Report - apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780

Report Overview

Submitted URL
apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780
IP
52.239.247.97
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2024-05-08 19:26:39
Access
public
Website Title
apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780
Final URL
apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
userstatics.com	unknown	2020-11-05	2020-11-06	2024-05-03	535 B	830 B	0.0.0.0
apppmt11a39.z13.web.core.windows.net	unknown	unknown	No data	No data	15 kB	1.7 MB	52.239.247.97
m03lm.rdtk.io	unknown	2019-05-20	2024-02-27	2024-04-17	463 B	234 B	85.17.54.67
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-08	439 B	72 kB	142.250.74.168
plausible.io	48197	2018-12-30	2019-02-01	2024-05-08	937 B	2.8 kB	194.242.11.186

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/sandbox%20eval%20code	147 B	2023-04-11	2024-05-20
Pretty URL apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 01:03:29 Times Seen350871 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/jquery.min.js	85 kB	2023-12-11	2024-05-16
Pretty URL apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/jquery.min.js IP 52.239.247.97 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-11 03:59:36 Last Seen2024-05-16 07:57:44 Times Seen114 Hash 20c129bedb4a26db02fc0f54d026c3f5 093b9d2728788de24a728742070a348b2848573f 436ecc90fab5ed1034b68a4a0e924e0132d93d9e7fb59b4fe23018eb7d9242c1 Loading...

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780	466 B	2024-04-28	2024-05-08
Pretty URL apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 IP 52.239.247.97 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 19:11:17 Last Seen2024-05-08 23:02:22 Times Seen7 Hash 0363022eea253a949d31ec54b0df8211 4768d9e9581c1a888bd0d70b10af7879c1d2419e 5001595718c30049993bdc00f916bea2b18395534b3c54fb1ef5bcce20906d2a Loading...

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780	149 B	2023-03-07	2024-05-16
Pretty URL apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 IP 52.239.247.97 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:11:16 Last Seen2024-05-16 08:28:40 Times Seen65 Hash 1ef0d42ee74ef53d1d18bbe7a2d56bf2 9db93538573e87105b0f6aa4f55147fd56e6bca7 32e8240f3e8fae863d9d2094a5319b5d9949cac1318c0379dce62c9d8feb1fff Loading...

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780	20 B	2024-04-28	2024-05-08
Pretty URL apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 IP 52.239.247.97 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-28 19:11:17 Last Seen2024-05-08 23:02:22 Times Seen7 Hash d8d09b4f9db42424f4ab1945762a0c9e f6b880665843ea8693ace0c638335d46d250fe59 3a974176b7bf1ae8a35019bc21ce6ffbbf395a7c9e259b2ac7968c78efce9d13 Loading...

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/bootstrap.min.js	60 kB	2023-03-07	2024-05-19
Pretty URL apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/bootstrap.min.js IP 52.239.247.97 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2024-05-19 20:48:41 Times Seen7676 Hash 02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Loading...

	plausible.io/js/script.js	1.3 kB	2023-05-22	2024-05-20
Pretty URL plausible.io/js/script.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 17:22:24 Last Seen2024-05-20 00:47:41 Times Seen3606 Hash abd4e2373b2e8c4dac2e80159641c5f1 e273656e58ca934d873204e68dd35670fde657ed 021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94 Loading...

	userstatics.com/get/script.js?referrer=https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780	133 B	2023-11-04	2024-05-19
Pretty URL userstatics.com/get/script.js?referrer=https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-04 00:48:23 Last Seen2024-05-19 20:33:20 Times Seen1019 Hash fea7fbf2c619fd4b7716fcaa64070c6c f192732937981a26f526b7c1293a2ae13bc59a22 df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26 Loading...

	unknown	19 B	2023-04-10	2024-05-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23:44 Last Seen2024-05-19 19:49:51 Times Seen2663 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/main.js	1.4 kB	2024-03-03	2024-05-16
Pretty URL apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/main.js IP 52.239.247.97 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-03 07:45:36 Last Seen2024-05-16 07:57:43 Times Seen54 Hash da6aacc1ca8eaa4902d9fee5c9c984b7 a06f41817583ce6182dd7121460c0bd16ea8b088 989120d05b8f3d703fd6e63b49b94845d7e038d536dd27723619e1f00623683f Loading...

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/scripts.js	464 B	2024-03-03	2024-05-16
Pretty URL apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/scripts.js IP 52.239.247.97 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-03 07:45:37 Last Seen2024-05-16 07:57:43 Times Seen61 Hash 2856b9008b89d67be19d586e43ae8521 d47ac3f1328fb58b19584d77d2e3acc93663fb10 19e9aaa12f8478366b3707ff49b0e3cfc4818f9343b48f5d43890c943d1b1a3d Loading...

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780	246 B	2023-08-26	2024-05-18
Pretty URL apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 IP 52.239.247.97 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45:17 Last Seen2024-05-18 12:51:18 Times Seen332 Hash 9ec45c98de528138d873351ee3004c1c be9c6a2c15144063bf95641ec4215a06199b4f5d 28bcb0154baedf9de9f39772f0e45b0c4d88d2e4a951fbd8b4234ea31bd9872a Loading...

	www.googletagmanager.com/gtag/js?id=UA-xxx-x	195 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-xxx-x IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 21:26:46 Last Seen2024-05-08 21:26:46 Times Seen2 Hash 79266d7c82586a83ea84084cd8965e27 3c054a0eb6ed8ad84d9c3efa96c361ffe5458e31 b2a91a9f342e0d27b7c1e3eae293c833eceddd0d7637b6b8a842696a2ee5e156 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 01:03:27 Times Seen350356 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780	73 B	2023-08-26	2024-05-18
Pretty URL apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 IP 52.239.247.97 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45:18 Last Seen2024-05-18 12:51:18 Times Seen320 Hash cd05d2ea6e1e26930fe1232ce0f4709f 1e411c92606c409da1deff96d681bc7c03c3ad35 1515e9dededc6a4e090e8e60a43d98dcc6a44b5f6a8f146244c4e49b5f73f945 Loading...

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780	90 B	2023-05-13	2024-05-18
Pretty URL apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 IP 52.239.247.97 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-13 00:31:26 Last Seen2024-05-18 12:51:18 Times Seen343 Hash e549f355ec9b013498cee4479b6c1734 ee702e014a1491972cf45f03d601a4cb1d722e2d 70fcad8ae74a4d5b135d85561562a134705ee5f42437d6a82dde5c1e6eb7f9d4 Loading...

		Size	First Seen	Last Seen
	#1 Write - 2cc6ca0d3ea554aff0a8f23b5e1ea63b	14 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 21:26:46 Last Seen2024-05-08 21:26:46 Times Seen1 Hash 2cc6ca0d3ea554aff0a8f23b5e1ea63b 54dec8ea6268f72c69443b100d3425306e017453 9231da9cbd7f5ac8ec747a6d7f51adc5ac1ce7ad9d6fd9f00484d2aebd1e32a1 Loading...

HTTP Transactions (31)

	URL	IP	Response	Size
	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780	52.239.247.97	200 OK	23 kB
URL User Request GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (604) Size 23 kB (22737 bytes) Hash 86b7a66d112b40975afc7c93725d15f2 f7fcc4c82d726cd7f263b019c0fdc0c0d32456f9 a77fdbaba82bdfa7887f7adbad68d4670ef1ef5d2b6959841a82aa075cd69a34 HTTP Headers GET /Win0security-helpline07/index.html?ph0n=1-844-476-5780 HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 22737 Content-Type: text/html Content-MD5: hrembRErQJda/HyTcl0V8g== Last-Modified: Tue, 07 May 2024 12:39:49 GMT Accept-Ranges: bytes ETag: "0x8DC6E92C90BDE1B" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: ae1799dd-e01e-00dd-797d-a1b9bd000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:12 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/css/styles.css	52.239.247.97	200 OK	9.0 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/css/styles.css IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type assembler source, ASCII text, with very long lines (1266) Size 9.0 kB (8998 bytes) Hash 6ef2560453a7b6bff8ea7ec4265a9816 1ed7044a0579bb751b10ba7353a36e9d208c659e a072681ff11d60e33eb625e1d75e828542f80c9362d905c3eb9626063e27b4cc HTTP Headers GET /Win0security-helpline07/css/styles.css HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 8998 Content-Type: text/css Content-MD5: bvJWBFOntr/46n7EJlqYFg== Last-Modified: Tue, 07 May 2024 12:39:50 GMT Accept-Ranges: bytes ETag: "0x8DC6E92C95A40EE" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: ae179c06-e01e-00dd-6f7d-a1b9bd000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:13 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/css/font-awesome.min.css	52.239.247.97	200 OK	27 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/css/font-awesome.min.css IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type ASCII text, with very long lines (27265) Size 27 kB (27428 bytes) Hash fd1609eb97e739683acf23120fd6f6c9 19b2e83fe8df09b85e74835c398aefee816bdfcb ce26d1b76dae2f3b5d0ccc8d0ecd88d2edb411101b8a4c5edc4d9aa7008c9b04 HTTP Headers GET /Win0security-helpline07/css/font-awesome.min.css HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 27428 Content-Type: text/css Content-MD5: /RYJ65fnOWg6zyMSD9b2yQ== Last-Modified: Tue, 07 May 2024 12:39:50 GMT Accept-Ranges: bytes ETag: "0x8DC6E92C962F23D" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: ae179c54-e01e-00dd-377d-a1b9bd000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:13 GMT`

	m03lm.rdtk.io/postback?format=img&sum={replace}	85.17.54.67	400 Bad Request	73 B
URL GET HTTP/1.1 m03lm.rdtk.io/postback?format=img&sum={replace} IP 85.17.54.67:443 ASN #60781 LeaseWeb Netherlands B.V. Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerGoGetSSL Subject.rdtk.io Fingerprint3F:B8:3B:F6:C3:51:99:DC:0C:C4:BD:84:8C:14:9D:BA:06:6F:F8:9F ValidityWed, 19 Jul 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT File type JSON text data Size 73 B (73 bytes) Hash 6742622fd8c56312fdeefb1afae72019 f060d7d23c7fbc50993bbf1d4980c0908acfa3e8 68399ccccc0b28cf635b2065f20e239ddbb33cc3a2e755879259e0ab23765795 HTTP Headers `GET /postback?format=img&sum={replace} HTTP/1.1 Host: m03lm.rdtk.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 400 Bad Request Server: nginx/1.20.2 Date: Wed, 08 May 2024 19:26:14 GMT Content-Type: application/json Content-Length: 73 Connection: keep-alive`

	www.googletagmanager.com/gtag/js?id=UA-xxx-x	142.250.74.168	200 OK	71 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-xxx-x IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT File type JavaScript source, ASCII text, with very long lines (1822) Size 71 kB (70860 bytes) Hash 79266d7c82586a83ea84084cd8965e27 3c054a0eb6ed8ad84d9c3efa96c361ffe5458e31 b2a91a9f342e0d27b7c1e3eae293c833eceddd0d7637b6b8a842696a2ee5e156 HTTP Headers `GET /gtag/js?id=UA-xxx-x HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Wed, 08 May 2024 19:26:14 GMT expires: Wed, 08 May 2024 19:26:14 GMT cache-control: private, max-age=900 last-modified: Wed, 08 May 2024 18:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 70860 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/minimize.jpg	52.239.247.97	200 OK	17 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/minimize.jpg IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=39, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=180], baseline, precision 8, 180x39, components 3 Size 17 kB (17173 bytes) Hash 4bf52eb9b3efce840add1a90d83a40e5 6348a7617dfce3165e07af53a48df7892d62ffe1 a85f1e749a829c5c909837844c6b53ce0a9ae2adb7c8eac0e7b96c372c679a0d HTTP Headers GET /Win0security-helpline07/images/minimize.jpg HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 17173 Content-Type: image/jpeg Content-MD5: S/UuubPvzoQK3RqQ2DpA5Q== Last-Modified: Tue, 07 May 2024 12:39:50 GMT Accept-Ranges: bytes ETag: "0x8DC6E92C964519C" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: ae179cad-e01e-00dd-077d-a1b9bd000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:13 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/main.js	52.239.247.97	200 OK	1.4 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/main.js IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type JavaScript source, ASCII text, with CRLF line terminators Size 1.4 kB (1358 bytes) Hash da6aacc1ca8eaa4902d9fee5c9c984b7 a06f41817583ce6182dd7121460c0bd16ea8b088 989120d05b8f3d703fd6e63b49b94845d7e038d536dd27723619e1f00623683f HTTP Headers GET /Win0security-helpline07/js/main.js HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 1358 Content-Type: text/javascript Content-MD5: 2mqswcqOqkkC2f7lycmEtw== Last-Modified: Tue, 07 May 2024 12:39:53 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CB18528E" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 59fd6e01-801e-0000-397d-a14c3f000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/scripts.js	52.239.247.97	200 OK	464 B
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/scripts.js IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type JavaScript source, ASCII text Size 464 B (464 bytes) Hash 2856b9008b89d67be19d586e43ae8521 d47ac3f1328fb58b19584d77d2e3acc93663fb10 19e9aaa12f8478366b3707ff49b0e3cfc4818f9343b48f5d43890c943d1b1a3d HTTP Headers GET /Win0security-helpline07/js/scripts.js HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 464 Content-Type: text/javascript Content-MD5: KFa5AIuJ1nvhnVhuQ66FIQ== Last-Modified: Tue, 07 May 2024 12:39:53 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CB641DB6" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: ce9266ef-701e-0014-577d-a10450000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/kxFy-clip.png	52.239.247.97	200 OK	542 B
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/kxFy-clip.png IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type PNG image data, 66 x 68, 8-bit colormap, non-interlaced Size 542 B (542 bytes) Hash 0e9558d2d6e8000ce5c6c749c8fc67c2 f7ba9490807ef70bb6195150d6287cd54b7fefd0 91fb42a68a122344fd78cfd5f0cf9d06ff6d307fd4a5c68f40231c5950ece9a1 HTTP Headers GET /Win0security-helpline07/images/kxFy-clip.png HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 542 Content-Type: image/png Content-MD5: DpVY0tboAAzlxsdJyPxnwg== Last-Modified: Tue, 07 May 2024 12:39:52 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CAD89396" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 74582f35-101e-00c9-3a7d-a1f1d2000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/qsbs-firewall.png	52.239.247.97	200 OK	920 B
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/qsbs-firewall.png IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type PNG image data, 77 x 63, 8-bit colormap, non-interlaced Size 920 B (920 bytes) Hash b0495ede4c875843fec037c794e9ff9a c813aefba255a5cc53aea7811f987ccb551c3128 52b762d47c066e16300675d56cc359b504ffd3239438c96eb973864311bb7b79 HTTP Headers GET /Win0security-helpline07/images/qsbs-firewall.png HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 920 Content-Type: image/png Content-MD5: sEle3kyHWEP+wDfHlOn/mg== Last-Modified: Tue, 07 May 2024 12:39:50 GMT Accept-Ranges: bytes ETag: "0x8DC6E92C9AB3B79" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: ae179cf9-e01e-00dd-4b7d-a1b9bd000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:13 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/s-S4-acc.png	52.239.247.97	200 OK	813 B
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/s-S4-acc.png IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type PNG image data, 77 x 72, 8-bit colormap, non-interlaced Size 813 B (813 bytes) Hash d648c1837d01495eccd63e053491f72a 991d8f6c72777239472410d6129fd5f25ed9d134 9edbf56b360080f5d6765dce77353b8130e9f8316ad34c68f6c2792cdc446321 HTTP Headers GET /Win0security-helpline07/images/s-S4-acc.png HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 813 Content-Type: image/png Content-MD5: 1kjBg30BSV7M1j4FNJH3Kg== Last-Modified: Tue, 07 May 2024 12:39:52 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CAD8BAA4" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 74582f8a-101e-00c9-7c7d-a1f1d2000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/microsoft.png	52.239.247.97	200 OK	1.0 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/microsoft.png IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced Size 1.0 kB (1045 bytes) Hash bf2b460590fbb9d8e9611a6e9006b816 561e1dab259d61e798b3ce380527b71b61074ff3 ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03 HTTP Headers GET /Win0security-helpline07/images/microsoft.png HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 1045 Content-Type: image/png Content-MD5: vytGBZD7udjpYRpukAa4Fg== Last-Modified: Tue, 07 May 2024 12:39:50 GMT Accept-Ranges: bytes ETag: "0x8DC6E92C9BAC9A4" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: ae179d53-e01e-00dd-247d-a1b9bd000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:13 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/jquery.min.js	52.239.247.97	200 OK	85 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/jquery.min.js IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type JavaScript source, ASCII text, with very long lines (32478) Size 85 kB (84817 bytes) Hash 20c129bedb4a26db02fc0f54d026c3f5 093b9d2728788de24a728742070a348b2848573f 436ecc90fab5ed1034b68a4a0e924e0132d93d9e7fb59b4fe23018eb7d9242c1 HTTP Headers GET /Win0security-helpline07/js/jquery.min.js HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 84817 Content-Type: text/javascript Content-MD5: IMEpvttKJtsC/A9U0CbD9Q== Last-Modified: Tue, 07 May 2024 12:39:52 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CAFAE3BE" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 8de4cd72-201e-00a0-367d-a1c89e000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/bootstrap.min.js	52.239.247.97	200 OK	60 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/js/bootstrap.min.js IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type JavaScript source, ASCII text, with very long lines (59765) Size 60 kB (60044 bytes) Hash 02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 HTTP Headers GET /Win0security-helpline07/js/bootstrap.min.js HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 60044 Content-Type: text/javascript Content-MD5: AtIjOT4AwnPv3LGt6PT4sQ== Last-Modified: Tue, 07 May 2024 12:39:53 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CB55A0DF" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 8de4cd83-201e-00a0-477d-a1c89e000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/media/speech.mp3	52.239.247.97	416 The range specified is invalid for the current size of the resource.	340 B
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/media/speech.mp3 IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type HTML document, ASCII text, with very long lines (340), with no line terminators Size 340 B (340 bytes) Hash d2cfee1ed23cbc5391c315dd290def9e 2a865d4577df298719d2217c52edfd68be42def8 b104742b342fbcb72ac6957946336317e3773512345e49ba6a47034aac585f4c HTTP Headers GET /Win0security-helpline07/media/speech.mp3 HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 416 The range specified is invalid for the current size of the resource. Content-Length: 340 Content-Type: text/html Content-Range: bytes /0 Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-error-code: InvalidRange x-ms-request-id: ae179dd7-e01e-00dd-167d-a1b9bd000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:13 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/Z5BR-network.png	52.239.247.97	200 OK	607 B
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/Z5BR-network.png IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type PNG image data, 63 x 70, 8-bit colormap, non-interlaced Size 607 B (607 bytes) Hash 2cd03a547f00cad010f9038619df45de 912f919836a77a514c76b990aceaf5e930a24024 c56a8ae4818963e0d71eda4ebf46b4f2cdd3a238537dc8e99711fb690d272a73 HTTP Headers GET /Win0security-helpline07/images/Z5BR-network.png HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 607 Content-Type: image/png Content-MD5: LNA6VH8AytAQ+QOGGd9F3g== Last-Modified: Tue, 07 May 2024 12:39:50 GMT Accept-Ranges: bytes ETag: "0x8DC6E92C967D389" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 8de4ce79-201e-00a0-337d-a1c89e000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/uZbx-si.png	52.239.247.97	200 OK	5.4 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/uZbx-si.png IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type PNG image data, 42 x 702, 8-bit grayscale, non-interlaced Size 5.4 kB (5377 bytes) Hash 51147eb9734c3c0caf22aa77a80d96f0 dc33807cd0c0c35bb98d8e23efe2d625137a43f5 92d8510869b3d581401a93130fa72e4b54c5bf28dc8005994c5248d9afbfc37b HTTP Headers GET /Win0security-helpline07/images/uZbx-si.png HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 5377 Content-Type: image/png Content-MD5: URR+uXNMPAyvIqp3qA2W8A== Last-Modified: Tue, 07 May 2024 12:39:51 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CA637477" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 8de4ce86-201e-00a0-407d-a1c89e000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/-EBq-current.png	52.239.247.97	200 OK	1.2 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/-EBq-current.png IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type PNG image data, 27 x 28, 8-bit colormap, non-interlaced Size 1.2 kB (1162 bytes) Hash 35629cc2adc804353a548305f1217206 cda6e89c5f6a644683aea6999a5d11e00dc64275 c1d52e31f7fc13cbb3efca8b0ec937ddd97a5ec545c4dad26193429db10d8662 HTTP Headers GET /Win0security-helpline07/images/-EBq-current.png HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 1162 Content-Type: image/png Content-MD5: NWKcwq3IBDU6VIMF8SFyBg== Last-Modified: Tue, 07 May 2024 12:39:50 GMT Accept-Ranges: bytes ETag: "0x8DC6E92C9B5251E" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: ae179e21-e01e-00dd-5b7d-a1b9bd000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:13 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/nOxp-sett.png	52.239.247.97	200 OK	463 B
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/nOxp-sett.png IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type PNG image data, 33 x 31, 8-bit colormap, non-interlaced Size 463 B (463 bytes) Hash 905d91c276116928fa306ea732723fa9 092604f6a8786e46a7dee06065d29d2896fcf568 9cffd13c2ce05ebe032709a88fa59504e1218a12b175ec40d5aab280c18be51e HTTP Headers GET /Win0security-helpline07/images/nOxp-sett.png HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 463 Content-Type: image/png Content-MD5: kF2RwnYRaSj6MG6nMnI/qQ== Last-Modified: Tue, 07 May 2024 12:39:50 GMT Accept-Ranges: bytes ETag: "0x8DC6E92C9B7BCD4" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 8de4cec8-201e-00a0-7e7d-a1c89e000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	plausible.io/api/event	194.242.11.186	202 Accepted	2 B
URL POST HTTP/2 plausible.io/api/event IP 194.242.11.186:443 ASN #34989 ServeTheWorld AS Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerLet's Encrypt Subjectplausible.io FingerprintAD:0F:7D:DD:AB:46:B3:42:B1:97:57:A4:EB:88:19:D6:08:6A:AD:65 ValidityTue, 23 Apr 2024 07:08:31 GMT - Mon, 22 Jul 2024 07:08:30 GMT File type ASCII text, with no line terminators Size 2 B (2 bytes) Hash 444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df HTTP Headers `POST /api/event HTTP/1.1 Host: plausible.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 144 Origin: https://apppmt11a39.z13.web.core.windows.net DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 202 Accepted date: Wed, 08 May 2024 19:26:14 GMT content-type: text/plain; charset=utf-8 content-length: 2 server: BunnyCDN-NO1-830 cdn-pullzone: 682664 cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254 cdn-requestcountrycode: NO access-control-allow-credentials: true access-control-allow-origin: * alt-svc: h3=":443"; ma=2592000 cache-control: must-revalidate, max-age=0, private application: 10.0.0.3 permissions-policy: interest-cohort=() x-request-id: F82aA_CjF123v1MgGEId cdn-proxyver: 1.04 cdn-requestpullsuccess: True cdn-requestpullcode: 202 cdn-cachedat: 05/08/2024 19:26:14 cdn-edgestorageid: 830 cdn-requestid: 3688ce81504c73a64faf2c9fa390782a X-Firefox-Spdy: h2

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/_Fm7-alert.mp3	52.239.247.97	404 The requested content does not exist.	321 B
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/_Fm7-alert.mp3 IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type HTML document, ASCII text, with very long lines (321), with no line terminators Size 321 B (321 bytes) Hash 863b86602663fbe235a7d47bd743b781 709cd6f47a939e3866261b374b0c78235a75e80f aa4846f227b0fef52a7e45b5847c9cea5a0131909e94f1c3559689aaf37740e4 HTTP Headers GET /Win0security-helpline07/_Fm7-alert.mp3 HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/*;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Cookie: PHPREFS=full Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 404 The requested content does not exist. Content-Length: 321 Content-Type: text/html Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-error-code: WebContentNotFound x-ms-request-id: ae179e7b-e01e-00dd-2d7d-a1b9bd000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/re.gif	52.239.247.97	200 OK	15 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/re.gif IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type GIF image data, version 89a, 193 x 71 Size 15 kB (14751 bytes) Hash 6fcb78e0cd7933a70eea2cf071f82118 70364bffd62fe33360abe70ecc7f7c0541b3b54c 4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86 HTTP Headers GET /Win0security-helpline07/images/re.gif HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 14751 Content-Type: image/gif Content-MD5: b8t44M15M6cO6izwcfghGA== Last-Modified: Tue, 07 May 2024 12:39:51 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CA64FADC" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 8de4cf2f-201e-00a0-617d-a1c89e000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/cross.png	52.239.247.97	200 OK	386 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/cross.png IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type PNG image data, 2080 x 2080, 8-bit/color RGBA, non-interlaced Size 386 kB (386359 bytes) Hash be42ad7752720327d28bf52dbdbb64c2 f4cce31b9236319aa9c87fee038638d1de12c07d c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868 HTTP Headers GET /Win0security-helpline07/images/cross.png HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 386359 Content-Type: image/png Content-MD5: vkKtd1JyAyfSi/Utvbtkwg== Last-Modified: Tue, 07 May 2024 12:39:52 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CA6D5E1A" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 8de4ced7-201e-00a0-0d7d-a1c89e000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/bg2.jpg	52.239.247.97	200 OK	463 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/bg2.jpg IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type PNG image data, 1920 x 4340, 8-bit colormap, non-interlaced Size 463 kB (462770 bytes) Hash ab996ed3b126f2b5f0c1f214b96afe7a 77223f12976d20e06058fe40040e261bd5688f39 4eaf7b7f53ea1a27a22bae168f560d9dc78dc2e2185162be9ee4db59e1e1065a HTTP Headers GET /Win0security-helpline07/images/bg2.jpg HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 462770 Content-Type: image/jpeg Content-MD5: q5lu07Em8rXwwfIUuWr+eg== Last-Modified: Tue, 07 May 2024 12:39:52 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CAB8660F" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: ce926739-701e-0014-1d7d-a10450000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/bg1.jpg	52.239.247.97	200 OK	463 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/bg1.jpg IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type PNG image data, 1920 x 4340, 8-bit colormap, non-interlaced Size 463 kB (462770 bytes) Hash ab996ed3b126f2b5f0c1f214b96afe7a 77223f12976d20e06058fe40040e261bd5688f39 4eaf7b7f53ea1a27a22bae168f560d9dc78dc2e2185162be9ee4db59e1e1065a HTTP Headers GET /Win0security-helpline07/images/bg1.jpg HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 462770 Content-Type: image/jpeg Content-MD5: q5lu07Em8rXwwfIUuWr+eg== Last-Modified: Tue, 07 May 2024 12:39:52 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CAD75B43" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 59fd6e80-801e-0000-287d-a14c3f000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/media/_Fm7-alert.mp3	52.239.247.97	206 Partial Content	87 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/media/_Fm7-alert.mp3 IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type Audio file with ID3 version 2.3.0, contains: - MPEG ADTS, layer III, v2, 64 kbps, 22.05 kHz, Monaural Size 87 kB (86866 bytes) Hash 039e30bfacc43f82817f6b1ba8d9bf95 995bf264cf1862e570604bd7779f8ad51b5b2943 b6d4b10a77d80b69fbb2ddc4b0cdc7913d574365d3ee90c6a8eaec239982888a HTTP Headers GET /Win0security-helpline07/media/_Fm7-alert.mp3 HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: audio/webm,audio/ogg,audio/wav,audio/;q=0.9,application/ogg;q=0.7,video/;q=0.6,/*;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Sec-Fetch-Dest: audio Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Accept-Encoding: identity Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 206 Partial Content Content-Length: 200832 Content-Type: audio/mpeg Content-Range: bytes 0-200831/200832 Last-Modified: Tue, 07 May 2024 12:40:00 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CF7A47EC" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 74582fe4-101e-00c9-4d7d-a1f1d2000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/microsoft.png	52.239.247.97	200 OK	1.0 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/images/microsoft.png IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced Size 1.0 kB (1045 bytes) Hash bf2b460590fbb9d8e9611a6e9006b816 561e1dab259d61e798b3ce380527b71b61074ff3 ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03 HTTP Headers GET /Win0security-helpline07/images/microsoft.png HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Cookie: PHPREFS=full Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 1045 Content-Type: image/png Content-MD5: vytGBZD7udjpYRpukAa4Fg== Last-Modified: Tue, 07 May 2024 12:39:50 GMT Accept-Ranges: bytes ETag: "0x8DC6E92C9BAC9A4" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: ce92696c-701e-0014-267d-a10450000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:15 GMT`

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/fonts/fontawesome-webfont.woff2	52.239.247.97	200 OK	67 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/fonts/fontawesome-webfont.woff2 IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type Web Open Font Format (Version 2), TrueType, length 66624, version 4.262 Size 67 kB (66624 bytes) Hash db812d8a70a4e88e888744c1c9a27e89 638c652d623280a58144f93e7b552c66d1667a11 ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995 HTTP Headers GET /Win0security-helpline07/fonts/fontawesome-webfont.woff2 HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/css/font-awesome.min.css Cookie: PHPREFS=full Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 66624 Content-Type: application/octet-stream Content-MD5: 24EtinCk6I6Ih0TByaJ+iQ== Last-Modified: Tue, 07 May 2024 12:39:56 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CD503DA2" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: 59fd7257-801e-0000-2c7d-a14c3f000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:15 GMT`

	plausible.io/js/script.js	194.242.11.186	200 OK	1.3 kB
URL GET HTTP/2 plausible.io/js/script.js IP 194.242.11.186:443 ASN #34989 ServeTheWorld AS Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerLet's Encrypt Subjectplausible.io FingerprintAD:0F:7D:DD:AB:46:B3:42:B1:97:57:A4:EB:88:19:D6:08:6A:AD:65 ValidityTue, 23 Apr 2024 07:08:31 GMT - Mon, 22 Jul 2024 07:08:30 GMT File type ASCII text, with very long lines (1384), with no line terminators Size 1.3 kB (1346 bytes) Hash 16cfd1982a40489c41a52add24d36b85 344f1896d895c5d0a7c4caecafcf1942603cd026 72073aacecd145e525b16c4c845c07bff5798e813eeed702dff748a18b6186ce HTTP Headers `GET /js/script.js HTTP/1.1 Host: plausible.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Wed, 08 May 2024 19:26:14 GMT content-type: application/javascript server: BunnyCDN-NO1-830 cdn-pullzone: 682664 cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254 cdn-requestcountrycode: NO vary: Accept-Encoding, Accept-Encoding access-control-allow-origin: * alt-svc: h3=":443"; ma=2592000 cache-control: public, must-revalidate, max-age=86400 application: 10.0.0.3 cross-origin-resource-policy: cross-origin permissions-policy: interest-cohort=() x-content-type-options: nosniff cdn-proxyver: 1.04 cdn-requestpullsuccess: True cdn-requestpullcode: 200 cdn-cachedat: 05/08/2024 10:36:16 cdn-edgestorageid: 830 cdn-status: 200 cdn-requestid: 3d0d0d12d44f900aa26c39a64d21dada cdn-cache: HIT content-encoding: br X-Firefox-Spdy: h2

	apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/fonts/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2	52.239.247.97	200 OK	22 kB
URL GET HTTP/1.1 apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/fonts/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 IP 52.239.247.97:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerMicrosoft Corporation Subject.web.core.windows.net FingerprintF3:94:FB:2C:3F:A7:26:59:CA:5A:EE:26:0B:18:38:A8:FF:B8:C5:EB ValidityWed, 27 Sep 2023 11:46:08 GMT - Fri, 27 Sep 2024 11:46:08 GMT File type Web Open Font Format (Version 2), TrueType, length 21716, version 1.0 Size 22 kB (21716 bytes) Hash d4ff90db5da894c833f356f47a16e408 30606044507d81b996c992895ab16b8a8d68be97 f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7 HTTP Headers GET /Win0security-helpline07/fonts/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 HTTP/1.1 Host: apppmt11a39.z13.web.core.windows.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Cookie: PHPREFS=full Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Length: 21716 Content-Type: application/octet-stream Content-MD5: 1P+Q212olMgz81b0ehbkCA== Last-Modified: Tue, 07 May 2024 12:39:57 GMT Accept-Ranges: bytes ETag: "0x8DC6E92CDA57D3C" Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id: c74eda13-901e-00b5-417d-a1df2d000000 x-ms-version: 2018-03-28 Date: Wed, 08 May 2024 19:26:14 GMT`

	userstatics.com/get/script.js?referrer=https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780	0.0.0.0		0 B
URL GET userstatics.com/get/script.js?referrer=https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 IP 0.0.0.0:0 ASN #0 Requested by https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 Certificate IssuerLet's Encrypt Subjectuserstatics.com FingerprintAB:62:24:6D:5D:BB:D9:D8:00:B7:CB:47:DD:7C:74:69:C8:48:16:49 ValidityThu, 28 Mar 2024 13:34:23 GMT - Wed, 26 Jun 2024 13:34:22 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /get/script.js?referrer=https://apppmt11a39.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-844-476-5780 HTTP/1.1 Host: userstatics.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://apppmt11a39.z13.web.core.windows.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 08 May 2024 19:26:15 GMT content-type: text/html; charset=utf-8 x-powered-by: PHP/8.2.1 access-control-allow-origin: https://apppmt11a39.z13.web.core.windows.net access-control-allow-methods: GET, POST access-control-allow-headers: X-Requested-With,content-type access-control-allow-credentials: true cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yjKhript7J1DjM0DSAaAihoag18HbwivzpuhruDV4LFhTBUAoGV0sukID%2FMPcvJsy1kgfv25sYZO%2Bktqs7JKoefwt8pp0BErfYLwRaeWSdSFUTfbZXhykCSYsByz3xF549s%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 880bd724afd1569f-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML