Report - nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html

Report Overview

Visited public
2023-12-05 20:33:27
Tags
fake_software scam
URL
nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Finishing URL
nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
IP / ASN
52.239.170.33
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
Computer Error 2V7HG0TV07
Scam - Fake AntiVirus / Security software

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-05 05:09:20	436 B	28 kB	151.101.66.137
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-05 06:24:59	449 B	94 kB	142.250.74.72
www.clarity.ms	1404	2017-04-03	2018-08-22 09:41:57	2023-12-03 14:34:54	932 B	63 kB	13.107.246.53
ipwho.is	unknown	2022-01-29	2020-06-08 13:52:47	2023-12-05 13:04:26	462 B	926 B	195.201.57.90
c.clarity.ms	803	2017-04-03	2021-02-04 00:22:47	2023-12-05 18:14:45	1.0 kB	1.5 kB	68.219.88.97
c.bing.com	247	1996-01-29	2012-05-22 12:26:32	2023-12-05 17:50:35	545 B	1.1 kB	204.79.197.200
y.clarity.ms	unknown	2017-04-03	2023-02-13 18:09:57	2023-12-02 17:34:41	2.8 kB	1.5 kB	104.211.35.148
nnb44.z13.web.core.windows.net	unknown	unknown	No data	No data	20 kB	405 kB	52.239.170.33

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-05 20:33:15	medium	Client IP	Internal IP	ET INFO External IP Lookup Domain in DNS Lookup (ipwho .is)
2023-12-05 20:33:15	medium	Client IP	Internal IP	ET INFO External IP Lookup Domain in DNS Lookup (ipwho .is)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (30)

	URL	From	Size	First Seen	Last Seen
	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	153 B	2023-08-02	2024-08-20
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 23:15 Last Seen2024-08-20 16:38 Times Seen5 Hash 178cfa5922695acddc0231f7a09cb645 dbb2bdaa92b6634c4a50261be65155aec949c9b7 1d7831ffc42b64d06380c72fbef36ae16b56c7cb5e908f4260ea31cd10b909d6 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/noir.js	ScriptElement	84 kB	2023-03-09	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/noir.js IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:01 Last Seen2025-05-10 22:27 Times Seen2569 Hash a8325a8dddc75eb4cd78a4c9d207aaf3 5a956570fbffd26b497f38ea3a28f0bc075d5efc 46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	120 B	2023-03-07	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:11 Last Seen2025-05-10 22:27 Times Seen1802 Hash fb5ce230a20baf9bce84978701f34a28 bc1166d544f12f34e387980cd8c8e9abd111f579 1e1dc4934ec57af1a5653b1b8564edffc6e887db27ea7b1064d3c3f0e5a788f7 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	754 B	2023-08-26	2024-10-24
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2024-10-24 23:28 Times Seen47 Hash bad4869854542de2c6bd18e4d98e94b3 853084f61717586c335766263ba7124fd5032c8c f6dd7bb768420dfb8effee4dbabd0cbf92b68c9923e4aae11db3c7e5febbb4a3 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	309 B	2023-09-14	2024-08-21
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-14 18:41 Last Seen2024-08-21 06:53 Times Seen7 Hash 461c2c0ba5843ba44bdabf566b3f881d 483b009745372c4c9bf8ccc4c60e7e1b92a150f4 d46d71f630fa99ccff42b94cb81f893463eacd6f112a385e0e60e3c73357ed99 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	271 B	2023-08-26	2025-05-07
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-07 22:24 Times Seen392 Hash d93ca50849be01ed445da65b43acab48 48d660eb9e1cdd74e8fa66c4ae9f43251c576115 0ea2b77bfbfefca95b806b8027b1a2b8cae74a97b71baf016d82883f28309226 Loading...

	unknown	ScriptElement	29 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:38 Last Seen2024-08-20 16:38 Times Seen1 Hash fd39f3ea5dd8d9f2762618ad3af14390 5c33d8385c972c65be7073c2c7288f34e37739cd 82ad85eeb399cda834b6eea9e93381800b32f496395cf62277c2f2289f8345bb Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	2.0 kB	2023-08-26	2025-05-07
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-07 22:24 Times Seen476 Hash 26cfe07eb2a41d56de3cea428f409e37 4cbd1f05b65cfc7f247da284f1c02264ab526364 f4d6d67bfeda397cd7790aa0a80750cd642a100ea48bbd9e5580c34cce8ec14e Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	246 B	2023-08-26	2025-05-07
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-07 22:24 Times Seen1079 Hash 9ec45c98de528138d873351ee3004c1c be9c6a2c15144063bf95641ec4215a06199b4f5d 28bcb0154baedf9de9f39772f0e45b0c4d88d2e4a951fbd8b4234ea31bd9872a Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	353 B	2023-08-26	2025-04-20
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-04-20 18:15 Times Seen443 Hash 97346bfec286f5dbe3f8b0f08b0552bb 55416a8294f4affa372afbe0af079e41f1a09aa7 24d5ac94396789fb6d5f38f802fb52d60af036eea51f95abae15c8c649c80012 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	100 B	2023-08-26	2025-05-06
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-06 15:00 Times Seen953 Hash c9fa9cae563e0645b0e97ec4f1d0b9e8 60226580a1ebd8763c9df7e4ed67983dcaf1daee 37070777330ae75d3b9b744e7c90a6c85cde07b6a19fd9400683249cb8643fae Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	207 B	2023-08-26	2025-05-06
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-06 15:00 Times Seen870 Hash 1a5ece9807f619d0e109d520f6bc7fe9 47a78a3511304d5cea6209952cdd29f0ea86c175 a8e9a05883f511545b89f51a0a2d9d7bbca4eeaf717abfdf372e14c28b2d53b5 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	139 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 22:27 Times Seen1480 Hash d2687cc9c448d021f4d514857c263b44 9798b6831b702be05805b9b371f3dfb711f26992 73217c33bfb86ea09cd92cba325bef2fc5fe3ea6f1c80b6423e736dac412217c Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/script.compat.js	ScriptElement	1.4 kB	2023-09-14	2024-10-24
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/script.compat.js IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-14 18:41 Last Seen2024-10-24 23:28 Times Seen48 Hash 80d369914d99db44ac4aa60024adf5f8 74f20b735e0a88954a1a69ccc7af4c78e4d9c494 5a1bc6ee4cc04b8e259bb929bb29d87e8b7eb540f2dc67cbd3bb7dbbe57fd28f Loading...

	www.clarity.ms/s/0.7.20/clarity.js	ScriptElement	61 kB	2023-11-30	2024-08-20
Pretty URL www.clarity.ms/s/0.7.20/clarity.js IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 22:13 Last Seen2024-08-20 17:17 Times Seen75 Hash fb9b1f0355f169c08596444c68ee49bc bf9044665a2c86577306c547663ea56118e29179 cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/jupiter.js	ScriptElement	503 B	2023-03-07	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/jupiter.js IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 22:27 Times Seen4282 Hash cd6c33fbc221d0271c910af910e6ebed 9b52f24d6f10b885bb19db1c4b531469f96d2914 318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	331 B	2023-08-26	2025-05-09
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-09 00:49 Times Seen649 Hash c5460cd2c0b1f0733bdbe0ff9fba46cf c05af44cd16ff7d059fcca90da279b2c2ab2ab2c 8eb34480b3273dc38a8d0b7d38ec4dbf09dce863f7b2aa6c5af78d5e87d7c811 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	262 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 22:27 Times Seen1398 Hash 74061bf8c774116268d7d795e3dbbcf9 8b10cd4c53b815ce536e3f5ce5cb8ba24c74fda7 387f0020bad465fcfc73b9efccf6827948693f24dd51b4ea1afa945509e46f41 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	134 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 22:27 Times Seen1345 Hash bd29bc7e3ebedad970cfd7eff3ab332a 3b44a7c185631660d9590fc6e0ef42f9d1398995 4e024c3aa1ca15aaf533e0893b7b1de8cb561f317b49c61ec884b90f39937db3 Loading...

	code.jquery.com/jquery-1.4.4.min.js	ScriptElement	79 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-1.4.4.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-11 09:54 Times Seen4870 Hash 73a9c334c5ca71d70d092b42064f6476 b75990598ee8d3895448ed9d08726af63109f842 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c Loading...

	www.googletagmanager.com/gtag/js?id=G-VLF2FX8QTN	ScriptElement	280 kB	2023-12-05	2023-12-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-VLF2FX8QTN IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 21:33 Last Seen2023-12-05 21:33 Times Seen1 Hash ed753754a58b90d3e8546a96318729b5 9a5aed8159bdfcd6e5eaf0cd1ff1ca759471fade dc157aec947882d02a4ff1f5421407d4754f6b32a477d1aa01ef9495db521d5e Loading...

	unknown	EventHandler	19 B	2023-04-10	2025-05-10
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23 Last Seen2025-05-10 22:27 Times Seen7895 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	499 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 18:23 Times Seen985 Hash ce537a44db51b0cae35ab7dfa6ed4644 dfb27cd6622a51999753392a6689f8b67cd0c3b2 7be28397b0fbed39828c70251b4fb256ddfc1a091a2066e61351e1d9681d7629 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	73 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 18:23 Times Seen1545 Hash cd05d2ea6e1e26930fe1232ce0f4709f 1e411c92606c409da1deff96d681bc7c03c3ad35 1515e9dededc6a4e090e8e60a43d98dcc6a44b5f6a8f146244c4e49b5f73f945 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	341 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 18:23 Times Seen823 Hash 1e17fbd37b252bb0f58d6b5395193e23 7a9e03e23171b13a5777a98473fe28a2ad3a946b 831f5dd5cf7871e2cb27909e9babee14485a3c06a2698dbbdd897391f763dfb8 Loading...

	www.clarity.ms/tag/inyarm3guy	ScriptElement	650 B	2023-12-05	2023-12-05
Pretty URL www.clarity.ms/tag/inyarm3guy IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 21:11 Last Seen2023-12-05 21:42 Times Seen4 Hash 76d973d92abc0a4c662dcd32ddbd2d27 e378bea708973761e617b79b9046034007fd47d1 f4c6384990b290ccc7153356ca99f29a0f21e1b70c49c78dae8206381ad51df6 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/nvidia.js	ScriptElement	2.1 kB	2023-09-03	2025-05-06
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/nvidia.js IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-03 13:51 Last Seen2025-05-06 15:00 Times Seen959 Hash 6ebcbed0dc957cd9298e2629e35a0139 e1603b3e92c0828daebd15b2ddd12c22ceed5b20 73310aa233204005c5d97ccd8b6c8c06dda83205f1de6571aa798400fb5bedeb Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	141 B	2023-08-26	2025-05-09
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-09 00:49 Times Seen736 Hash 39dd3d7103fc91da89611e596fd42a2c 168f5f97010b42b0ccb2765bc73f156c4b163a9b b722373934d378dcb69cefac605ecc95f847c803accff3a64f791eb5910b12a0 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	94 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 22:11 Times Seen1097 Hash e118dc8196693ba5829b64d3900a44d1 c1af9a5738e8fd92300b16a10c072c91c8188098 74fd362e8ed5cd59129d7d3cfbde3ce0f2fffd815d04d34037d70932f229a8c4 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	90 B	2023-05-13	2025-04-29
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-13 00:31 Last Seen2025-04-29 17:22 Times Seen1047 Hash e549f355ec9b013498cee4479b6c1734 ee702e014a1491972cf45f03d601a4cb1d722e2d 70fcad8ae74a4d5b135d85561562a134705ee5f42437d6a82dde5c1e6eb7f9d4 Loading...

HTTP Transactions (46)

URL IP Response Size

nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html

52.239.170.33

200 OK

36 kB

URL User Request GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (522)
Size
36 kB (35662 bytes)
Hash
42fae46f61cd6484618001137c3a3661
a7b30496fc30de72948e7dc8a5f3fe080a7e7f20
e0ccd766eceb21b92d21f03b5b0402ee6f89a045f181a335ba20509c589e4afc

HTTP Headers

GET /Win08SuDeEr086/index.html HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 35662
Content-Type: text/html
Content-MD5: Qvrkb2HNZIRhgAETfDo2YQ==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63BBB5498"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e6b76d98-b01e-008a-2bba-2784de000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:08 GMT

code.jquery.com/jquery-1.4.4.min.js

151.101.66.137

200 OK

27 kB

URL GET HTTP/2
code.jquery.com/jquery-1.4.4.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (820)
Size
27 kB (27078 bytes)
Hash
73a9c334c5ca71d70d092b42064f6476
b75990598ee8d3895448ed9d08726af63109f842
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

HTTP Headers

GET /jquery-1.4.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-13309"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 05 Dec 2023 20:33:09 GMT
age: 3681005
x-served-by: cache-lga21980-LGA, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 8715, 1
x-timer: S1701808389.147812,VS0,VE16
vary: Accept-Encoding
content-length: 27078
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-VLF2FX8QTN

142.250.74.72

200 OK

93 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-VLF2FX8QTN
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
93 kB (93036 bytes)
Hash
ed753754a58b90d3e8546a96318729b5
9a5aed8159bdfcd6e5eaf0cd1ff1ca759471fade
dc157aec947882d02a4ff1f5421407d4754f6b32a477d1aa01ef9495db521d5e

HTTP Headers

GET /gtag/js?id=G-VLF2FX8QTN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 20:33:09 GMT
expires: Tue, 05 Dec 2023 20:33:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93036
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nnb44.z13.web.core.windows.net/Win08SuDeEr086/tapa.css

52.239.170.33

200 OK

18 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/tapa.css
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
assembler source, ASCII text, with very long lines (324), with CRLF line terminators
Size
18 kB (18100 bytes)
Hash
61b8b80c330b89cc536fa4fc8afb3eb5
f3ecea02c164cddc93d278b39434b224541407bc
22b2c21cd86ff8e53b784c5e40608872a0666f3682d1331829eb8a643f50b3e4

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/tapa.css HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 18100
Content-Type: text/css
Content-MD5: Ybi4DDMLicxTb6T8ivs+tQ==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C66BD5B"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e6b77124-b01e-008a-01ba-2784de000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/script.compat.js

52.239.170.33

200 OK

1.4 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/script.compat.js
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
ASCII text, with very long lines (1388)
Size
1.4 kB (1389 bytes)
Hash
80d369914d99db44ac4aa60024adf5f8
74f20b735e0a88954a1a69ccc7af4c78e4d9c494
5a1bc6ee4cc04b8e259bb929bb29d87e8b7eb540f2dc67cbd3bb7dbbe57fd28f

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/script.compat.js HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1389
Content-Type: text/javascript
Content-MD5: gNNpkU2Z20SsSqYAJK31+A==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C10E1ED"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e6b771f3-b01e-008a-46ba-2784de000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/nvidia.js

52.239.170.33

200 OK

2.1 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/nvidia.js
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
ASCII text, with very long lines (2055), with no line terminators
Size
2.1 kB (2055 bytes)
Hash
6ebcbed0dc957cd9298e2629e35a0139
e1603b3e92c0828daebd15b2ddd12c22ceed5b20
73310aa233204005c5d97ccd8b6c8c06dda83205f1de6571aa798400fb5bedeb

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/nvidia.js HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 2055
Content-Type: text/javascript
Content-MD5: bry+0NyVfNkpjiYp41oBOQ==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C11570A"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cd32c0e9-e01e-004c-2dba-274f5f000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/jupiter.js

52.239.170.33

200 OK

503 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/jupiter.js
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
ASCII text, with CRLF line terminators
Size
503 B (503 bytes)
Hash
cd6c33fbc221d0271c910af910e6ebed
9b52f24d6f10b885bb19db1c4b531469f96d2914
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/jupiter.js HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 503
Content-Type: text/javascript
Content-MD5: zWwz+8Ih0CcckQr5EObr7Q==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63BB7ABA3"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d6a306f9-201e-0098-03ba-27ff0e000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:08 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/noir.js

52.239.170.33

200 OK

84 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/noir.js
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
ASCII text, with very long lines (32180)
Size
84 kB (84272 bytes)
Hash
a8325a8dddc75eb4cd78a4c9d207aaf3
5a956570fbffd26b497f38ea3a28f0bc075d5efc
46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/noir.js HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 84272
Content-Type: text/javascript
Content-MD5: qDJajd3HXrTNeKTJ0geq8w==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C03EB8D"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4c78f1a3-201e-00a7-20ba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/pcm.png

52.239.170.33

200 OK

1.3 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/pcm.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 166 x 92, 4-bit colormap, non-interlaced\012- data
Size
1.3 kB (1270 bytes)
Hash
05cdf1a2c2fc8f07bea0a8f4f9356637
b7bbd626d1d6c832509e820cae1d971b34f625e6
afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/pcm.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1270
Content-Type: image/png
Content-MD5: Bc3xosL8jwe+oKj0+TVmNw==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C117E14"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e6b77620-b01e-008a-2dba-2784de000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/re.gif

52.239.170.33

200 OK

15 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/re.gif
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
GIF image data, version 89a, 193 x 71\012- data
Size
15 kB (14751 bytes)
Hash
6fcb78e0cd7933a70eea2cf071f82118
70364bffd62fe33360abe70ecc7f7c0541b3b54c
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/re.gif HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 14751
Content-Type: image/gif
Content-MD5: b8t44M15M6cO6izwcfghGA==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C117E14"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4c78f23c-201e-00a7-2dba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/bel.png

52.239.170.33

200 OK

276 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/bel.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 13 x 13, 8-bit colormap, non-interlaced\012- data
Size
276 B (276 bytes)
Hash
7616d96c388301e391653647e1f5f057
b1868c8f0f46309a8e26f584ac82000d54c06ecd
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/bel.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 276
Content-Type: image/png
Content-MD5: dhbZbDiDAeORZTZH4fXwVw==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63B6049C9"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cd32c239-e01e-004c-51ba-274f5f000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/mnc.png

52.239.170.33

200 OK

187 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/mnc.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 140 x 30, 1-bit colormap, non-interlaced\012- data
Size
187 B (187 bytes)
Hash
271021cfa45940978184be0489841fd3
201030af9b1bc5d3c8d453efbfdf89b68d6c1be5
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/mnc.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 187
Content-Type: image/png
Content-MD5: JxAhz6RZQJeBhL4EiYQf0w==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63BBB2D8D"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7dfcfb5d-901e-0034-10ba-27eca7000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/cs.png

52.239.170.33

200 OK

2.7 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/cs.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 520 x 520, 8-bit colormap, non-interlaced\012- data
Size
2.7 kB (2681 bytes)
Hash
b01a30d354bfcf51edf33e0b0ea07402
c421359518d1ae258237bf501c563b7f059f8b9b
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/cs.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 2681
Content-Type: image/png
Content-MD5: sBow01S/z1Ht8z4LDqB0Ag==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63B618215"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2ca29a10-501e-0059-49ba-2758ec000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/f24.png

52.239.170.33

200 OK

25 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/f24.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 800 x 455, 8-bit colormap, non-interlaced\012- data
Size
25 kB (25288 bytes)
Hash
38ab4e4a2df49047c71ff96553a3ec05
7ccfcdc72611e9134790e555d1feeee63d8c8121
5e0506e9f5736d25677b197cb223b3c6de29d52d06da4aa9a4b2006b28d5039a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/f24.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 25288
Content-Type: image/png
Content-MD5: OKtOSi30kEfHH/llU6PsBQ==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63B87F024"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d6a309cc-201e-0098-26ba-27ff0e000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/msmm.png

52.239.170.33

200 OK

168 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/msmm.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 31 x 30, 4-bit colormap, non-interlaced\012- data
Size
168 B (168 bytes)
Hash
acb05ebcd5f488fc99169cff02b6dd04
dca893a7b514503e947a57aa072482a0e0cba912
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/msmm.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 168
Content-Type: image/png
Content-MD5: rLBevNX0iPyZFpz/ArbdBA==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63BC2F48E"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e6b77731-b01e-008a-2bba-2784de000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/set.png

52.239.170.33

200 OK

364 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/set.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
364 B (364 bytes)
Hash
e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/set.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 364
Content-Type: image/png
Content-MD5: 4UTDN4CQCHyM4SmjDLbLTg==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C5163CB"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4c78f29c-201e-00a7-04ba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/vsc.png

52.239.170.33

200 OK

722 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/vsc.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 128 x 128, 1-bit colormap, non-interlaced\012- data
Size
722 B (722 bytes)
Hash
42d8f2cc1ae5759c2369f255f36ebc03
8e592162eec14e72d0a751d714a641dbece91f6b
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/vsc.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 722
Content-Type: image/png
Content-MD5: QtjyzBrldZwjafJV8268Aw==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C66965A"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cd32c2d5-e01e-004c-56ba-274f5f000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/dm.png

52.239.170.33

200 OK

332 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/dm.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 100 x 100, 1-bit colormap, non-interlaced\012- data
Size
332 B (332 bytes)
Hash
9d8a90a63d20f05d27e5d6abb35e0cd0
5873b4007e9d55b4d891a4c427b3735ed23dbfe8
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/dm.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 332
Content-Type: image/png
Content-MD5: nYqQpj0g8F0n5dars14M0A==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63B6070D4"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7dfcfbe8-901e-0034-0dba-27eca7000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

www.clarity.ms/tag/inyarm3guy

13.107.246.53

200 OK

650 B

URL GET HTTP/2
www.clarity.ms/tag/inyarm3guy
IP
13.107.246.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerDigiCert Inc
Subjectwww.clarity.ms
Fingerprint9C:5D:5A:4A:14:86:80:29:07:68:2B:AA:61:27:87:4B:30:FA:43:F4
ValidityTue, 29 Aug 2023 00:00:00 GMT - Thu, 29 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (650), with no line terminators
Size
650 B (650 bytes)
Hash
76d973d92abc0a4c662dcd32ddbd2d27
e378bea708973761e617b79b9046034007fd47d1
f4c6384990b290ccc7153356ca99f29a0f21e1b70c49c78dae8206381ad51df6

HTTP Headers

GET /tag/inyarm3guy HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 650
content-type: application/x-javascript
expires: -1
set-cookie: CLID=80d718f48ae942ffa204765081bb5c7d.20231205.20241204; expires=Wed, 04 Dec 2024 20:33:10 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
x-cache: CONFIG_NOCACHE
x-azure-ref: 0BYlvZQAAAABHtKvXzdkJT77y8LmQCPq1U1ZHMjBFREdFMDUxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 05 Dec 2023 20:33:09 GMT
X-Firefox-Spdy: h2

nnb44.z13.web.core.windows.net/api/event

52.239.170.33

405 The resource doesn't support specified Http Verb.

335 B

URL POST HTTP/1.1
nnb44.z13.web.core.windows.net/api/event
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (335), with no line terminators
Size
335 B (335 bytes)
Hash
d4fb0bff95c93e6b6484e83fbd5fbb26
0065af4e1b4b106689d82fb398105e3d17b60ef3
68f3f6915e2cdf38c0fcc97d90136e1832a91e3d849d65e963ab5b3013a41737

HTTP Headers

POST /api/event HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 119
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 405 The resource doesn't support specified Http Verb.
Allow: GET,HEAD
Content-Length: 335
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: UnsupportedHttpVerb
x-ms-request-id: 2ca29af5-501e-0059-80ba-2758ec000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

ipwho.is/?lang=en

195.201.57.90

200 OK

668 B

URL GET HTTP/1.1
ipwho.is/?lang=en
IP
195.201.57.90:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerGoGetSSL
Subjectipwho.is
FingerprintCF:72:15:7E:2B:59:F6:B9:88:69:73:70:91:60:90:87:80:67:B9:A4
ValidityWed, 05 Apr 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (668), with no line terminators
Size
668 B (668 bytes)
Hash
2ae6ee5a1182a1eef1e6de7ef20cd75e
a2f7fc0ad5db3d8e54d2b68010b76453fb89d904
bdc19f82abf1ad50ac74ba080e1e3112a880d3e840abf25b1bd758e91ae95be6

HTTP Headers

GET /?lang=en HTTP/1.1
Host: ipwho.is
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 20:33:10 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: ipwhois
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
X-Robots-Tag: noindex

nnb44.z13.web.core.windows.net/Win08SuDeEr086/ai2.mp3

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/ai2.mp3
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
5ec1e4e973687a1fac7f790d30bc062f
5e4e3ebe6929d5e258268dd643407f567be3837b
cd4966f3948f85330ef96d59441e1b145d3e104e4d43af81703827c0a14ecc77

HTTP Headers

GET /Win08SuDeEr086/ai2.mp3 HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c78f2e7-201e-00a7-49ba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/_Fm7-alert.mp3

52.239.170.33

206 Partial Content

201 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/_Fm7-alert.mp3
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2, 64 kbps, 22.05 kHz, Monaural\012- data
Size
201 kB (200832 bytes)
Hash
0116152611dd51432e852781f8cc7e82
2408d3d281b25649894f78a4e19f7f8a8ac735f9
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/_Fm7-alert.mp3 HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Content-Length: 200832
Content-Type: audio/mpeg
Content-Range: bytes 0-200831/200832
Last-Modified: Tue, 05 Dec 2023 17:18:45 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C882318"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d6a30ba9-201e-0098-6cba-27ff0e000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:09 GMT

c.clarity.ms/c.gif

68.219.88.97

302 Found

0 B

URL GET HTTP/2
c.clarity.ms/c.gif
IP
68.219.88.97:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjectc.msn.com
FingerprintD5:8D:1D:2A:BC:86:78:79:30:4B:23:9E:B9:3A:CA:CC:F7:AF:26:61
ValidityTue, 06 Jun 2023 15:27:17 GMT - Fri, 31 May 2024 15:27:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4D406291E28747EBA311E1196941AED5&RedC=c.clarity.ms&MXFR=2078536AD421657610AB40B4D0216B5D
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=2078536AD421657610AB40B4D0216B5D; domain=.clarity.ms; expires=Sun, 29-Dec-2024 20:33:10 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 05 Dec 2023 20:33:10 GMT
content-length: 0
X-Firefox-Spdy: h2

c.bing.com/c.gif?ctsa=mr&CtsSyncId=4D406291E28747EBA311E1196941AED5&RedC=c.clarity.ms&MXFR=2078536AD421657610AB40B4D0216B5D

204.79.197.200

302 Found

0 B

URL GET HTTP/2
c.bing.com/c.gif?ctsa=mr&CtsSyncId=4D406291E28747EBA311E1196941AED5&RedC=c.clarity.ms&MXFR=2078536AD421657610AB40B4D0216B5D
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?ctsa=mr&CtsSyncId=4D406291E28747EBA311E1196941AED5&RedC=c.clarity.ms&MXFR=2078536AD421657610AB40B4D0216B5D HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nnb44.z13.web.core.windows.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4D406291E28747EBA311E1196941AED5&MUID=0F329C52EE1D6DAF053C8F8CEFE86CF9
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=0F329C52EE1D6DAF053C8F8CEFE86CF9; domain=.bing.com; expires=Sun, 29-Dec-2024 20:33:10 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.bing.com; expires=Tue, 12-Dec-2023 20:33:10 GMT; path=/; SameSite=None; Secure;
SRM_B=0F329C52EE1D6DAF053C8F8CEFE86CF9; domain=c.bing.com; expires=Sun, 29-Dec-2024 20:33:10 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 740AD070968B4989BF17B0F44FFDA117 Ref B: OSL30EDGE0115 Ref C: 2023-12-05T20:33:10Z
date: Tue, 05 Dec 2023 20:33:10 GMT
content-length: 0
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4D406291E28747EBA311E1196941AED5&MUID=0F329C52EE1D6DAF053C8F8CEFE86CF9

68.219.88.97

200 OK

42 B

URL GET HTTP/2
c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4D406291E28747EBA311E1196941AED5&MUID=0F329C52EE1D6DAF053C8F8CEFE86CF9
IP
68.219.88.97:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjectc.msn.com
FingerprintD5:8D:1D:2A:BC:86:78:79:30:4B:23:9E:B9:3A:CA:CC:F7:AF:26:61
ValidityTue, 06 Jun 2023 15:27:17 GMT - Fri, 31 May 2024 15:27:17 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?ctsa=mr&CtsSyncId=4D406291E28747EBA311E1196941AED5&MUID=0F329C52EE1D6DAF053C8F8CEFE86CF9 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nnb44.z13.web.core.windows.net/
DNT: 1
Connection: keep-alive
Cookie: SM=T; MUID=2078536AD421657610AB40B4D0216B5D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
accept-ranges: bytes
etag: "8d59566974dbd91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=C; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=0F329C52EE1D6DAF053C8F8CEFE86CF9; domain=.clarity.ms; expires=Sun, 29-Dec-2024 20:33:10 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.clarity.ms; expires=Tue, 12-Dec-2023 20:33:10 GMT; path=/; SameSite=None; Secure;
ANONCHK=0; domain=c.clarity.ms; expires=Tue, 05-Dec-2023 20:43:10 GMT; path=/; SameSite=None; Secure;
date: Tue, 05 Dec 2023 20:33:10 GMT
content-length: 42
X-Firefox-Spdy: h2

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 776
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:33:10 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb44.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

321 B

URL GET
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
d2fa3bec63c8c8b71e36aa5818027a04
36b51e4aa8f3b1379326b8ebfa20421fca82885c
6a3bd40c5158e23b0afff4c70812630ded26b0778bfa26345ca88e3eb323fbea

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c78f553-201e-00a7-7dba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:10 GMT

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 34803
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Cookie: MUID=2078536AD421657610AB40B4D0216B5D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:33:11 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb44.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
f3c7262030bf47727bf4ca6e4af23197
c946c33b28cf5f9d650da9353548d8c2ae069065
1ef72b0685892b2d3dba98a391d732fe9877b363dbf48d0042ad27d30dddf4cc

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c78f77e-201e-00a7-5aba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:11 GMT

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2521
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Cookie: MUID=0F329C52EE1D6DAF053C8F8CEFE86CF9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:33:12 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb44.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

321 B

URL GET
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
a7112cec73b2b6f48b89b2ca384b9bd7
d284b216ae0eb8525df1840f1e486be9b6aa7a1b
7537de809a427f5be864e2a426e1e619bf3ac53fcdf5e5f2d836c2bcecf6becf

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c78f8f1-201e-00a7-33ba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:12 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
ec56d1671fb40cbb34a1a6d71c9043d9
b27850faac7f852f187b9cf5545c1404e254acb8
aae1d40dd4c3b54a20f95e169978729f2e24cee621113096adf513a9b663a92d

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c78fa84-201e-00a7-15ba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:13 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

321 B

URL GET
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
c124b010baf7b42a0d80d17f2eb2c187
ec52e435ec7147fa45135710b8975791d15101d3
4563ebede918e3abf4e81f734c932c49677194220a7bcb2bc5e4efaec5798c40

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c78fc5d-201e-00a7-36ba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:14 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
f30922b184d649b19b002583d09e9c7a
ab1590d65b259f44f1047a0ec4bad8c7fd0278e1
8f0c13e1ea7ba7b3039c9802dff07ca7910a3b07b7bb9bdc079d0671b16205bd

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c78fe65-201e-00a7-7fba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:16 GMT

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 622
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Cookie: MUID=0F329C52EE1D6DAF053C8F8CEFE86CF9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:33:16 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb44.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

321 B

URL GET
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
a216d275e387c8c7f0e4953efc166eab
07b3b19e07edb3896ca368544777b5ab6c3dc5b8
fec5ba9697cbd1e18246efc7e45e16527b6cf8667090d430610933761ede0755

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c78fffe-201e-00a7-5dba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:16 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
c18dffcf98dec523ea3562d545e07061
0dcd9eb5497f71a1e8ab1ef35a5a7c5f1179d38a
3f737ecb507a2900ee88640744091781506df3d4d017221a476abd23c3557224

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c790151-201e-00a7-6dba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:17 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

321 B

URL GET
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
261cdb5837bba78a75ae198cec9b91d6
a8ccd2e300dba8ea725664375389ae2d0c759709
7dc44d3df05596a8ff35ea323828f23d6a4abfe8609203744f8762dfcabcf5f7

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c790326-201e-00a7-02ba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:18 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
664cd9e6fe87ac1bc1d2a952687e73bd
e9de158f5e318a439eb79587dae1eb49caa43e05
7d2d855565ff6cdfd309644fa1b6c8a87154790ab42a55a9a415155a6d9d398e

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c790477-201e-00a7-22ba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:19 GMT

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 512
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Cookie: MUID=0F329C52EE1D6DAF053C8F8CEFE86CF9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:33:21 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb44.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

321 B

URL GET
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
ae6f6b7b9bed03f40a7d04f3a8ce00c1
f9b453e725cac26d8ec812e1d064484534e9181e
01526f117ed4c4d7010a3ed4eb5a8a7c2ebe2ddb6a6e784a34c8537b664b17f5

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c790643-201e-00a7-2fba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:20 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
f7f9aac706f6d70a5aa662a5c3591e01
50ca08bcffae959dd26ee0dd65b79a6fbdf46d14
35d1d67b125ef8296b5c01474df726cec203d9b4ac05b980c9d8950fd6979557

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c790855-201e-00a7-10ba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:21 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

321 B

URL GET
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
eea6ca292ddfd496568065b6d2ced19d
e3c10542eebbf9bd3688c9029fffb4584a84f235
1d23ac2a02c583b6314336c25197c3a8b3693411944129650699fcbeebc6fc4e

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c790a5d-201e-00a7-66ba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:22 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
edb275d3107c82860b83ea64efcbed21
a0161c341fa763b21a9d178e8f1c6ebfaf59344b
91c88845da6e5d204f81561538ffdc574be7f564a3d43a92e04acf156d2577c2

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808395.1.0.1701808395.0.0.0; _ga=GA1.1.2102730950.1701808395; _clck=11kbac2%7C2%7Cfha%7C0%7C1434; _clsk=1b10y9q%7C1701808396837%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: 4c790bd9-201e-00a7-34ba-2737ad000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:33:23 GMT

www.clarity.ms/s/0.7.20/clarity.js

13.107.246.53

200 OK

61 kB

URL GET HTTP/2
www.clarity.ms/s/0.7.20/clarity.js
IP
13.107.246.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerDigiCert Inc
Subjectwww.clarity.ms
Fingerprint9C:5D:5A:4A:14:86:80:29:07:68:2B:AA:61:27:87:4B:30:FA:43:F4
ValidityTue, 29 Aug 2023 00:00:00 GMT - Thu, 29 Aug 2024 23:59:59 GMT

File type

Size
61 kB (61023 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/0.7.20/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Cookie: CLID=80d718f48ae942ffa204765081bb5c7d.20231205.20241204
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Mon, 04 Dec 2023 12:08:18 GMT
accept-ranges: bytes
etag: "0x8DBF4C1B3818466"
x-cache: TCP_HIT
x-ms-request-id: 1de634c0-501e-005b-76de-2617e0000000
x-ms-version: 2018-03-28
access-control-allow-origin: *
x-azure-ref-originshield: 0RptuZQAAAADwvCqth/onT5WwcFEZ+Iu5QU1TMDRFREdFMTgwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0BolvZQAAAABgZy+wGHu1TIUKUwv3neq0U1ZHMjBFREdFMDUxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 05 Dec 2023 20:33:09 GMT
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash