uuj3-secondary.z8.web.core.windows.net Open in urlscan Pro
52.239.133.193 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thissubdomainshouldonlyresolveifwildcard.lidle.ch/
Effective URL:
https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Submission: On May 14 via api (May 14th 2024, 8:21:01 am UTC) from US — Scanned from CH

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 37 HTTP transactions. The main IP is 52.239.133.193, located in Melbourne, Australia and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is uuj3-secondary.z8.web.core.windows.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on April 16th 2024. Valid for: a year.

This is the only time uuj3-secondary.z8.web.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.157.24.8 54.157.24.8	14618 (AMAZON-AES) (AMAZON-AES)
2	72.52.179.174 72.52.179.174	32244 (LIQUIDWEB) (LIQUIDWEB)
1 2	3.33.192.145 3.33.192.145	16509 (AMAZON-02) (AMAZON-02)
1	130.211.29.114 130.211.29.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	172.67.142.136 172.67.142.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	52.239.133.193 52.239.133.193	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.241.15.240 35.241.15.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.184.200 142.250.184.200	15169 (GOOGLE) (GOOGLE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	195.201.57.90 195.201.57.90	24940 (HETZNER-AS) (HETZNER-AS)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
37	10

1 54.157.24.8 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-24-8.compute-1.amazonaws.com

thissubdomainshouldonlyresolveifwildcard.lidle.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.52.179.174 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: lb01.parklogic.com

ww99.lidle.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.192.145 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com

platdom-1.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml-v4.clouback-2.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.142.136 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

datevane.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.239.133.193 (Melbourne, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

uuj3-secondary.z8.web.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.57.90 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.90.57.201.195.clients.your-server.de

ipwho.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	windows.net uuj3-secondary.z8.web.core.windows.net	618 KB
3	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 22544 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 9249	90 KB
3	lidle.ch 1 redirects thissubdomainshouldonlyresolveifwildcard.lidle.ch ww99.lidle.ch	4 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	316 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	97 KB
2	platdom-1.online 1 redirects platdom-1.online — Cisco Umbrella Rank: 370994	1 KB
1	ipwho.is ipwho.is — Cisco Umbrella Rank: 66680	965 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	27 KB
1	datevane.com 1 redirects datevane.com	467 B
1	clouback-2.online 1 redirects xml-v4.clouback-2.online	491 B
37	10

	Domain	Requested by
25	uuj3-secondary.z8.web.core.windows.net	platdom-1.online uuj3-secondary.z8.web.core.windows.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	uuj3-secondary.z8.web.core.windows.net
2	cas.avalon.perfdrive.com	cdn.perfdrive.com
2	platdom-1.online	1 redirects ww99.lidle.ch
2	ww99.lidle.ch	ww99.lidle.ch
1	ipwho.is	uuj3-secondary.z8.web.core.windows.net
1	code.jquery.com	uuj3-secondary.z8.web.core.windows.net
1	datevane.com	1 redirects
1	xml-v4.clouback-2.online	1 redirects
1	cdn.perfdrive.com	platdom-1.online
1	thissubdomainshouldonlyresolveifwildcard.lidle.ch	1 redirects
37	12

This site contains no links.

Subject Issuer	Validity	Valid
platdom-1.online Amazon RSA 2048 M02	`2024-04-30` - `2025-05-29`	a year	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-09-21` - `2024-09-26`	a year	crt.sh
*.web.core.windows.net Microsoft Azure RSA TLS Issuing CA 03	`2024-04-16` - `2025-04-11`	a year	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-07-24` - `2024-08-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
ipwho.is GoGetSSL ECC DV CA	`2024-03-13` - `2025-03-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Frame ID: B122AE2C9C2C2B4F687179919F65FB49
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Computer Err00r Code #B81TS100d83

Page URL History Show full URLs

https://thissubdomainshouldonlyresolveifwildcard.lidle.ch/ HTTP 302
http://ww99.lidle.ch/ HTTP 307
https://ww99.lidle.ch/ HTTP 307
http://ww99.lidle.ch/ Page URL
http://ww99.lidle.ch/page/bouncy.php?&bpae=GbhGdDsD4lx%2FjksT2d0i5BJj248r4x5BHlFQWYClbNs%2BA52rTb... Page URL
http://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W HTTP 307
https://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W Page URL
https://platdom-1.online/api/v1/pxcheck?impId=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W&minfo=eyJjb29r... HTTP 302
http://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0 HTTP 307
https://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0 HTTP 302
https://datevane.com/ms/?bid=0.05&conversion=CcgHhPUhx2E&source_subid=c44654220a43b9f753b2ffc8a&c... HTTP 302
https://uuj3-secondary.z8.web.core.windows.net/?bcda=00-1-808-470-2988 Page URL
https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

837 kB
Transfer

1838 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thissubdomainshouldonlyresolveifwildcard.lidle.ch/ HTTP 302
http://ww99.lidle.ch/ HTTP 307
https://ww99.lidle.ch/ HTTP 307
http://ww99.lidle.ch/ Page URL
http://ww99.lidle.ch/page/bouncy.php?&bpae=GbhGdDsD4lx%2FjksT2d0i5BJj248r4x5BHlFQWYClbNs%2BA52rTbnbvixQt9ZKw4b6UMhbX20cZ6xieAbBPS%2BS1zL3Iek3VBMxUQ1%2FNtTp9eFpzZFWk1TbZb4y9qY5BbozLEp2Jmkz0d9cOxV%2FgOzS3um37L%2Bj6FJs0QSamonLIFIEnMJMwcfES7uvtLrFvcmF19msAR1I%2FVIB13OIAjCc3Z8bTStNh8p2jMRkYmif2dM8Jb2dJTZ9u6UHB5%2BCUTCKn7VdZlYHXkfbgvrvVSsMHwfoHtzQWhciugfvB4YHcFLjhWQEH4hBVAKByw8qjuBgPh%2FwFccYXz1w66zIIh3%2FYr%2F5OiSvb4f1AEikHMf3wUf%2F%2FD90MS0H0A4SHOp2Y5hFMRT6ztsJPSOL7D6rzXmr6QboNOzT%2BBU4iORFBanVZL5Xke9mPYg0tANvJxU8p2Doc3sGtOdir%2FCxHQQwnXQ%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
http://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W HTTP 307
https://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W Page URL
https://platdom-1.online/api/v1/pxcheck?impId=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaWZyYW1lIjpmYWxzZSwiZGV2aWNlUGl4ZWxSYXRpbyI6MSwid25kTG9jSHJlZiI6Imh0dHBzOi8vcGxhdGRvbS0xLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9eFA4TlFFZ1hoZmI1UFN5VVVtdGtkQXUyWElhOUtaUGhTY201REY2VyIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2UsImVmZmVjdGl2ZVR5cGUiOiI0ZyIsImlzQm90Ijoib2ZmIn0= HTTP 302
http://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0 HTTP 307
https://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0 HTTP 302
https://datevane.com/ms/?bid=0.05&conversion=CcgHhPUhx2E&source_subid=c44654220a43b9f753b2ffc8a&campaign=1203156&search_referrer_domain=lidle.ch&query=lidle.ch&carrier=Iway&state=zh&banner=6124913&ip=145.40.212.228 HTTP 302
https://uuj3-secondary.z8.web.core.windows.net/?bcda=00-1-808-470-2988 Page URL
https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://thissubdomainshouldonlyresolveifwildcard.lidle.ch/ HTTP 302
http://ww99.lidle.ch/ HTTP 307
https://ww99.lidle.ch/ HTTP 307
http://ww99.lidle.ch/

Request Chain 2

http://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W HTTP 307
https://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W

Request Chain 4

https://platdom-1.online/api/v1/pxcheck?impId=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaWZyYW1lIjpmYWxzZSwiZGV2aWNlUGl4ZWxSYXRpbyI6MSwid25kTG9jSHJlZiI6Imh0dHBzOi8vcGxhdGRvbS0xLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9eFA4TlFFZ1hoZmI1UFN5VVVtdGtkQXUyWElhOUtaUGhTY201REY2VyIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2UsImVmZmVjdGl2ZVR5cGUiOiI0ZyIsImlzQm90Ijoib2ZmIn0= HTTP 302
http://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0 HTTP 307
https://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0 HTTP 302
https://datevane.com/ms/?bid=0.05&conversion=CcgHhPUhx2E&source_subid=c44654220a43b9f753b2ffc8a&campaign=1203156&search_referrer_domain=lidle.ch&query=lidle.ch&carrier=Iway&state=zh&banner=6124913&ip=145.40.212.228 HTTP 302
https://uuj3-secondary.z8.web.core.windows.net/?bcda=00-1-808-470-2988

37 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
ww99.lidle.ch/
Redirect Chain

https://thissubdomainshouldonlyresolveifwildcard.lidle.ch/
http://ww99.lidle.ch/
https://ww99.lidle.ch/
http://ww99.lidle.ch/

2 KB
2 KB

793ms
786ms

Document
text/html

72.52.179.174
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://ww99.lidle.ch/
Protocol: HTTP/1.1
Server: 72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 2146
Content-Type: text/html; charset=UTF-8
Date: Tue, 14 May 2024 08:20:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16

Redirect headers

Location: http://ww99.lidle.ch/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK bouncy.php
ww99.lidle.ch/page/ 766 B
1 KB 299ms
299ms Document
text/html 72.52.179.174
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://ww99.lidle.ch/page/bouncy.php?&bpae=GbhGdDsD4lx%2FjksT2d0i5BJj248r4x5BHlFQWYClbNs%2BA52rTbnbvixQt9ZKw4b6UMhbX20cZ6xieAbBPS%2BS1zL3Iek3VBMxUQ1%2FNtTp9eFpzZFWk1TbZb4y9qY5BbozLEp2Jmkz0d9cOxV%2FgOzS3um37L%2Bj6FJs0QSamonLIFIEnMJMwcfES7uvtLrFvcmF19msAR1I%2FVIB13OIAjCc3Z8bTStNh8p2jMRkYmif2dM8Jb2dJTZ9u6UHB5%2BCUTCKn7VdZlYHXkfbgvrvVSsMHwfoHtzQWhciugfvB4YHcFLjhWQEH4hBVAKByw8qjuBgPh%2FwFccYXz1w66zIIh3%2FYr%2F5OiSvb4f1AEikHMf3wUf%2F%2FD90MS0H0A4SHOp2Y5hFMRT6ztsJPSOL7D6rzXmr6QboNOzT%2BBU4iORFBanVZL5Xke9mPYg0tANvJxU8p2Doc3sGtOdir%2FCxHQQwnXQ%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by: Host: ww99.lidle.ch
URL: http://ww99.lidle.ch/
Protocol: HTTP/1.1
Server: 72.52.179.174 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: lb01.parklogic.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 / PHP/5.4.16
Resource Hash

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: http://ww99.lidle.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 766
Content-Type: text/html; charset=UTF-8
Date: Tue, 14 May 2024 08:20:49 GMT
Pragma: no-cache
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16

GET
H2

200

px
platdom-1.online/api/v1/
Redirect Chain

http://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W
https://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W

2 KB
1 KB

380ms
133ms

Document
text/html

3.33.192.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W
Requested by: Host: ww99.lidle.ch
URL: http://ww99.lidle.ch/page/bouncy.php?&bpae=GbhGdDsD4lx%2FjksT2d0i5BJj248r4x5BHlFQWYClbNs%2BA52rTbnbvixQt9ZKw4b6UMhbX20cZ6xieAbBPS%2BS1zL3Iek3VBMxUQ1%2FNtTp9eFpzZFWk1TbZb4y9qY5BbozLEp2Jmkz0d9cOxV%2FgOzS3um37L%2Bj6FJs0QSamonLIFIEnMJMwcfES7uvtLrFvcmF19msAR1I%2FVIB13OIAjCc3Z8bTStNh8p2jMRkYmif2dM8Jb2dJTZ9u6UHB5%2BCUTCKn7VdZlYHXkfbgvrvVSsMHwfoHtzQWhciugfvB4YHcFLjhWQEH4hBVAKByw8qjuBgPh%2FwFccYXz1w66zIIh3%2FYr%2F5OiSvb4f1AEikHMf3wUf%2F%2FD90MS0H0A4SHOp2Y5hFMRT6ztsJPSOL7D6rzXmr6QboNOzT%2BBU4iORFBanVZL5Xke9mPYg0tANvJxU8p2Doc3sGtOdir%2FCxHQQwnXQ%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.192.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab226b763647f1870.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: http://ww99.lidle.ch/page/bouncy.php?&bpae=GbhGdDsD4lx%2FjksT2d0i5BJj248r4x5BHlFQWYClbNs%2BA52rTbnbvixQt9ZKw4b6UMhbX20cZ6xieAbBPS%2BS1zL3Iek3VBMxUQ1%2FNtTp9eFpzZFWk1TbZb4y9qY5BbozLEp2Jmkz0d9cOxV%2FgOzS3um37L%2Bj6FJs0QSamonLIFIEnMJMwcfES7uvtLrFvcmF19msAR1I%2FVIB13OIAjCc3Z8bTStNh8p2jMRkYmif2dM8Jb2dJTZ9u6UHB5%2BCUTCKn7VdZlYHXkfbgvrvVSsMHwfoHtzQWhciugfvB4YHcFLjhWQEH4hBVAKByw8qjuBgPh%2FwFccYXz1w66zIIh3%2FYr%2F5OiSvb4f1AEikHMf3wUf%2F%2FD90MS0H0A4SHOp2Y5hFMRT6ztsJPSOL7D6rzXmr6QboNOzT%2BBU4iORFBanVZL5Xke9mPYg0tANvJxU8p2Doc3sGtOdir%2FCxHQQwnXQ%3D&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 14 May 2024 08:20:50 GMT
etag: W/"8ad-avtQqV+HD6okrlEHZFhrtDPhaoE"
vary: Accept-Encoding

Redirect headers

Location: https://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 stormcaster.js
cdn.perfdrive.com/advanced/ 237 KB
89 KB 400ms
20ms Script
application/javascript 130.211.29.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by: Host: platdom-1.online
URL: https://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.10.1 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://platdom-1.online/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 07:52:08 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 13 May 2024 04:56:43 GMT
server: nginx/1.10.1
age: 1723
etag: W/"66419d8b-3b3ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90560

GET
H/1.1

200
OK

/
uuj3-secondary.z8.web.core.windows.net/
Redirect Chain

https://platdom-1.online/api/v1/pxcheck?impId=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVX...
http://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0
https://xml-v4.clouback-2.online/click?seat=2698667&i=J2lv3qvzjHE_0
https://datevane.com/ms/?bid=0.05&conversion=CcgHhPUhx2E&source_subid=c44654220a43b9f753b2ffc8a&campaign=1203156&search_referrer_domain=lidle.ch&query=lidle.ch&carrier=Iway&state=zh&banner=6124913&...
https://uuj3-secondary.z8.web.core.windows.net/?bcda=00-1-808-470-2988

1 KB
2 KB

1302ms
318ms

Document
text/html

52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uuj3-secondary.z8.web.core.windows.net/?bcda=00-1-808-470-2988
Requested by: Host: platdom-1.online
URL: https://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://platdom-1.online/api/v1/px?xmlid=xP8NQEgXhfb5PSyUUmtkdAu2XIa9KZPhScm5DF6W
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Content-Length: 1412
Content-MD5: ZnsKIurjFTkmOqorqSRDAA==
Content-Type: text/html
Date: Tue, 14 May 2024 08:20:52 GMT
ETag: "0x8DC73DAD87392EC"
Last-Modified: Tue, 14 May 2024 05:58:15 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a6af0386-e01e-0015-17d7-a53191000000
x-ms-version: 2018-03-28

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 883978b04d4b0e87-AMS
content-type: text/html; charset=UTF-8
date: Tue, 14 May 2024 08:20:52 GMT
location: https://uuj3-secondary.z8.web.core.windows.net/?bcda=00-1-808-470-2988
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ByF8qhlW%2FuKaFXJDQPnKtG8%2BepsFHBoBQMB4BVvcX0Bkd0xBxKMrJXadGCp246MD9lVwztqq0zkyPn0VMHVrxA4XlifDyV4Z1%2BboBvYBcYADyT9Oe8X2ua2xSIRX3U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 360 B
423 B 81ms
26ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://platdom-1.online/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
x-response-time: 0ms
date: Tue, 14 May 2024 08:20:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 255 B
409 B 79ms
25ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://platdom-1.online/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
x-response-time: 0ms
date: Tue, 14 May 2024 08:20:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK Primary Request / Show response
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 19 KB
19 KB 327ms
326ms Document
text/html 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a69cf4a83e71d9f45a9d171e93e61796ed677d0db63cf66addb601688a203881

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://uuj3-secondary.z8.web.core.windows.net/?bcda=00-1-808-470-2988
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Content-Length: 19586
Content-MD5: LKG9IfYTkFq4HAylLowjuw==
Content-Type: text/html
Date: Tue, 14 May 2024 08:20:53 GMT
ETag: "0x8DC73DAD9EC401F"
Last-Modified: Tue, 14 May 2024 05:58:17 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a6af0389-e01e-0015-19d7-a53191000000
x-ms-version: 2018-03-28

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
97 KB 456ms
70ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513

Requested by

Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ce8bf75fb0cd13e511e541e4180832d0d18574d66d4ada8c503af9642c027e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:20:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98758
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 May 2024 08:20:54 GMT

GET
H/1.1 200
OK tapa.css
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 18 KB
18 KB 503ms
489ms Stylesheet
text/css 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/tapa.css
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3fdf9d88d8012df1d3d2717cea4153a642cb5396a5553b2e1df85a882e15f977

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:53 GMT
Last-Modified: Tue, 14 May 2024 05:58:19 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 0gNylJJj9SRnmoeUkYmxuw==
ETag: "0x8DC73DADB2296E7"
Content-Type: text/css
x-ms-request-id: a6af0392-e01e-0015-21d7-a53191000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 18167

GET
H2 200 jquery-1.4.4.min.js Show response
code.jquery.com/ 77 KB
27 KB 410ms
25ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.4.4.min.js
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:20:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1284491
x-cache: HIT, HIT
content-length: 27078
x-served-by: cache-lga21980-LGA, cache-fra-eddf8230058-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715674854.458379,VS0,VE0
etag: W/"28feccc0-13309"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4821, 10

GET
H/1.1 200
OK bg.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 452 KB
452 KB 826ms
317ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/bg.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4eaf7b7f53ea1a27a22bae168f560d9dc78dc2e2185162be9ee4db59e1e1065a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:54 GMT
Last-Modified: Tue, 14 May 2024 05:58:17 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: q5lu07Em8rXwwfIUuWr+eg==
ETag: "0x8DC73DAD9D33D8C"
Content-Type: image/png
x-ms-request-id: a6af03a8-e01e-0015-23d7-a53191000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 462770

GET
H/1.1 200
OK mnc.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 187 B
557 B 1992ms
305ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/mnc.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:18 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: JxAhz6RZQJeBhL4EiYQf0w==
ETag: "0x8DC73DADA7077F8"
Content-Type: image/png
x-ms-request-id: a6af03b2-e01e-0015-2dd7-a53191000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 187

GET
H/1.1 200
OK msmm.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 168 B
538 B 1560ms
308ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/msmm.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:18 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: rLBevNX0iPyZFpz/ArbdBA==
ETag: "0x8DC73DADA969802"
Content-Type: image/png
x-ms-request-id: b71f38f5-601e-0079-51d7-a5da06000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 168

GET
H/1.1 200
OK set.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 364 B
734 B 1575ms
309ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/set.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:56 GMT
Last-Modified: Tue, 14 May 2024 05:58:19 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 4UTDN4CQCHyM4SmjDLbLTg==
ETag: "0x8DC73DADB059D47"
Content-Type: image/png
x-ms-request-id: b9715fd9-a01e-0014-23d7-a56e4d000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 364

GET
H/1.1 200
OK vsc.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 722 B
1 KB 1774ms
306ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/vsc.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:19 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: QtjyzBrldZwjafJV8268Aw==
ETag: "0x8DC73DADB3AAF42"
Content-Type: image/png
x-ms-request-id: a6af03db-e01e-0015-32d7-a53191000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 722

GET
H/1.1 200
OK bx1.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 97 KB
97 KB 893ms
340ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/bx1.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 93ab9ddc223156f5f4ba7ff8fc14a885e9b5946fc10917571022d7c2d9a08886

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:54 GMT
Last-Modified: Tue, 14 May 2024 05:58:17 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: axGtFdp0iIvqkJUAep991g==
ETag: "0x8DC73DAD9A6B5CD"
Content-Type: image/png
x-ms-request-id: 2cd00d55-201e-0078-2ad7-a585da000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 99389

GET
H/1.1 200
OK bel.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 276 B
646 B 854ms
312ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/bel.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:54 GMT
Last-Modified: Tue, 14 May 2024 05:58:16 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: dhbZbDiDAeORZTZH4fXwVw==
ETag: "0x8DC73DAD94C1FF1"
Content-Type: image/png
x-ms-request-id: b71f38e4-601e-0079-40d7-a5da06000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 276

GET
H/1.1 200
OK pcm.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 1 KB
2 KB 1392ms
577ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/pcm.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:19 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: Bc3xosL8jwe+oKj0+TVmNw==
ETag: "0x8DC73DADAC6C8B5"
Content-Type: image/png
x-ms-request-id: 160b635d-801e-003c-20d7-a50fe5000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 1270

GET
H/1.1 200
OK dm.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 332 B
702 B 1396ms
584ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/dm.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:16 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: nYqQpj0g8F0n5dars14M0A==
ETag: "0x8DC73DAD968F28C"
Content-Type: image/png
x-ms-request-id: 9436db34-601e-008d-20d7-a511f0000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 332

GET
H/1.1 200
OK cs.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 3 KB
3 KB 1134ms
309ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/cs.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:16 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: sBow01S/z1Ht8z4LDqB0Ag==
ETag: "0x8DC73DAD9698EB9"
Content-Type: image/png
x-ms-request-id: b9715fd5-a01e-0014-1fd7-a56e4d000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 2681

GET
H/1.1 200
OK re.gif
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 14 KB
15 KB 1119ms
316ms Image
image/gif 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/re.gif
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:54 GMT
Last-Modified: Tue, 14 May 2024 05:58:19 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: b8t44M15M6cO6izwcfghGA==
ETag: "0x8DC73DADAFAF078"
Content-Type: image/gif
x-ms-request-id: b71f38ef-601e-0079-4bd7-a5da06000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 14751

GET
H/1.1 200
OK nvidia.js Show response
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 2 KB
2 KB 1765ms
296ms Script
text/javascript 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/nvidia.js
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3cbcbf9db3a155efee029d2ac9677aada1c65b57313b437c9c24551f829ebfa1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:18 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: X4XEjJUF9X5AicXXhWtqWA==
ETag: "0x8DC73DADAA40394"
Content-Type: text/javascript
x-ms-request-id: 160b6360-801e-003c-23d7-a50fe5000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 2079

GET
H/1.1 200
OK jupiter.js Show response
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 503 B
879 B 316ms
314ms Script
text/javascript 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/jupiter.js
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:17 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: zWwz+8Ih0CcckQr5EObr7Q==
ETag: "0x8DC73DADA05B7D6"
Content-Type: text/javascript
x-ms-request-id: 2cd00da2-201e-0078-3fd7-a585da000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 503

GET
H/1.1 200
OK jscode.js Show response
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 1 KB
1 KB 310ms
304ms Script
text/javascript 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/jscode.js
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 272dacb99e8bba5bb2d9202883cb687c5a3b8cd1c71d940df619ae886eb6eddf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:56 GMT
Last-Modified: Tue, 14 May 2024 05:58:17 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: ROTNNmaf5ePIm1wQ2uOgDw==
ETag: "0x8DC73DAD9FF291A"
Content-Type: text/javascript
x-ms-request-id: b9715fe2-a01e-0014-2cd7-a56e4d000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 1127

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
0 20ms
20ms Script
application/javascript 142.250.184.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513

Requested by

Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ce8bf75fb0cd13e511e541e4180832d0d18574d66d4ada8c503af9642c027e5a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:20:54 GMT
content-encoding: br
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98758
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 May 2024 08:20:54 GMT

GET
H/1.1 200
OK / Show response
ipwho.is/ 693 B
965 B 272ms
83ms XHR
application/json 195.201.57.90
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ipwho.is/?lang=en
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 195.201.57.90 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.90.57.201.195.clients.your-server.de
Software: ipwhois /
Resource Hash: 9099223944aba1e8c14044f32fbcaa311f301e066cb13f672dc430e24c1d02c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:54 GMT
Server: ipwhois
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Robots-Tag: noindex
Access-Control-Allow-Headers: *

GET
DATA 200
OK truncated
/ 349 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK mnc.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 187 B
0 1390ms
1390ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/mnc.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:18 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: JxAhz6RZQJeBhL4EiYQf0w==
ETag: "0x8DC73DADA7077F8"
Content-Type: image/png
x-ms-request-id: a6af03b2-e01e-0015-2dd7-a53191000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 187

GET
H/1.1 200
OK msmm.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 168 B
0 1483ms
1483ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/msmm.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:18 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: rLBevNX0iPyZFpz/ArbdBA==
ETag: "0x8DC73DADA969802"
Content-Type: image/png
x-ms-request-id: b71f38f5-601e-0079-51d7-a5da06000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 168

GET
H/1.1 200
OK set.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 364 B
0 1498ms
1498ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/set.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:56 GMT
Last-Modified: Tue, 14 May 2024 05:58:19 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 4UTDN4CQCHyM4SmjDLbLTg==
ETag: "0x8DC73DADB059D47"
Content-Type: image/png
x-ms-request-id: b9715fd9-a01e-0014-23d7-a56e4d000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 364

GET
H/1.1 200
OK vsc.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 722 B
0 1696ms
1696ms Image
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/vsc.png
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:19 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: QtjyzBrldZwjafJV8268Aw==
ETag: "0x8DC73DADB3AAF42"
Content-Type: image/png
x-ms-request-id: a6af03db-e01e-0015-32d7-a53191000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 722

GET
H/1.1 206
Partial Content Fm7-alert.wav
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 320 KB
0 320ms
319ms Media
audio/wav 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/Fm7-alert.wav
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:19 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8DC73DADB0D3D51"
Content-Type: audio/wav
Content-Range: bytes 0-4174951/4174952
x-ms-request-id: b71f38f9-601e-0079-55d7-a5da06000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 4174952

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 468ms
58ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GZ2WHBX513&gtm=45je45d0v869879441za200&_p=1715674854088&gcd=13l3l3l3l1&npa=0&dma=0&cid=347552170.1715674855&ul=de-ch&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715674854&sct=1&seg=0&dl=https%3A%2F%2Fuuj3-secondary.z8.web.core.windows.net%2Fwerrx01USAHTML%2F%3Fbcda%3D00-1-808-470-2988&dr=https%3A%2F%2Fuuj3-secondary.z8.web.core.windows.net%2F%3Fbcda%3D00-1-808-470-2988&dt=Computer%20Err00r%20Code%20%23B81TS100d83&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1066
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 08:20:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uuj3-secondary.z8.web.core.windows.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
The requested content does not exist. ai2.mp3
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 321 B
629 B 306ms
305ms Media
text/html 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ai2.mp3
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8f1d291b3ef3f79f0969c89912b13d554baeaf19c349f35b457efaf01e3007b5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

x-ms-request-id: b9715fe6-a01e-0014-30d7-a56e4d000000
Date: Tue, 14 May 2024 08:20:56 GMT
x-ms-version: 2018-03-28
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
Content-Length: 321
Content-Type: text/html

GET
H/1.1 206
Partial Content Fm7-alert.wav
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 16 KB
0 357ms
324ms Media
audio/wav 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/Fm7-alert.wav
Requested by: Host: uuj3-secondary.z8.web.core.windows.net
URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:56 GMT
Last-Modified: Tue, 14 May 2024 05:58:19 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8DC73DADB0D3D51"
Content-Type: audio/wav
Content-Range: bytes 0-4174951/4174952
x-ms-request-id: 2cd00db2-201e-0078-4dd7-a585da000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 4174952

GET
H/1.1 200
OK msmm.png
uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ 168 B
0 1ms
0ms Other
image/png 52.239.133.193
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/msmm.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.133.193 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/?bcda=00-1-808-470-2988
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 14 May 2024 08:20:55 GMT
Last-Modified: Tue, 14 May 2024 05:58:18 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: rLBevNX0iPyZFpz/ArbdBA==
ETag: "0x8DC73DADA969802"
Content-Type: image/png
x-ms-request-id: b71f38f5-601e-0079-51d7-a5da06000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 168

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 45ms
44ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GZ2WHBX513&gtm=45je45d0v869879441za200&_p=1715674854088&gcd=13l3l3l3l1&npa=0&dma=0&cid=347552170.1715674855&ul=de-ch&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1715674854&sct=1&seg=1&dl=https%3A%2F%2Fuuj3-secondary.z8.web.core.windows.net%2Fwerrx01USAHTML%2F%3Fbcda%3D00-1-808-470-2988&dr=https%3A%2F%2Fuuj3-secondary.z8.web.core.windows.net%2F%3Fbcda%3D00-1-808-470-2988&dt=Computer%20Err00r%20Code%20%23B81TS100d83&en=page_view&_ee=1&_et=4&tfd=6074
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://uuj3-secondary.z8.web.core.windows.net/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 14 May 2024 08:20:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uuj3-secondary.z8.web.core.windows.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.platdom-1.online/	1970-01-21 00:53:50	Name: __ssds Value: 2
.platdom-1.online/	1970-01-21 00:53:50	Name: __ssuzjsr2 Value: a9be0cd8e
.platdom-1.online/	1970-01-21 00:53:50	Name: __uzmaj2 Value: 4d25d056-5d09-4896-89f5-964b1621f68a
.platdom-1.online/	1970-01-21 00:53:50	Name: __uzmbj2 Value: 1715674851
.platdom-1.online/	1970-01-21 00:53:50	Name: __uzmcj2 Value: 209481057902
.platdom-1.online/	1970-01-21 00:53:50	Name: __uzmdj2 Value: 1715674851
.platdom-1.online/	1970-01-21 00:53:50	Name: __uzmlj2 Value: T2E7U5GW9VRriHRgRSrjU9YkEIcaAuVohNpLSAMo8cs=
.platdom-1.online/	1970-01-21 00:53:50	Name: __uzmfj2 Value: 7f600051670bfe-b8a8-44ae-bb8a-45d8e6daa0ab17156748512450-8166de50c3b7290410
.windows.net/	1970-01-21 06:10:34	Name: _ga Value: GA1.1.347552170.1715674855
.windows.net/	1970-01-21 06:10:34	Name: _ga_GZ2WHBX513 Value: GS1.1.1715674854.1.1.1715674854.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://uuj3-secondary.z8.web.core.windows.net/werrx01USAHTML/ai2.mp3 Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cas.avalon.perfdrive.com
cdn.perfdrive.com
code.jquery.com
datevane.com
ipwho.is
platdom-1.online
region1.google-analytics.com
thissubdomainshouldonlyresolveifwildcard.lidle.ch
uuj3-secondary.z8.web.core.windows.net
ww99.lidle.ch
www.googletagmanager.com
xml-v4.clouback-2.online
130.211.29.114
142.250.184.200
151.101.130.137
172.67.142.136
173.239.53.32
195.201.57.90
216.239.32.36
3.33.192.145
35.241.15.240
52.239.133.193
54.157.24.8
72.52.179.174
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115
272dacb99e8bba5bb2d9202883cb687c5a3b8cd1c71d940df619ae886eb6eddf
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd
3cbcbf9db3a155efee029d2ac9677aada1c65b57313b437c9c24551f829ebfa1
3fdf9d88d8012df1d3d2717cea4153a642cb5396a5553b2e1df85a882e15f977
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977
4eaf7b7f53ea1a27a22bae168f560d9dc78dc2e2185162be9ee4db59e1e1065a
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5
8f1d291b3ef3f79f0969c89912b13d554baeaf19c349f35b457efaf01e3007b5
9099223944aba1e8c14044f32fbcaa311f301e066cb13f672dc430e24c1d02c9
93ab9ddc223156f5f4ba7ff8fc14a885e9b5946fc10917571022d7c2d9a08886
a69cf4a83e71d9f45a9d171e93e61796ed677d0db63cf66addb601688a203881
afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41
ce8bf75fb0cd13e511e541e4180832d0d18574d66d4ada8c503af9642c027e5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

uuj3-secondary.z8.web.core.windows.net Open in urlscan Pro 52.239.133.193 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

95 %HTTPS

0 %IPv6

10 Domains

12 Subdomains

10 IPs

3 Countries

837 kBTransfer

1838 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

uuj3-secondary.z8.web.core.windows.net Open in urlscan Pro
52.239.133.193 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

95 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

837 kB
Transfer

1838 kB
Size

10
Cookies

37 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!