bmrepl.z20.web.core.windows.net Open in urlscan Pro
20.60.133.129 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://youyube.se/
Effective URL:
https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Submission: On May 29 via manual (May 29th 2024, 5:40:33 pm UTC) from US — Scanned from US

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 9 domains to perform 39 HTTP transactions. The main IP is 20.60.133.129, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is bmrepl.z20.web.core.windows.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 08 on March 26th 2024. Valid for: a year.

This is the only time bmrepl.z20.web.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
4	104.247.81.52 104.247.81.52	206834 (TEAMINTER...) (TEAMINTERNET-CA-AS)
1	54.230.244.136 54.230.244.136	16509 (AMAZON-02) (AMAZON-02)
2	3.229.108.243 3.229.108.243	14618 (AMAZON-AES) (AMAZON-AES)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	172.67.193.235 172.67.193.235	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	20.60.133.129 20.60.133.129	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	15.204.213.5 15.204.213.5	16276 (OVH) (OVH)
3	172.67.193.253 172.67.193.253	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	7

4 104.247.81.52 (Canada)

ASN206834 (TEAMINTERNET-CA-AS, DE)

youyube.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.244.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-244-136.ewr53.r.cloudfront.net

d38psrni17bvxu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.229.108.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-108-243.compute-1.amazonaws.com

anubi-ulh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml-v4.clouback-4.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.193.235 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

luxuryhealth.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 20.60.133.129 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bmrepl.z20.web.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.204.213.5 (Reston, United States)

ASN16276 (OVH, FR)
PTR: ns1019603.ip-15-204-213.us

ipwho.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.193.253 (United States)

ASN13335 (CLOUDFLARENET, US)

edgecdn.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	windows.net bmrepl.z20.web.core.windows.net	2 MB
4	youyube.se youyube.se	4 KB
3	edgecdn.dev edgecdn.dev — Cisco Umbrella Rank: 108519	12 KB
2	anubi-ulh.com anubi-ulh.com	4 KB
1	ipwho.is ipwho.is — Cisco Umbrella Rank: 66680	985 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	27 KB
1	luxuryhealth.pro 1 redirects luxuryhealth.pro	656 B
1	clouback-4.online 1 redirects xml-v4.clouback-4.online	403 B
1	cloudfront.net d38psrni17bvxu.cloudfront.net	1 KB
39	9

	Domain	Requested by
27	bmrepl.z20.web.core.windows.net	anubi-ulh.com bmrepl.z20.web.core.windows.net
4	youyube.se	d38psrni17bvxu.cloudfront.net youyube.se
3	edgecdn.dev	bmrepl.z20.web.core.windows.net edgecdn.dev
2	anubi-ulh.com	youyube.se anubi-ulh.com
1	ipwho.is	bmrepl.z20.web.core.windows.net
1	code.jquery.com	bmrepl.z20.web.core.windows.net
1	luxuryhealth.pro	1 redirects
1	xml-v4.clouback-4.online	1 redirects
1	d38psrni17bvxu.cloudfront.net	youyube.se
39	9

This site contains no links.

Subject Issuer	Validity	Valid
*.parkingcrew.net Thawte TLS RSA CA G1	`2020-07-20` - `2022-09-18`	2 years	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
anubi-ulh.com Amazon RSA 2048 M03	`2024-05-06` - `2025-06-04`	a year	crt.sh
*.web.core.windows.net Microsoft Azure RSA TLS Issuing CA 08	`2024-03-26` - `2025-03-21`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
ipwho.is GoGetSSL ECC DV CA	`2024-03-13` - `2025-03-13`	a year	crt.sh
edgecdn.dev GTS CA 1P5	`2024-05-01` - `2024-07-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Frame ID: F5AB43AA94B5AE65740025170C349DD2
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Defender smart screen error

Page URL History Show full URLs

https://youyube.se/ Page URL
http://anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/85aefdc2-9ed0-48aa-922d-60f... HTTP 307
https://anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/85aefdc2-9ed0-48aa-922d-60f... Page URL
https://anubi-ulh.com/zclkredirect?visitid=88238ba3-1de2-11ef-ba82-0affc6ee0003&type=js&browserWid... Page URL
http://xml-v4.clouback-4.online/click?seat=2858906&i=Eb4v*gWQZtI_0 HTTP 307
https://xml-v4.clouback-4.online/click?seat=2858906&i=Eb4v*gWQZtI_0 HTTP 302
https://luxuryhealth.pro/nutrition?a=12294230000&b=1325143&c=youyube.se&d=397303&e=youtube&f=Cox+Comm... HTTP 302
https://bmrepl.z20.web.core.windows.net/?bcda=1-888-471-5544 Page URL
https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

90 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

7
IPs

2
Countries

2527 kB
Transfer

2622 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://youyube.se/ Page URL
http://anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8839d2c0-1de2-11ef-ba82-0affc6ee0003 HTTP 307
https://anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8839d2c0-1de2-11ef-ba82-0affc6ee0003 Page URL
https://anubi-ulh.com/zclkredirect?visitid=88238ba3-1de2-11ef-ba82-0affc6ee0003&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu Page URL
http://xml-v4.clouback-4.online/click?seat=2858906&i=Eb4v*gWQZtI_0 HTTP 307
https://xml-v4.clouback-4.online/click?seat=2858906&i=Eb4v*gWQZtI_0 HTTP 302
https://luxuryhealth.pro/nutrition?a=12294230000&b=1325143&c=youyube.se&d=397303&e=youtube&f=Cox+Communications&g=va&h=6346929 HTTP 302
https://bmrepl.z20.web.core.windows.net/?bcda=1-888-471-5544 Page URL
https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8839d2c0-1de2-11ef-ba82-0affc6ee0003 HTTP 307
https://anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8839d2c0-1de2-11ef-ba82-0affc6ee0003

Request Chain 7

http://xml-v4.clouback-4.online/click?seat=2858906&i=Eb4v*gWQZtI_0 HTTP 307
https://xml-v4.clouback-4.online/click?seat=2858906&i=Eb4v*gWQZtI_0 HTTP 302
https://luxuryhealth.pro/nutrition?a=12294230000&b=1325143&c=youyube.se&d=397303&e=youtube&f=Cox+Communications&g=va&h=6346929 HTTP 302
https://bmrepl.z20.web.core.windows.net/?bcda=1-888-471-5544

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
youyube.se/ 2 KB
2 KB 668ms
339ms Document
text/html 104.247.81.52
TEAMINTERNET-CA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://youyube.se/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.247.81.52 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 24355052d345fc47004d3ac19ffed3bbe46082a11a9d2f09327ba7bbdd93924b

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ch: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-Ch-Lifetime: 30
Content-Encoding: gzip
Content-Length: 1335
Content-Type: text/html; charset=UTF-8
Date: Wed, 29 May 2024 17:40:25 GMT
Server: nginx
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_BNdGDhclnRpEpgrmN0vW9iU9ZsZHGBZJ1bDkmAEBw2pgMA7HGGqhegHRqfYsScRyJ6ex82Mejij2s5RQaj6YtA==
X-Buckets: bucket011,bucket077
X-Domain: youyube.se
X-Language: english
X-Redirect: zeropark_zeroclick
X-Subdomain
X-Template: tpl_CleanPeppermintBlack_twoclick

GET
H2 200 js3.js Show response
d38psrni17bvxu.cloudfront.net/scripts/ 1 KB
1 KB 161ms
48ms Script
application/javascript 54.230.244.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by: Host: youyube.se
URL: https://youyube.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.244.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-244-136.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash: 036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://youyube.se/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 23:55:38 GMT
via: 1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 11:48:11 GMT
server: nginx
x-amz-cf-pop: EWR53-P1
age: 63887
etag: "65fc1e7b-448"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1096
x-amz-cf-id: s9B2ZtJ_SUSx3cy7U1VB_3dYUYIuQTXTouK0lcZBa8HaJW6DC6ahOg==

GET
H/1.1 200
OK track.php Show response
youyube.se/ 0
565 B 61ms
61ms XHR
text/html 104.247.81.52
TEAMINTERNET-CA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://youyube.se/track.php?domain=youyube.se&toggle=browserjs&uid=MTcxNzAwNDQyNS41MDc5OjY4MTcyODI5MDBmOWI2MTAyYTE4YjRlZTM2YTY5ZGM2NzRkNTM4ZGY2NTg4OWRhOTlkNDY1OTM2MTdmYzQ0N2U6NjY1NzY4ODk3YmZmZQ%3D%3D
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.247.81.52 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
device-memory: 8
rtt: 50
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
viewport-width: 1600
Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://youyube.se/
dpr: 1
downlink: 7.85
ect: 4g
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:26 GMT
Content-Encoding: gzip
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server: nginx
X-Custom-Track: browserjs
Vary: Accept-Encoding
Accept-Ch-Lifetime: 30
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Content-Length: 20

GET
H/1.1 201
Created ls.php
youyube.se/ 16 B
863 B 65ms
65ms XHR
text/javascript 104.247.81.52
TEAMINTERNET-CA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://youyube.se/ls.php?t=66576889&token=5b3f4ea5befa3b463d0ba5ee59b1f59abc5ba6b0
Requested by: Host: youyube.se
URL: https://youyube.se/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.247.81.52 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
device-memory: 8
rtt: 50
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
viewport-width: 1600
Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://youyube.se/
dpr: 1
downlink: 7.85
ect: 4g
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:26 GMT
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Accept-Ch-Lifetime: 30
Charset: utf-8
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_dGxHFcUTvvYiZ2TvAJWf++hvwf6OIgexS0AFZLh6/xeSEt5v08qGSPc6TfeSFietznN2twJATXbgVVbUUqSOyg==
X-Log-Success: 6657688a043a2e6997036026
Content-Length: 16

GET
H/1.1 200
OK track.php
youyube.se/ 0
580 B 131ms
67ms XHR
text/html 104.247.81.52
TEAMINTERNET-CA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://youyube.se/track.php?click=942dafabda76e625a64a3a017cfeec692d7e7912&domain=youyube.se&uid=MTcxNzAwNDQyNS41MDc5OjY4MTcyODI5MDBmOWI2MTAyYTE4YjRlZTM2YTY5ZGM2NzRkNTM4ZGY2NTg4OWRhOTlkNDY1OTM2MTdmYzQ0N2U6NjY1NzY4ODk3YmZmZQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDc3fHx8fHx8NjY1NzY4ODk3YmZhNHx8fDE3MTcwMDQ0MjUuNzM3M3wxZTliZTQ5NWViZGNiMTZiNzNjYzNiMjllM2ZjNWMxOWUzNDU3ZTdifHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHx8fDB8MHx8MHx8fDB8MHxXMTA9fHwxfFcxMD18NWIzZjRlYTViZWZhM2I0NjNkMGJhNWVlNTliMWY1OWFiYzViYTZiMHwwfHwwfDB8fA%3D%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.247.81.52 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
device-memory: 8
rtt: 50
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
viewport-width: 1600
Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://youyube.se/
dpr: 1
downlink: 7.85
ect: 4g
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:26 GMT
Content-Encoding: gzip
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Server: nginx
X-Custom-Track: none
Vary: Accept-Encoding
Accept-Ch-Lifetime: 30
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
X-View-Match: true
Content-Length: 20

GET
H2

200

85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d Show response
anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/
Redirect Chain

http://anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8839d2c0-1de2-11ef-ba82-0affc6ee0003
https://anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8839d2c0-1de2-11ef-ba82-0affc6ee0003

3 KB
3 KB

130ms
42ms

Document
text/html

3.229.108.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8839d2c0-1de2-11ef-ba82-0affc6ee0003

Requested by

Host: youyube.se
URL: https://youyube.se/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.108.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-108-243.compute-1.amazonaws.com

Software

Resource Hash

ae9533617136271468cffcb0efabfeaae66a768289d765137dbd10de47c0ff61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://youyube.se/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 2732
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Wed, 29 May 2024 17:40:26 GMT
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Location: https://anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8839d2c0-1de2-11ef-ba82-0affc6ee0003
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 zclkredirect
anubi-ulh.com/ 314 B
776 B 45ms
44ms Document
text/html 3.229.108.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://anubi-ulh.com/zclkredirect?visitid=88238ba3-1de2-11ef-ba82-0affc6ee0003&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu

Requested by

Host: anubi-ulh.com
URL: https://anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8839d2c0-1de2-11ef-ba82-0affc6ee0003

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.108.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-108-243.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://anubi-ulh.com/zclkvisitor/88238ba3-1de2-11ef-ba82-0affc6ee0003/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8839d2c0-1de2-11ef-ba82-0affc6ee0003
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 314
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Wed, 29 May 2024 17:40:26 GMT
redirected: JS
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'

GET
H/1.1

200
OK

/
bmrepl.z20.web.core.windows.net/
Redirect Chain

http://xml-v4.clouback-4.online/click?seat=2858906&i=Eb4v*gWQZtI_0
https://xml-v4.clouback-4.online/click?seat=2858906&i=Eb4v*gWQZtI_0
https://luxuryhealth.pro/nutrition?a=12294230000&b=1325143&c=youyube.se&d=397303&e=youtube&f=Cox+Communications&g=va&h=6346929
https://bmrepl.z20.web.core.windows.net/?bcda=1-888-471-5544

1 KB
2 KB

214ms
48ms

Document
text/html

20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bmrepl.z20.web.core.windows.net/?bcda=1-888-471-5544
Requested by: Host: anubi-ulh.com
URL: https://anubi-ulh.com/zclkredirect?visitid=88238ba3-1de2-11ef-ba82-0affc6ee0003&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://anubi-ulh.com/zclkredirect?visitid=88238ba3-1de2-11ef-ba82-0affc6ee0003&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Length: 1409
Content-MD5: trkpvLKR6UTBQMTlCup7mw==
Content-Type: text/html
Date: Wed, 29 May 2024 17:40:26 GMT
ETag: "0x8DC8002D818715E"
Last-Modified: Wed, 29 May 2024 17:14:48 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: aaa401c7-f01e-0065-30ef-b1948c000000
x-ms-version: 2018-03-28

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88b845037eb9454e-ATL
content-type: text/html; charset=UTF-8
date: Wed, 29 May 2024 17:40:27 GMT
location: https://bmrepl.z20.web.core.windows.net/?bcda=1-888-471-5544
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6LgbBu1vIQQodF0JKOCGj%2FDuOLl70IkKn2q9G88wSJ1gFCeY%2Fh50ynq0LgYa5rxcFu23VEoLiKMHSLYZS%2Bw3SIa0Vvv7w2jDova0YZ%2BtOhNs2jmpUYBJNA5HaBMmNuv5xCP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK Primary Request / Show response
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 25 KB
25 KB 48ms
47ms Document
text/html 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2667583a4dce63287efa849433e7b6cb20256ea584ab0dff25cd402aa9f1636c

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://bmrepl.z20.web.core.windows.net/?bcda=1-888-471-5544
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Content-Length: 25504
Content-MD5: VPnP2Fw7Xi4K1FIqKQ1okg==
Content-Type: text/html
Date: Wed, 29 May 2024 17:40:26 GMT
ETag: "0x8DC8002DBADE582"
Last-Modified: Wed, 29 May 2024 17:14:54 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: aaa4020f-f01e-0065-70ef-b1948c000000
x-ms-version: 2018-03-28

GET
H/1.1 200
OK tapa.css
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 19 KB
19 KB 85ms
48ms Stylesheet
text/css 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/tapa.css
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 863547e9f5235aa4208737d9d86f4d62aa4146acb258399089842f30e79627de

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:57 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: UHCRdCgGiSCeChzkKQgYzA==
ETag: "0x8DC8002DD4BF0AA"
Content-Type: text/css
x-ms-request-id: aaa4023f-f01e-0065-1aef-b1948c000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 19500

GET
H2 200 jquery-1.4.4.min.js Show response
code.jquery.com/ 77 KB
27 KB 108ms
29ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.4.4.min.js
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 17:40:27 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2614064
x-cache: HIT, HIT
content-length: 27078
x-served-by: cache-lga21980-LGA, cache-pdk-kfty2130057-PDK
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1717004427.491252,VS0,VE0
etag: W/"28feccc0-13309"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 5722, 45

GET
H/1.1 200
OK noir.js Show response
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 82 KB
83 KB 133ms
49ms Script
text/javascript 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/noir.js
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:56 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: qDJajd3HXrTNeKTJ0geq8w==
ETag: "0x8DC8002DCDC4F00"
Content-Type: text/javascript
x-ms-request-id: aaa4025f-f01e-0065-37ef-b1948c000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 84272

GET
H/1.1 200
OK def.gif
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 166 KB
166 KB 201ms
52ms Image
image/gif 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/def.gif
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:26 GMT
Last-Modified: Wed, 29 May 2024 17:14:55 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: G30pExj2QoWKUwV9oUABmg==
ETag: "0x8DC8002DC346747"
Content-Type: image/gif
x-ms-request-id: 53bde03c-401e-0033-65ef-b17cfc000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 169529

GET
H/1.1 200
OK f24.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 2 MB
2 MB 229ms
81ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/f24.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 58ad7ea2ca500817266dd0a83b8c4edb0739fd456664b5a2da132204a2240419

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:26 GMT
Last-Modified: Wed, 29 May 2024 17:15:05 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: pSkSKdLMqwMW5i6gUoLzNQ==
ETag: "0x8DC8002E23F62E7"
Content-Type: image/png
x-ms-request-id: 5e09a527-d01e-0050-05ef-b13ad9000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 1832599

GET
H/1.1 200
OK mnc.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 166 B
536 B 51ms
47ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/mnc.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1901eeec960650f0c4c31673dde13f934f4e22bcb702383aefacaf00bdd743c7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:55 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Ueu7GHkJOJOzm7tulwIXrg==
ETag: "0x8DC8002DC4D42ED"
Content-Type: image/png
x-ms-request-id: aaa402a8-f01e-0065-74ef-b1948c000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 166

GET
H/1.1 200
OK msmm.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 148 B
518 B 53ms
48ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/msmm.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:55 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: eG5FG4kRHQTLH7o9MsOY+g==
ETag: "0x8DC8002DC575397"
Content-Type: image/png
x-ms-request-id: 98b17b39-101e-0046-3def-b1fb47000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 148

GET
H/1.1 200
OK set.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 360 B
730 B 54ms
49ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/set.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d78dca445132754bf14e22d2dd76a8273a5c77e9a084b12e17ca76d500d3b6e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:26 GMT
Last-Modified: Wed, 29 May 2024 17:14:56 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: B7JU2bpmXo/foaV3hRpJQg==
ETag: "0x8DC8002DD338A2E"
Content-Type: image/png
x-ms-request-id: 4c26c596-101e-006f-47ef-b18d05000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 360

GET
H/1.1 200
OK ques.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 349 B
719 B 153ms
52ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/ques.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:56 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: dFTGUuBzPZLebJIMLWRq4A==
ETag: "0x8DC8002DCF6FF1B"
Content-Type: image/png
x-ms-request-id: 4c26c5ba-101e-006f-67ef-b18d05000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 349

GET
H/1.1 200
OK vsc.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 752 B
1 KB 148ms
47ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/vsc.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 23e2636c586a13f6dba4730d4d92fccd80ef8d0358e9c266e7cdd1d5123057f7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:57 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: hwc2RJkMskC8yaykKa8mcA==
ETag: "0x8DC8002DD88F0E7"
Content-Type: image/png
x-ms-request-id: 98b17b79-101e-0046-7aef-b1fb47000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 752

GET
H/1.1 200
OK bxs.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 5 KB
5 KB 141ms
48ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/bxs.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 689cfc046cb7a6b6e6f85452bfe224b645ae827d50fb80498326502465327199

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:52 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 3RrL2UNcRBXOUDqY2KX/Kw==
ETag: "0x8DC8002DAA5EA45"
Content-Type: image/png
x-ms-request-id: f83c8438-201e-0001-1aef-b1242c000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 4776

GET
H/1.1 200
OK bx1.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 116 KB
117 KB 152ms
51ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/bx1.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:52 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: N18q7ceiyVXzo9YIarlWCw==
ETag: "0x8DC8002DAB3CAF6"
Content-Type: image/png
x-ms-request-id: aaa4030f-f01e-0065-53ef-b1948c000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 119079

GET
H/1.1 200
OK bel.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 296 B
666 B 179ms
47ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/bel.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ef35b00fa94fa0b4991c624c8bff042893b37d4e0c04f03f71533a9cd28c1953

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:52 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: XMwz/dJdl28hV57djidBRQ==
ETag: "0x8DC8002DA527F10"
Content-Type: image/png
x-ms-request-id: 53bde080-401e-0033-1cef-b17cfc000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 296

GET
H/1.1 200
OK pcm.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 428 B
798 B 98ms
48ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/pcm.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3ab0ec911cf992c5351155a12e2fb12ca908bd36d658d05f2b4cf9912fd8dce

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:56 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: h/IkHNKH9qwk3LzevtI1yA==
ETag: "0x8DC8002DCABD00E"
Content-Type: image/png
x-ms-request-id: 98b17b68-101e-0046-69ef-b1fb47000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 428

GET
H/1.1 200
OK winlo.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 12 KB
12 KB 99ms
49ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/winlo.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:57 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: IPxzD3sa57kA9m28fdw/ww==
ETag: "0x8DC8002DDB3A443"
Content-Type: image/png
x-ms-request-id: 4c26c5b1-101e-006f-5fef-b18d05000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 12386

GET
H/1.1 200
OK dm.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 347 B
717 B 97ms
47ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/dm.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:53 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: SjmHbQZgz+Wx9csHNJjGbQ==
ETag: "0x8DC8002DB51C8F9"
Content-Type: image/png
x-ms-request-id: aaa402ec-f01e-0065-33ef-b1948c000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 347

GET
H/1.1 200
OK cs.png
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 3 KB
3 KB 129ms
54ms Image
image/png 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/cs.png
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:53 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: kR8Ewh15GiBXSksoe2DTrw==
ETag: "0x8DC8002DB07D252"
Content-Type: image/png
x-ms-request-id: 53bde069-401e-0033-09ef-b17cfc000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 3152

GET
H/1.1 200
OK re.gif
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 14 KB
15 KB 193ms
51ms Image
image/gif 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/re.gif
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:56 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: b8t44M15M6cO6izwcfghGA==
ETag: "0x8DC8002DD015DD3"
Content-Type: image/gif
x-ms-request-id: f83c844c-201e-0001-2bef-b1242c000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 14751

GET
H/1.1 200
OK nvidia.js Show response
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 2 KB
2 KB 103ms
47ms Script
text/javascript 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/nvidia.js
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ad3619bd3e93e1e3a05f7ac346ec2d8afdd5bb2a583a876c0a085ce57fe6f2f0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:55 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: kh4BPTYUAYef4yTlEdHHZg==
ETag: "0x8DC8002DCA2F7B8"
Content-Type: text/javascript
x-ms-request-id: aaa402cb-f01e-0065-15ef-b1948c000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 2054

GET
H/1.1 200
OK jupiter.js Show response
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 503 B
879 B 51ms
49ms Script
text/javascript 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/jupiter.js
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:54 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zWwz+8Ih0CcckQr5EObr7Q==
ETag: "0x8DC8002DC02D716"
Content-Type: text/javascript
x-ms-request-id: 98b17b4a-101e-0046-4def-b1fb47000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 503

GET
H/1.1 200
OK bxsafe.js Show response
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 334 B
710 B 51ms
50ms Script
text/javascript 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/bxsafe.js
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ba2a8e0e05fd4b666e404981470fc5bc59b2d9654b1c025a339e3cefdac6308c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:53 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: TMuv4ylK0MM9wiCZ2aZqyA==
ETag: "0x8DC8002DAFD9A91"
Content-Type: text/javascript
x-ms-request-id: 4c26c5a4-101e-006f-54ef-b18d05000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 334

GET
H/1.1 200
OK esc.js Show response
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 87 B
462 B 202ms
48ms Script
text/javascript 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/esc.js
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 46ebb2640aac2186a7cf13f528c03648fa9a498910289cdad41ba87b9770eb14

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:53 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: MzWhQFDU9gV7sBnPcFhDtA==
ETag: "0x8DC8002DB59B714"
Content-Type: text/javascript
x-ms-request-id: 98b17b8b-101e-0046-0bef-b1fb47000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 87

GET
H/1.1 200
OK / Show response
ipwho.is/ 713 B
985 B 151ms
40ms XHR
application/json 15.204.213.5
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ipwho.is/?lang=en
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 15.204.213.5 Reston, United States, ASN16276 (OVH, FR),
Reverse DNS: ns1019603.ip-15-204-213.us
Software: ipwhois /
Resource Hash: 8762db5b412d745acc7178c690ff75a0c1d81529d3b7578e31339a502dbe5abc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Server: ipwhois
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Robots-Tag: noindex
Access-Control-Allow-Headers: *

GET
H3 200 code Show response
edgecdn.dev/ 44 KB
11 KB 91ms
39ms Script
text/javascript 172.67.193.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edgecdn.dev/code?code=8eb1706a3c86138f4f06eaa1c0d4ae5d
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78cc586949bc0d8af49b8eded8eade6ac06080f8ea4bd92774d1783da92804e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 17:40:28 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3082
p3p: CP="CAO PSA OUR"
alt-svc: h3=":443"; ma=86400
content-length: 10769
pragma: no-cache
last-modified: Wed, 29 May 2024 16:49:06 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCAV%2BMcQhHF%2F3tkxUcKOwwaDtkj%2BpFGKN7Xu8WExn1G8xdJsoznXV5ptd7GdiPS7OQRutUeUZem%2BWK0i2QfBouHSTqUBTazWwXNt%2FD3H6iYWZn4yxDiCMuCWFZ3ojg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=7200, s-max-age=84600
accept-ranges: bytes
cf-ray: 88b8450c0b01ad9b-ATL
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 206
Partial Content index.html
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 25 KB
25 KB 49ms
49ms Media
text/html 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/index.html
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2667583a4dce63287efa849433e7b6cb20256ea584ab0dff25cd402aa9f1636c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:54 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8DC8002DBADE582"
Content-Type: text/html
Content-Range: bytes 0-25503/25504
x-ms-request-id: 5e09a5b5-d01e-0050-7def-b13ad9000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 25504

GET
H/1.1 206
Partial Content webs.mp4
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 8 KB
9 KB 49ms
49ms Media
video/mp4 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/webs.mp4
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:57 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8DC8002DDA0E247"
Content-Type: video/mp4
Content-Range: bytes 0-8404/8405
x-ms-request-id: 98b17c05-101e-0046-79ef-b1fb47000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 8405

GET
H/1.1 206
Partial Content visudk.mp4
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 196 KB
197 KB 55ms
53ms Media
video/mp4 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/visudk.mp4
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:57 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8DC8002DD5D2C48"
Content-Type: video/mp4
Content-Range: bytes 0-200831/200832
x-ms-request-id: f83c84be-201e-0001-0fef-b1242c000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 200832

GET
H3 200 gtr
edgecdn.dev/ 53 B
634 B 487ms
486ms Image
image/gif 172.67.193.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://edgecdn.dev/gtr?sid=126072&ui=c5wrnodpx8&aid=101623&u=https%3A//bmrepl.z20.web.core.windows.net/werrx01USAHTML/%3Fbcda%3D1-888-471-5544&et=1&ti=Defender%20smart%20screen%20error&touchpoints=0&sh=1200&sw=1600&sc=24&wsh=1200&wsw=1600&p=&l=en-US&c=Win32&w3=0&ethe=0&cbas=0&phan=0&klay=0&glow=0&sola=0&bina=0&eqlw=0&tonp=0&mbox=0&trus=0&toke=0&meta=0&oper=0&coin=0&terr=0&xdef=0&math=0&tron=0&co98=0&clov=0&t=-600&ja=1&fv=&MySearch=&uniqueid=&integrity=&ipname=&gdpr=2&Tag=&label=&iTag=&iPage=&utm_source=&src=https%3A//bmrepl.z20.web.core.windows.net/%3Fbcda%3D1-888-471-5544&jv=0&ca=1&uidn=&hitc=&rev=&goal=&timing=766&dm=bmrepl.z20.web.core.windows.net&v=0.007391609718421233
Requested by: Host: bmrepl.z20.web.core.windows.net
URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eafbd8a8fd327dfbe3f1187c6993c315aa167eb38bd209dee45840a5149f1587

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 29 May 2024 17:40:28 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 29 May 2024 17:40:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQtN9RYgn1j8G%2F4W4zI0bWC9vMdrDHL08ZDHtIu10IkUnKLx4q1pypacYQmC2x2fyIyGHFqFWzKt88300LHuJAz76blTxv4E9u4msYTg3Cm17yXVh64kqQSHNRk%2BYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 88b8450d0c7bad9b-ATL
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK index.html
bmrepl.z20.web.core.windows.net/werrx01USAHTML/ 25 KB
0 0ms
0ms Other
text/html 20.60.133.129
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.60.133.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2667583a4dce63287efa849433e7b6cb20256ea584ab0dff25cd402aa9f1636c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 29 May 2024 17:40:27 GMT
Last-Modified: Wed, 29 May 2024 17:14:54 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8DC8002DBADE582"
Content-Type: text/html
x-ms-request-id: 5e09a5b5-d01e-0050-7def-b13ad9000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 25504

GET
H3 200 png Show response
edgecdn.dev/ 358 B
708 B 211ms
210ms Script
text/javascript 172.67.193.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://edgecdn.dev/png?idle=0&aid=101623&sid=126072&temp_uid=c5wrnodpx8&lang=auto&bat=100//Adapter//00%3A00//---&aplg=not%20found
Requested by: Host: edgecdn.dev
URL: https://edgecdn.dev/code?code=8eb1706a3c86138f4f06eaa1c0d4ae5d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30625e824b8626a4aeac6ebcd2ea16de8353a851054e7d522edd590e7a531835

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://bmrepl.z20.web.core.windows.net/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 29 May 2024 17:40:29 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO PSA OUR"
alt-svc: h3=":443"; ma=86400
content-length: 134
pragma: no-cache
last-modified: Wed, 29 May 2024 17:40:29 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nn2PgnWMKH9vyyMhZbtZ0VyHbkUqHy%2BGYV5cI%2FYWeEt%2FBDgjAyaV5XFyYMm87Z8t4ydEFwvR7ILhbXAYW5wftCGx8OoRUpiGoUyjDd9kDCYuPr%2FdGo8pc7MCWnHCrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 88b845134d4cad9b-ATL
expires: Tue, 03 Jul 2001 06:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
luxuryhealth.pro/	1970-01-20 20:58:10	Name: uclick Value: lp8wib
luxuryhealth.pro/	1970-01-20 20:58:10	Name: uclickhash Value: lp8wib-lp8wib-bl-bl-h9-pmwj-zw-f68813
bmrepl.z20.web.core.windows.net/	1969-12-31 23:59:59	Name: sticky_lb_sess_id Value: c5wrnodpx8
edgecdn.dev/	1969-12-31 23:59:59	Name: PHPSESSID Value: ie2nk320ulk9imioet77f2rttg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bmrepl.z20.web.core.windows.net/werrx01USAHTML/?bcda=1-888-471-5544 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anubi-ulh.com
bmrepl.z20.web.core.windows.net
code.jquery.com
d38psrni17bvxu.cloudfront.net
edgecdn.dev
ipwho.is
luxuryhealth.pro
xml-v4.clouback-4.online
youyube.se
104.247.81.52
15.204.213.5
151.101.194.137
172.67.193.235
172.67.193.253
173.239.53.32
20.60.133.129
3.229.108.243
54.230.244.136
02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5
1901eeec960650f0c4c31673dde13f934f4e22bcb702383aefacaf00bdd743c7
23e2636c586a13f6dba4730d4d92fccd80ef8d0358e9c266e7cdd1d5123057f7
24355052d345fc47004d3ac19ffed3bbe46082a11a9d2f09327ba7bbdd93924b
250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2
2667583a4dce63287efa849433e7b6cb20256ea584ab0dff25cd402aa9f1636c
30625e824b8626a4aeac6ebcd2ea16de8353a851054e7d522edd590e7a531835
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b
46ebb2640aac2186a7cf13f528c03648fa9a498910289cdad41ba87b9770eb14
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
58ad7ea2ca500817266dd0a83b8c4edb0739fd456664b5a2da132204a2240419
689cfc046cb7a6b6e6f85452bfe224b645ae827d50fb80498326502465327199
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6
78cc586949bc0d8af49b8eded8eade6ac06080f8ea4bd92774d1783da92804e3
863547e9f5235aa4208737d9d86f4d62aa4146acb258399089842f30e79627de
8762db5b412d745acc7178c690ff75a0c1d81529d3b7578e31339a502dbe5abc
ad3619bd3e93e1e3a05f7ac346ec2d8afdd5bb2a583a876c0a085ce57fe6f2f0
ae9533617136271468cffcb0efabfeaae66a768289d765137dbd10de47c0ff61
b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4
b3ab0ec911cf992c5351155a12e2fb12ca908bd36d658d05f2b4cf9912fd8dce
ba2a8e0e05fd4b666e404981470fc5bc59b2d9654b1c025a339e3cefdac6308c
d78dca445132754bf14e22d2dd76a8273a5c77e9a084b12e17ca76d500d3b6e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eafbd8a8fd327dfbe3f1187c6993c315aa167eb38bd209dee45840a5149f1587
ef35b00fa94fa0b4991c624c8bff042893b37d4e0c04f03f71533a9cd28c1953
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

bmrepl.z20.web.core.windows.net Open in urlscan Pro 20.60.133.129 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

90 %HTTPS

0 %IPv6

9 Domains

9 Subdomains

7 IPs

2 Countries

2527 kBTransfer

2622 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bmrepl.z20.web.core.windows.net Open in urlscan Pro
20.60.133.129 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

90 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

7
IPs

2
Countries

2527 kB
Transfer

2622 kB
Size

4
Cookies

39 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!