ETag
"0x8DD08126F899893"
x-ms-request-id
241b243d-801e-008e-02fd-39953b000000
Accept-Ranges
bytes
Content-Length
166
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
msmm.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		148 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/msmm.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
eG5FG4kRHQTLH7o9MsOY+g==
x-ms-version
2018-03-28
ETag
"0x8DD08126FA4E4CE"
x-ms-request-id
d1b3dfb1-c01e-007b-27fd-390111000000
Accept-Ranges
bytes
Content-Length
148
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
set.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		360 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/set.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d78dca445132754bf14e22d2dd76a8273a5c77e9a084b12e17ca76d500d3b6e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
B7JU2bpmXo/foaV3hRpJQg==
x-ms-version
2018-03-28
ETag
"0x8DD08126FF4CE0F"
x-ms-request-id
d1b3dfb5-c01e-007b-2bfd-390111000000
Accept-Ranges
bytes
Content-Length
360
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ques.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		349 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ques.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
dFTGUuBzPZLebJIMLWRq4A==
x-ms-version
2018-03-28
ETag
"0x8DD08126FD78645"
x-ms-request-id
241b243f-801e-008e-04fd-39953b000000
Accept-Ranges
bytes
Content-Length
349
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
vsc.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		752 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/vsc.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
23e2636c586a13f6dba4730d4d92fccd80ef8d0358e9c266e7cdd1d5123057f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
hwc2RJkMskC8yaykKa8mcA==
x-ms-version
2018-03-28
ETag
"0x8DD08127020449F"
x-ms-request-id
d1b3dfb7-c01e-007b-2dfd-390111000000
Accept-Ranges
bytes
Content-Length
752
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:04 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
bxs.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/bxs.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
689cfc046cb7a6b6e6f85452bfe224b645ae827d50fb80498326502465327199

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
3RrL2UNcRBXOUDqY2KX/Kw==
x-ms-version
2018-03-28
ETag
"0x8DD08126F1A44F3"
x-ms-request-id
49077624-b01e-003c-76fd-396a4a000000
Accept-Ranges
bytes
Content-Length
4776
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:02 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
bx1.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/bx1.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
N18q7ceiyVXzo9YIarlWCw==
x-ms-version
2018-03-28
ETag
"0x8DD08126F31C133"
x-ms-request-id
41800a8c-201e-0001-11fd-391c51000000
Accept-Ranges
bytes
Content-Length
119079
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:02 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
bel.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		296 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/bel.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ef35b00fa94fa0b4991c624c8bff042893b37d4e0c04f03f71533a9cd28c1953

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
XMwz/dJdl28hV57djidBRQ==
x-ms-version
2018-03-28
ETag
"0x8DD08126EEE8052"
x-ms-request-id
8e11306b-501e-0079-57fd-39bfa9000000
Accept-Ranges
bytes
Content-Length
296
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:02 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
pcm.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		428 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/pcm.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b3ab0ec911cf992c5351155a12e2fb12ca908bd36d658d05f2b4cf9912fd8dce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
h/IkHNKH9qwk3LzevtI1yA==
x-ms-version
2018-03-28
ETag
"0x8DD08126FA4E4CE"
x-ms-request-id
241b2441-801e-008e-06fd-39953b000000
Accept-Ranges
bytes
Content-Length
428
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
winlo.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/winlo.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
IPxzD3sa57kA9m28fdw/ww==
x-ms-version
2018-03-28
ETag
"0x8DD0812701E9726"
x-ms-request-id
d1b3dfb9-c01e-007b-2ffd-390111000000
Accept-Ranges
bytes
Content-Length
12386
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
dm.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		347 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/dm.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
SjmHbQZgz+Wx9csHNJjGbQ==
x-ms-version
2018-03-28
ETag
"0x8DD08126F5A7906"
x-ms-request-id
8e113070-501e-0079-5cfd-39bfa9000000
Accept-Ranges
bytes
Content-Length
347
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:02 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
cs.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/cs.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
kR8Ewh15GiBXSksoe2DTrw==
x-ms-version
2018-03-28
ETag
"0x8DD08126F3F05BD"
x-ms-request-id
241b2443-801e-008e-08fd-39953b000000
Accept-Ranges
bytes
Content-Length
3152
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:02 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
re.gif
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/re.gif
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
b8t44M15M6cO6izwcfghGA==
x-ms-version
2018-03-28
ETag
"0x8DD08126FD6C30C"
x-ms-request-id
4907762a-b01e-003c-7bfd-396a4a000000
Accept-Ranges
bytes
Content-Length
14751
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/gif
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
esc.js
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		87 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/esc.js
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
46ebb2640aac2186a7cf13f528c03648fa9a498910289cdad41ba87b9770eb14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
MzWhQFDU9gV7sBnPcFhDtA==
x-ms-version
2018-03-28
ETag
"0x8DD08126F587D7E"
x-ms-request-id
8e113068-501e-0079-54fd-39bfa9000000
Accept-Ranges
bytes
Content-Length
87
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
text/javascript
Last-Modified
Mon, 18 Nov 2024 20:49:02 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
msmm.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		148 B
518 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/msmm.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f14e6d98ec63368a67b4e5376c57b496887eb672a5d5c56c95811a409c4ec727

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
eG5FG4kRHQTLH7o9MsOY+g==
x-ms-version
2018-03-28
ETag
"0x8DD08126FA4E4CE"
x-ms-request-id
d1b3dfb1-c01e-007b-27fd-390111000000
Accept-Ranges
bytes
Content-Length
148
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
msmm.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		148 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/msmm.png
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
eG5FG4kRHQTLH7o9MsOY+g==
x-ms-version
2018-03-28
ETag
"0x8DD08126FA4E4CE"
x-ms-request-id
d1b3dfb1-c01e-007b-27fd-390111000000
Accept-Ranges
bytes
Content-Length
148
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
webs.mp4
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/ 		8 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/webs.mp4
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Request headers

Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-ms-version
2018-03-28
ETag
"0x8DD08126D707BCB"
Content-Range
bytes 0-8404/8405
x-ms-request-id
49077631-b01e-003c-01fd-396a4a000000
Accept-Ranges
bytes
Content-Length
8405
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
video/mp4
Last-Modified
Mon, 18 Nov 2024 20:48:59 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
visudk.mp4
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/ 		196 KB
197 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/visudk.mp4
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Request headers

Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-ms-version
2018-03-28
ETag
"0x8DD08126DA6ED41"
Content-Range
bytes 0-200831/200832
x-ms-request-id
241b2449-801e-008e-0dfd-39953b000000
Accept-Ranges
bytes
Content-Length
200832
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
video/mp4
Last-Modified
Mon, 18 Nov 2024 20:48:59 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
js
www.googletagmanager.com/gtag/ 		322 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MPTCR82JNF&l=dataLayer&cx=c&gtm=45be4be0za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
acc89271f7107bffe72f400b70908b7c9a08061e548dec5c5c872a4cf2c45cb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 18 Nov 2024 21:03:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 21:03:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109711
x-xss-protection
0
server
Google Tag Manager
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&scrsrc=www.googletagmanager.com&frm=0&rnd=744078629.1731963814&auid=1099877677.1731963814&npa=0&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&tft=1731963814195&tfd=259&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16611109097/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16611109097/?random=1731963814190&cv=11&fst=1731963814190&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
025e599c12cf75b6482473c703c5a8e29fde19d0d2da7442cc54a533f764888a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2360
date
Mon, 18 Nov 2024 21:03:34 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16611109097
td.doubleclick.net/td/rul/ Frame FD00 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16611109097?random=1731963814190&cv=11&fst=1731963814190&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hisplavv4237link113.z11.web.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Nov 2024 21:03:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/conversion/16611109097/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/16611109097/?random=1731963814206&cv=11&fst=1731963814206&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
91ffb986b491c2de5340a24228a0882d71d00031d3c185b5b325dc45563f9ead
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2690
date
Mon, 18 Nov 2024 21:03:34 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16611109097
td.doubleclick.net/td/rul/ Frame 83E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16611109097?random=1731963814206&cv=11&fst=1731963814206&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hisplavv4237link113.z11.web.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Nov 2024 21:03:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 8B1B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Nov 2024 21:03:34 GMT
expires
Tue, 18 Nov 2025 21:03:34 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MPTCR82JNF&gtm=45je4be0v9196505401za200&_p=1731963814014&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=1601568209.1731963814&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731963814&sct=1&seg=0&dl=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&dt=Windows%20page&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=325
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MPTCR82JNF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://hisplavv4237link113.z11.web.core.windows.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 21:03:34 GMT
content-type
text/plain
server
Golfe2
/
www.google.com/pagead/1p-user-list/16611109097/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/16611109097/?random=1731963814190&cv=11&fst=1731963600000&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dd1NsYtAwx5BgCiMUvZGJG20AcCvI0g&random=3546598239&rmt_tld=0&ipr=y
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 18 Nov 2024 21:03:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.co.jp/pagead/1p-user-list/16611109097/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-user-list/16611109097/?random=1731963814190&cv=11&fst=1731963600000&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dd1NsYtAwx5BgCiMUvZGJG20AcCvI0g&random=3546598239&rmt_tld=1&ipr=y
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 18 Nov 2024 21:03:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.co.jp/pagead/1p-conversion/16611109097/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16611109097/?random=1243524118&cv=11&fst=1731963814206&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=10...
  • https://www.google.com/pagead/1p-conversion/16611109097/?random=1243524118&cv=11&fst=1731963814206&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102...
  • https://www.google.co.jp/pagead/1p-conversion/16611109097/?random=1243524118&cv=11&fst=1731963814206&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~1...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-conversion/16611109097/?random=1243524118&cv=11&fst=1731963814206&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIhNOn_-PmiQMVaEsPAh11EC_rMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjVodHRwczovL2hpc3BsYXZ2NDIzN2xpbmsxMTMuejExLndlYi5jb3JlLndpbmRvd3MubmV0L0JYQ2hFSWdPanJ1UVlRX2MyWnlxckN4ZWo3QVJJdEFENXhTYU1ZREFSdzRrUExLUWlOWDhVRlkwUkpoM3BFWFROaVpuUE9pQ1kzOXRWTktIUVZBNDZUMDRVMA&is_vtc=1&cid=CAQSKQCa7L7d1GnCczXoJueyz28buCLlFMDVW66rMBvX7qrDOCDEENPMnIzp&random=3973613958&ipr=y
Requested by
Host: hisplavv4237link113.z11.web.core.windows.net
URL: https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
H3
Server
172.217.26.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 18 Nov 2024 21:03:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.co.jp/pagead/1p-conversion/16611109097/?random=1243524118&cv=11&fst=1731963814206&bg=ffffff&guid=ON&async=1&gtm=45be4be0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fhisplavv4237link113.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=1099877677.1731963814&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSidldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMIhNOn_-PmiQMVaEsPAh11EC_rMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjVodHRwczovL2hpc3BsYXZ2NDIzN2xpbmsxMTMuejExLndlYi5jb3JlLndpbmRvd3MubmV0L0JYQ2hFSWdPanJ1UVlRX2MyWnlxckN4ZWo3QVJJdEFENXhTYU1ZREFSdzRrUExLUWlOWDhVRlkwUkpoM3BFWFROaVpuUE9pQ1kzOXRWTktIUVZBNDZUMDRVMA&is_vtc=1&cid=CAQSKQCa7L7d1GnCczXoJueyz28buCLlFMDVW66rMBvX7qrDOCDEENPMnIzp&random=3973613958&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 18 Nov 2024 21:03:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
msmm.png
hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		148 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/msmm.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hisplavv4237link113.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
eG5FG4kRHQTLH7o9MsOY+g==
x-ms-version
2018-03-28
ETag
"0x8DD08126FA4E4CE"
x-ms-request-id
d1b3dfb1-c01e-007b-27fd-390111000000
Accept-Ranges
bytes
Content-Length
148
Date
Mon, 18 Nov 2024 21:03:33 GMT
Content-Type
image/png
Last-Modified
Mon, 18 Nov 2024 20:49:03 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer function| $ function| jQuery number| e number| isNS function| mischandler function| mousehandler function| win_onkeydown_handler object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
.windows.net/ Name: _gcl_au
Value: 1.1.1099877677.1731963814
.windows.net/ Name: _ga
Value: GA1.1.1601568209.1731963814
.windows.net/ Name: _ga_MPTCR82JNF
Value: GS1.1.1731963814.1.0.1731963814.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUnLDYkBcJyl2sFHgeNkDww7iYE5J_3orI2Vz2CBj2d9oUyLq-wUdpZOXRCI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
hisplavv4237link113.z11.web.core.windows.net
td.doubleclick.net
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
142.250.207.2
142.250.207.36
142.251.222.34
172.217.26.227
20.150.85.193
2001:4860:4802:34::178
2404:6800:4004:811::2008
2404:6800:4004:825::2002
025e599c12cf75b6482473c703c5a8e29fde19d0d2da7442cc54a533f764888a
02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5
1901eeec960650f0c4c31673dde13f934f4e22bcb702383aefacaf00bdd743c7
23e2636c586a13f6dba4730d4d92fccd80ef8d0358e9c266e7cdd1d5123057f7
250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2
35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2
3deea2a56f1923f285343c1e002786dd1c8051b6b6b24d8c92deb7feff6445d9
43d851b1a1f603a789e5a50f76c1fb752def2a738441293082044735374f07b6
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
46ebb2640aac2186a7cf13f528c03648fa9a498910289cdad41ba87b9770eb14
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
58ad7ea2ca500817266dd0a83b8c4edb0739fd456664b5a2da132204a2240419
689cfc046cb7a6b6e6f85452bfe224b645ae827d50fb80498326502465327199
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6
8184941ca3d59534ed1be08c0cd5c6a8fe0fcbf734c6e83831182b8c8b1d222a
863547e9f5235aa4208737d9d86f4d62aa4146acb258399089842f30e79627de
91ffb986b491c2de5340a24228a0882d71d00031d3c185b5b325dc45563f9ead
acc89271f7107bffe72f400b70908b7c9a08061e548dec5c5c872a4cf2c45cb5
b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4
b3ab0ec911cf992c5351155a12e2fb12ca908bd36d658d05f2b4cf9912fd8dce
d78dca445132754bf14e22d2dd76a8273a5c77e9a084b12e17ca76d500d3b6e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef35b00fa94fa0b4991c624c8bff042893b37d4e0c04f03f71533a9cd28c1953
f14e6d98ec63368a67b4e5376c57b496887eb672a5d5c56c95811a409c4ec727
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65