Report - nnb48.z13.web.core.windows.net

Report Overview

Visited public
2023-12-05 20:42:11
Tags
fake_software scam
URL
nnb48.z13.web.core.windows.net
Finishing URL
nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
IP / ASN
20.209.1.110
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
Computer Error 2V7HG0TV07
Scam - Fake AntiVirus / Security software

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ipwho.is	unknown	2022-01-29	2020-06-08 13:52:47	2023-12-05 13:04:26	462 B	926 B	195.201.57.90
www.clarity.ms	1404	2017-04-03	2018-08-22 09:41:57	2023-12-03 14:34:54	944 B	22 kB	13.107.246.53
c.bing.com	247	1996-01-29	2012-05-22 12:26:32	2023-12-05 17:50:35	547 B	1.1 kB	204.79.197.200
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-05 05:09:20	436 B	28 kB	151.101.194.137
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-05 06:24:59	449 B	94 kB	216.58.207.200
c.clarity.ms	803	2017-04-03	2021-02-04 00:22:47	2023-12-05 18:14:45	1.0 kB	1.5 kB	68.219.88.97
y.clarity.ms	unknown	2017-04-03	2023-02-13 18:09:57	2023-12-02 17:34:41	2.8 kB	1.5 kB	104.211.35.148
nnb48.z13.web.core.windows.net	unknown	unknown	No data	No data	22 kB	408 kB	20.209.1.110
ocsp.usertrust.com	899	1997-12-05	2012-05-21 17:43:18	2023-12-05 13:10:27	342 B	825 B	104.18.38.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-05 20:41:57	medium	Client IP	Internal IP	ET INFO External IP Lookup Domain in DNS Lookup (ipwho .is)
2023-12-05 20:41:57	medium	Client IP	Internal IP	ET INFO External IP Lookup Domain in DNS Lookup (ipwho .is)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (30)

	URL	From	Size	First Seen	Last Seen
	www.clarity.ms/s/0.7.20/clarity.js	ScriptElement	61 kB	2023-11-30	2024-08-20
Pretty URL www.clarity.ms/s/0.7.20/clarity.js IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 22:13 Last Seen2024-08-20 17:17 Times Seen75 Hash fb9b1f0355f169c08596444c68ee49bc bf9044665a2c86577306c547663ea56118e29179 cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	153 B	2023-08-02	2024-08-20
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 23:15 Last Seen2024-08-20 16:38 Times Seen5 Hash 178cfa5922695acddc0231f7a09cb645 dbb2bdaa92b6634c4a50261be65155aec949c9b7 1d7831ffc42b64d06380c72fbef36ae16b56c7cb5e908f4260ea31cd10b909d6 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	120 B	2023-03-07	2025-05-10
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:11 Last Seen2025-05-10 22:27 Times Seen1802 Hash fb5ce230a20baf9bce84978701f34a28 bc1166d544f12f34e387980cd8c8e9abd111f579 1e1dc4934ec57af1a5653b1b8564edffc6e887db27ea7b1064d3c3f0e5a788f7 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	754 B	2023-08-26	2024-10-24
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2024-10-24 23:28 Times Seen47 Hash bad4869854542de2c6bd18e4d98e94b3 853084f61717586c335766263ba7124fd5032c8c f6dd7bb768420dfb8effee4dbabd0cbf92b68c9923e4aae11db3c7e5febbb4a3 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	309 B	2023-09-14	2024-08-21
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-14 18:41 Last Seen2024-08-21 06:53 Times Seen7 Hash 461c2c0ba5843ba44bdabf566b3f881d 483b009745372c4c9bf8ccc4c60e7e1b92a150f4 d46d71f630fa99ccff42b94cb81f893463eacd6f112a385e0e60e3c73357ed99 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	271 B	2023-08-26	2025-05-07
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-07 22:24 Times Seen392 Hash d93ca50849be01ed445da65b43acab48 48d660eb9e1cdd74e8fa66c4ae9f43251c576115 0ea2b77bfbfefca95b806b8027b1a2b8cae74a97b71baf016d82883f28309226 Loading...

	unknown	EventHandler	19 B	2023-04-10	2025-05-10
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23 Last Seen2025-05-10 22:27 Times Seen7895 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	2.0 kB	2023-08-26	2025-05-07
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-07 22:24 Times Seen476 Hash 26cfe07eb2a41d56de3cea428f409e37 4cbd1f05b65cfc7f247da284f1c02264ab526364 f4d6d67bfeda397cd7790aa0a80750cd642a100ea48bbd9e5580c34cce8ec14e Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	246 B	2023-08-26	2025-05-07
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-07 22:24 Times Seen1079 Hash 9ec45c98de528138d873351ee3004c1c be9c6a2c15144063bf95641ec4215a06199b4f5d 28bcb0154baedf9de9f39772f0e45b0c4d88d2e4a951fbd8b4234ea31bd9872a Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	353 B	2023-08-26	2025-04-20
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-04-20 18:15 Times Seen443 Hash 97346bfec286f5dbe3f8b0f08b0552bb 55416a8294f4affa372afbe0af079e41f1a09aa7 24d5ac94396789fb6d5f38f802fb52d60af036eea51f95abae15c8c649c80012 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	100 B	2023-08-26	2025-05-06
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-06 15:00 Times Seen953 Hash c9fa9cae563e0645b0e97ec4f1d0b9e8 60226580a1ebd8763c9df7e4ed67983dcaf1daee 37070777330ae75d3b9b744e7c90a6c85cde07b6a19fd9400683249cb8643fae Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/script.compat.js	ScriptElement	1.4 kB	2023-09-14	2024-10-24
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/script.compat.js IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-14 18:41 Last Seen2024-10-24 23:28 Times Seen48 Hash 80d369914d99db44ac4aa60024adf5f8 74f20b735e0a88954a1a69ccc7af4c78e4d9c494 5a1bc6ee4cc04b8e259bb929bb29d87e8b7eb540f2dc67cbd3bb7dbbe57fd28f Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	207 B	2023-08-26	2025-05-06
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-06 15:00 Times Seen870 Hash 1a5ece9807f619d0e109d520f6bc7fe9 47a78a3511304d5cea6209952cdd29f0ea86c175 a8e9a05883f511545b89f51a0a2d9d7bbca4eeaf717abfdf372e14c28b2d53b5 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	139 B	2023-08-26	2025-05-10
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 22:27 Times Seen1480 Hash d2687cc9c448d021f4d514857c263b44 9798b6831b702be05805b9b371f3dfb711f26992 73217c33bfb86ea09cd92cba325bef2fc5fe3ea6f1c80b6423e736dac412217c Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	331 B	2023-08-26	2025-05-09
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-09 00:49 Times Seen649 Hash c5460cd2c0b1f0733bdbe0ff9fba46cf c05af44cd16ff7d059fcca90da279b2c2ab2ab2c 8eb34480b3273dc38a8d0b7d38ec4dbf09dce863f7b2aa6c5af78d5e87d7c811 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/nvidia.js	ScriptElement	2.1 kB	2023-09-03	2025-05-06
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/nvidia.js IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-03 13:51 Last Seen2025-05-06 15:00 Times Seen959 Hash 6ebcbed0dc957cd9298e2629e35a0139 e1603b3e92c0828daebd15b2ddd12c22ceed5b20 73310aa233204005c5d97ccd8b6c8c06dda83205f1de6571aa798400fb5bedeb Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	262 B	2023-08-26	2025-05-10
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 22:27 Times Seen1398 Hash 74061bf8c774116268d7d795e3dbbcf9 8b10cd4c53b815ce536e3f5ce5cb8ba24c74fda7 387f0020bad465fcfc73b9efccf6827948693f24dd51b4ea1afa945509e46f41 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	134 B	2023-08-26	2025-05-10
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 22:27 Times Seen1345 Hash bd29bc7e3ebedad970cfd7eff3ab332a 3b44a7c185631660d9590fc6e0ef42f9d1398995 4e024c3aa1ca15aaf533e0893b7b1de8cb561f317b49c61ec884b90f39937db3 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	499 B	2023-08-26	2025-05-10
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 18:23 Times Seen985 Hash ce537a44db51b0cae35ab7dfa6ed4644 dfb27cd6622a51999753392a6689f8b67cd0c3b2 7be28397b0fbed39828c70251b4fb256ddfc1a091a2066e61351e1d9681d7629 Loading...

	www.clarity.ms/tag/inyarm3guy	ScriptElement	650 B	2023-12-05	2023-12-05
Pretty URL www.clarity.ms/tag/inyarm3guy IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 21:11 Last Seen2023-12-05 21:42 Times Seen4 Hash 76d973d92abc0a4c662dcd32ddbd2d27 e378bea708973761e617b79b9046034007fd47d1 f4c6384990b290ccc7153356ca99f29a0f21e1b70c49c78dae8206381ad51df6 Loading...

	www.googletagmanager.com/gtag/js?id=G-VLF2FX8QTN	ScriptElement	280 kB	2023-12-05	2023-12-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-VLF2FX8QTN IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 21:42 Last Seen2023-12-05 21:42 Times Seen1 Hash 8c44ddbf23bc52f604f4041c50deaf3e 8ce9dd0714704a3e7fe3646c5cdf7e93fa53519b c45132ddc148b82fb1aca206d92d61d39ca6016edb95fa977c916304c0bea282 Loading...

	code.jquery.com/jquery-1.4.4.min.js	ScriptElement	79 kB	2023-03-07	2025-05-10
Pretty URL code.jquery.com/jquery-1.4.4.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-10 22:27 Times Seen4869 Hash 73a9c334c5ca71d70d092b42064f6476 b75990598ee8d3895448ed9d08726af63109f842 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c Loading...

	unknown	ScriptElement	29 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:38 Last Seen2024-08-20 16:38 Times Seen1 Hash ec349d067180724b19dce2146eec3a69 e393cb97a5a676dff793989e551284c7b58aa5f6 04406daded255890cfdbb7eb3daf46b269dad7a1d269bed98fe897abf7808a90 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	73 B	2023-08-26	2025-05-10
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 18:23 Times Seen1545 Hash cd05d2ea6e1e26930fe1232ce0f4709f 1e411c92606c409da1deff96d681bc7c03c3ad35 1515e9dededc6a4e090e8e60a43d98dcc6a44b5f6a8f146244c4e49b5f73f945 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	341 B	2023-08-26	2025-05-10
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 18:23 Times Seen823 Hash 1e17fbd37b252bb0f58d6b5395193e23 7a9e03e23171b13a5777a98473fe28a2ad3a946b 831f5dd5cf7871e2cb27909e9babee14485a3c06a2698dbbdd897391f763dfb8 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/noir.js	ScriptElement	84 kB	2023-03-09	2025-05-10
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/noir.js IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:01 Last Seen2025-05-10 22:27 Times Seen2569 Hash a8325a8dddc75eb4cd78a4c9d207aaf3 5a956570fbffd26b497f38ea3a28f0bc075d5efc 46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	141 B	2023-08-26	2025-05-09
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-09 00:49 Times Seen736 Hash 39dd3d7103fc91da89611e596fd42a2c 168f5f97010b42b0ccb2765bc73f156c4b163a9b b722373934d378dcb69cefac605ecc95f847c803accff3a64f791eb5910b12a0 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	94 B	2023-08-26	2025-05-10
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 22:11 Times Seen1097 Hash e118dc8196693ba5829b64d3900a44d1 c1af9a5738e8fd92300b16a10c072c91c8188098 74fd362e8ed5cd59129d7d3cfbde3ce0f2fffd815d04d34037d70932f229a8c4 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/jupiter.js	ScriptElement	503 B	2023-03-07	2025-05-10
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/jupiter.js IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 22:27 Times Seen4282 Hash cd6c33fbc221d0271c910af910e6ebed 9b52f24d6f10b885bb19db1c4b531469f96d2914 318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479 Loading...

	nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	90 B	2023-05-13	2025-04-29
Pretty URL nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 20.209.1.110 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-13 00:31 Last Seen2025-04-29 17:22 Times Seen1047 Hash e549f355ec9b013498cee4479b6c1734 ee702e014a1491972cf45f03d601a4cb1d722e2d 70fcad8ae74a4d5b135d85561562a134705ee5f42437d6a82dde5c1e6eb7f9d4 Loading...

HTTP Transactions (50)

URL IP Response Size

nnb48.z13.web.core.windows.net/

20.209.1.110

1.5 kB

URL
nnb48.z13.web.core.windows.net/
IP
20.209.1.110:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.5 kB (1544 bytes)
Hash
1ed73fb74f612237df77f312c948ec24
0211b6e4d29f3450d017285e696e0408670d81db
47b6cc0f0396963724324339ba0eb296daffa1e8ebbd4c79b80abd944e2f180c

HTTP Headers

GET / HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1544
Content-Type: text/html
Content-MD5: Htc/t09hIjffd/MSyUjsJA==
Last-Modified: Tue, 05 Dec 2023 17:41:22 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B96561F82B"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c55f6625-b01e-0000-1fbb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:50 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html

20.209.1.110

200 OK

36 kB

URL User Request GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (522)
Size
36 kB (35662 bytes)
Hash
42fae46f61cd6484618001137c3a3661
a7b30496fc30de72948e7dc8a5f3fe080a7e7f20
e0ccd766eceb21b92d21f03b5b0402ee6f89a045f181a335ba20509c589e4afc

HTTP Headers

GET /Win08SuDeEr086/index.html HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 35662
Content-Type: text/html
Content-MD5: Qvrkb2HNZIRhgAETfDo2YQ==
Last-Modified: Tue, 05 Dec 2023 17:41:26 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B96821AA31"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c55f688f-b01e-0000-62bb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:50 GMT

code.jquery.com/jquery-1.4.4.min.js

151.101.194.137

200 OK

27 kB

URL GET HTTP/2
code.jquery.com/jquery-1.4.4.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (820)
Size
27 kB (27078 bytes)
Hash
73a9c334c5ca71d70d092b42064f6476
b75990598ee8d3895448ed9d08726af63109f842
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

HTTP Headers

GET /jquery-1.4.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-13309"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 05 Dec 2023 20:41:51 GMT
age: 3681527
x-served-by: cache-lga21980-LGA, cache-bma1664-BMA
x-cache: HIT, HIT
x-cache-hits: 8715, 7
x-timer: S1701808911.329363,VS0,VE0
vary: Accept-Encoding
content-length: 27078
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-VLF2FX8QTN

216.58.207.200

200 OK

93 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-VLF2FX8QTN
IP
216.58.207.200:443
ASN
#15169 GOOGLE

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
93 kB (93078 bytes)
Hash
8c44ddbf23bc52f604f4041c50deaf3e
8ce9dd0714704a3e7fe3646c5cdf7e93fa53519b
c45132ddc148b82fb1aca206d92d61d39ca6016edb95fa977c916304c0bea282

HTTP Headers

GET /gtag/js?id=G-VLF2FX8QTN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 20:41:51 GMT
expires: Tue, 05 Dec 2023 20:41:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93078
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nnb48.z13.web.core.windows.net/Win08SuDeEr086/noir.js

20.209.1.110

200 OK

84 kB

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/noir.js
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32180)
Size
84 kB (84272 bytes)
Hash
a8325a8dddc75eb4cd78a4c9d207aaf3
5a956570fbffd26b497f38ea3a28f0bc075d5efc
46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/noir.js HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 84272
Content-Type: text/javascript
Content-MD5: qDJajd3HXrTNeKTJ0geq8w==
Last-Modified: Tue, 05 Dec 2023 17:41:27 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B96897DBEA"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c55f6972-b01e-0000-35bb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:50 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/nvidia.js

20.209.1.110

200 OK

2.1 kB

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/nvidia.js
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2055), with no line terminators
Size
2.1 kB (2055 bytes)
Hash
6ebcbed0dc957cd9298e2629e35a0139
e1603b3e92c0828daebd15b2ddd12c22ceed5b20
73310aa233204005c5d97ccd8b6c8c06dda83205f1de6571aa798400fb5bedeb

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/nvidia.js HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 2055
Content-Type: text/javascript
Content-MD5: bry+0NyVfNkpjiYp41oBOQ==
Last-Modified: Tue, 05 Dec 2023 17:41:27 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B96874C3F0"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c55f6a9c-b01e-0000-46bb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/script.compat.js

20.209.1.110

200 OK

1.4 kB

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/script.compat.js
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1388)
Size
1.4 kB (1389 bytes)
Hash
80d369914d99db44ac4aa60024adf5f8
74f20b735e0a88954a1a69ccc7af4c78e4d9c494
5a1bc6ee4cc04b8e259bb929bb29d87e8b7eb540f2dc67cbd3bb7dbbe57fd28f

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/script.compat.js HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1389
Content-Type: text/javascript
Content-MD5: gNNpkU2Z20SsSqYAJK31+A==
Last-Modified: Tue, 05 Dec 2023 17:41:27 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B968928AB0"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b10179b0-201e-002d-64bb-275226000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/tapa.css

20.209.1.110

200 OK

18 kB

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/tapa.css
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
assembler source, ASCII text, with very long lines (324), with CRLF line terminators
Size
18 kB (18100 bytes)
Hash
61b8b80c330b89cc536fa4fc8afb3eb5
f3ecea02c164cddc93d278b39434b224541407bc
22b2c21cd86ff8e53b784c5e40608872a0666f3682d1331829eb8a643f50b3e4

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/tapa.css HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 18100
Content-Type: text/css
Content-MD5: Ybi4DDMLicxTb6T8ivs+tQ==
Last-Modified: Tue, 05 Dec 2023 17:41:28 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B968F9D8F9"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7e138371-001e-0058-20bb-27390a000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/jupiter.js

20.209.1.110

200 OK

503 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/jupiter.js
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
503 B (503 bytes)
Hash
cd6c33fbc221d0271c910af910e6ebed
9b52f24d6f10b885bb19db1c4b531469f96d2914
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/jupiter.js HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 503
Content-Type: text/javascript
Content-MD5: zWwz+8Ih0CcckQr5EObr7Q==
Last-Modified: Tue, 05 Dec 2023 17:41:26 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B9681F3BF1"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: de7bf6a0-b01e-005d-3abb-27ebd1000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:50 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/dm.png

20.209.1.110

200 OK

332 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/dm.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
PNG image data, 100 x 100, 1-bit colormap, non-interlaced\012- data
Size
332 B (332 bytes)
Hash
9d8a90a63d20f05d27e5d6abb35e0cd0
5873b4007e9d55b4d891a4c427b3735ed23dbfe8
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/dm.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 332
Content-Type: image/png
Content-MD5: nYqQpj0g8F0n5dars14M0A==
Last-Modified: Tue, 05 Dec 2023 17:41:26 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B967E77AC4"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c55f6b1f-b01e-0000-43bb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/set.png

20.209.1.110

200 OK

364 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/set.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
364 B (364 bytes)
Hash
e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/set.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 364
Content-Type: image/png
Content-MD5: 4UTDN4CQCHyM4SmjDLbLTg==
Last-Modified: Tue, 05 Dec 2023 17:41:28 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B968E922F6"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b10179eb-201e-002d-1abb-275226000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/f24.png

20.209.1.110

200 OK

25 kB

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/f24.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
PNG image data, 800 x 455, 8-bit colormap, non-interlaced\012- data
Size
25 kB (25288 bytes)
Hash
38ab4e4a2df49047c71ff96553a3ec05
7ccfcdc72611e9134790e555d1feeee63d8c8121
5e0506e9f5736d25677b197cb223b3c6de29d52d06da4aa9a4b2006b28d5039a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/f24.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 25288
Content-Type: image/png
Content-MD5: OKtOSi30kEfHH/llU6PsBQ==
Last-Modified: Tue, 05 Dec 2023 17:41:26 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B9681FB0A1"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7e1383da-001e-0058-7dbb-27390a000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/cs.png

20.209.1.110

200 OK

2.7 kB

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/cs.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
PNG image data, 520 x 520, 8-bit colormap, non-interlaced\012- data
Size
2.7 kB (2681 bytes)
Hash
b01a30d354bfcf51edf33e0b0ea07402
c421359518d1ae258237bf501c563b7f059f8b9b
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/cs.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 2681
Content-Type: image/png
Content-MD5: sBow01S/z1Ht8z4LDqB0Ag==
Last-Modified: Tue, 05 Dec 2023 17:41:26 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B967E77AC4"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7360266f-a01e-006e-4dbb-27b47a000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/re.gif

20.209.1.110

200 OK

15 kB

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/re.gif
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 193 x 71\012- data
Size
15 kB (14751 bytes)
Hash
6fcb78e0cd7933a70eea2cf071f82118
70364bffd62fe33360abe70ecc7f7c0541b3b54c
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/re.gif HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 14751
Content-Type: image/gif
Content-MD5: b8t44M15M6cO6izwcfghGA==
Last-Modified: Tue, 05 Dec 2023 17:41:27 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B96893C1D3"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: de7bf732-b01e-005d-42bb-27ebd1000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:50 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/vsc.png

20.209.1.110

200 OK

722 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/vsc.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
PNG image data, 128 x 128, 1-bit colormap, non-interlaced\012- data
Size
722 B (722 bytes)
Hash
42d8f2cc1ae5759c2369f255f36ebc03
8e592162eec14e72d0a751d714a641dbece91f6b
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/vsc.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 722
Content-Type: image/png
Content-MD5: QtjyzBrldZwjafJV8268Aw==
Last-Modified: Tue, 05 Dec 2023 17:41:28 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B968FC4740"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 988314a0-d01e-005b-6fbb-27d86e000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

ocsp.usertrust.com/

104.18.38.233

282 B

URL
ocsp.usertrust.com/
IP
104.18.38.233:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
282 B (282 bytes)
Hash
8666cf051c1e35d45c02946c400e93e4
c4f2943322fd3f208f94d67eca415a90e08742ea
d76f2a6168f48e3d6fd2a68fa54c5f9952ceb6e6971a05c78ffc54df4fb122f1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 20:41:51 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Tue, 05 Dec 2023 01:02:32 GMT
Expires: Tue, 12 Dec 2023 01:02:31 GMT
Etag: "c4f2943322fd3f208f94d67eca415a90e08742ea"
Cache-Control: max-age=601083,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 368
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 830f1cc3786c0b69-OSL

nnb48.z13.web.core.windows.net/Win08SuDeEr086/msmm.png

20.209.1.110

168 B

URL GET
nnb48.z13.web.core.windows.net/Win08SuDeEr086/msmm.png
IP
20.209.1.110:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
PNG image data, 31 x 30, 4-bit colormap, non-interlaced\012- data
Size
168 B (168 bytes)
Hash
acb05ebcd5f488fc99169cff02b6dd04
dca893a7b514503e947a57aa072482a0e0cba912
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/msmm.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 168
Content-Type: image/png
Content-MD5: rLBevNX0iPyZFpz/ArbdBA==
Last-Modified: Tue, 05 Dec 2023 17:41:26 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B968400C87"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7e138453-001e-0058-6bbb-27390a000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/bel.png

20.209.1.110

200 OK

276 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/bel.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
PNG image data, 13 x 13, 8-bit colormap, non-interlaced\012- data
Size
276 B (276 bytes)
Hash
7616d96c388301e391653647e1f5f057
b1868c8f0f46309a8e26f584ac82000d54c06ecd
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/bel.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 276
Content-Type: image/png
Content-MD5: dhbZbDiDAeORZTZH4fXwVw==
Last-Modified: Tue, 05 Dec 2023 17:41:26 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B967C2DDD4"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c55f6b8d-b01e-0000-2abb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/mnc.png

20.209.1.110

200 OK

187 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/mnc.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
PNG image data, 140 x 30, 1-bit colormap, non-interlaced\012- data
Size
187 B (187 bytes)
Hash
271021cfa45940978184be0489841fd3
201030af9b1bc5d3c8d453efbfdf89b68d6c1be5
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/mnc.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 187
Content-Type: image/png
Content-MD5: JxAhz6RZQJeBhL4EiYQf0w==
Last-Modified: Tue, 05 Dec 2023 17:41:26 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B968403365"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b1017a32-201e-002d-59bb-275226000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/pcm.png

20.209.1.110

200 OK

1.3 kB

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/pcm.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
PNG image data, 166 x 92, 4-bit colormap, non-interlaced\012- data
Size
1.3 kB (1270 bytes)
Hash
05cdf1a2c2fc8f07bea0a8f4f9356637
b7bbd626d1d6c832509e820cae1d971b34f625e6
afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/pcm.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1270
Content-Type: image/png
Content-MD5: Bc3xosL8jwe+oKj0+TVmNw==
Last-Modified: Tue, 05 Dec 2023 17:41:27 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B9687648CF"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 736026e1-a01e-006e-30bb-27b47a000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

ipwho.is/?lang=en

195.201.57.90

200 OK

668 B

URL GET HTTP/1.1
ipwho.is/?lang=en
IP
195.201.57.90:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerGoGetSSL
Subjectipwho.is
FingerprintCF:72:15:7E:2B:59:F6:B9:88:69:73:70:91:60:90:87:80:67:B9:A4
ValidityWed, 05 Apr 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (668), with no line terminators
Size
668 B (668 bytes)
Hash
6b268822fa1859d191175f728c462fc3
ba2e7a176d90807ccb0a770f5e67a2e9440f4789
813dd6ee118a8bf72cdabb2f7c1697d26c9212522f64175421513f0fdc99ee63

HTTP Headers

GET /?lang=en HTTP/1.1
Host: ipwho.is
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nnb48.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 20:41:51 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: ipwhois
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
X-Robots-Tag: noindex

www.clarity.ms/tag/inyarm3guy

13.107.246.53

200 OK

650 B

URL GET HTTP/2
www.clarity.ms/tag/inyarm3guy
IP
13.107.246.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerDigiCert Inc
Subjectwww.clarity.ms
Fingerprint9C:5D:5A:4A:14:86:80:29:07:68:2B:AA:61:27:87:4B:30:FA:43:F4
ValidityTue, 29 Aug 2023 00:00:00 GMT - Thu, 29 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (650), with no line terminators
Size
650 B (650 bytes)
Hash
76d973d92abc0a4c662dcd32ddbd2d27
e378bea708973761e617b79b9046034007fd47d1
f4c6384990b290ccc7153356ca99f29a0f21e1b70c49c78dae8206381ad51df6

HTTP Headers

GET /tag/inyarm3guy HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 650
content-type: application/x-javascript
expires: -1
set-cookie: CLID=7a188a9ca16c49e1889e8cd940ea96cb.20231205.20241204; expires=Wed, 04 Dec 2024 20:41:51 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
x-cache: CONFIG_NOCACHE
x-azure-ref: 0D4tvZQAAAADniicsRKAWQYIG4lOg6o6/U1ZHMjBFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 05 Dec 2023 20:41:51 GMT
X-Firefox-Spdy: h2

nnb48.z13.web.core.windows.net/api/event

20.209.1.110

405 The resource doesn't support specified Http Verb.

335 B

URL POST HTTP/1.1
nnb48.z13.web.core.windows.net/api/event
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (335), with no line terminators
Size
335 B (335 bytes)
Hash
28e7581b14f7765273d4f9b0394472c0
69abe48ad96c599c399138aa027c4d5c86cd8255
19ebc0b002d6ab63620c52d46435323f0080394d0c3aa3b1a6ba791cccf88091

HTTP Headers

POST /api/event HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 156
Origin: https://nnb48.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 405 The resource doesn't support specified Http Verb.
Allow: GET,HEAD
Content-Length: 335
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: UnsupportedHttpVerb
x-ms-request-id: de7bf86d-b01e-005d-68bb-27ebd1000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/ai2.mp3

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/ai2.mp3
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
ea4cd838fa4e2f03b5dd69d2d401e2cf
0c6475b85b6b333086f7894d88fe801d369d52ff
eb1f23257d6b30c6f6caf976d66f0cd6c2f49a87c2b6b899d6173aa78e66708f

HTTP Headers

GET /Win08SuDeEr086/ai2.mp3 HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55f6c47-b01e-0000-52bb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

c.clarity.ms/c.gif

68.219.88.97

302 Found

0 B

URL GET HTTP/2
c.clarity.ms/c.gif
IP
68.219.88.97:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjectc.msn.com
FingerprintD5:8D:1D:2A:BC:86:78:79:30:4B:23:9E:B9:3A:CA:CC:F7:AF:26:61
ValidityTue, 06 Jun 2023 15:27:17 GMT - Fri, 31 May 2024 15:27:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=152B49884C2449F088AEBC1386AEF88B&RedC=c.clarity.ms&MXFR=01D9103E61216E921F6C03E065216012
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=01D9103E61216E921F6C03E065216012; domain=.clarity.ms; expires=Sun, 29-Dec-2024 20:41:52 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 05 Dec 2023 20:41:52 GMT
content-length: 0
X-Firefox-Spdy: h2

nnb48.z13.web.core.windows.net/Win08SuDeEr086/_Fm7-alert.mp3

20.209.1.110

206 Partial Content

201 kB

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/_Fm7-alert.mp3
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2, 64 kbps, 22.05 kHz, Monaural\012- data
Size
201 kB (200832 bytes)
Hash
0116152611dd51432e852781f8cc7e82
2408d3d281b25649894f78a4e19f7f8a8ac735f9
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/_Fm7-alert.mp3 HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Content-Length: 200832
Content-Type: audio/mpeg
Content-Range: bytes 0-200831/200832
Last-Modified: Tue, 05 Dec 2023 17:41:28 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B96971B67B"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9883151f-d01e-005b-52bb-27d86e000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:51 GMT

www.clarity.ms/s/0.7.20/clarity.js

13.107.246.53

200 OK

20 kB

URL GET HTTP/2
www.clarity.ms/s/0.7.20/clarity.js
IP
13.107.246.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerDigiCert Inc
Subjectwww.clarity.ms
Fingerprint9C:5D:5A:4A:14:86:80:29:07:68:2B:AA:61:27:87:4B:30:FA:43:F4
ValidityTue, 29 Aug 2023 00:00:00 GMT - Thu, 29 Aug 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (60926), with CRLF line terminators
Size
20 kB (20403 bytes)
Hash
fb9b1f0355f169c08596444c68ee49bc
bf9044665a2c86577306c547663ea56118e29179
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

HTTP Headers

GET /s/0.7.20/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/
Cookie: CLID=7a188a9ca16c49e1889e8cd940ea96cb.20231205.20241204
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Mon, 04 Dec 2023 12:08:18 GMT
accept-ranges: bytes
etag: "0x8DBF4C1B3818466"
x-cache: TCP_HIT
x-ms-request-id: 1de634c0-501e-005b-76de-2617e0000000
x-ms-version: 2018-03-28
access-control-allow-origin: *
x-azure-ref-originshield: 0RptuZQAAAADwvCqth/onT5WwcFEZ+Iu5QU1TMDRFREdFMTgwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 0EItvZQAAAAC9Lc5aTsNgSJjrxy2LJf4VU1ZHMjBFREdFMDUyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 05 Dec 2023 20:41:51 GMT
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=152B49884C2449F088AEBC1386AEF88B&MUID=15B093F27694610E2021802C77C360DD

68.219.88.97

200 OK

42 B

URL GET HTTP/2
c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=152B49884C2449F088AEBC1386AEF88B&MUID=15B093F27694610E2021802C77C360DD
IP
68.219.88.97:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjectc.msn.com
FingerprintD5:8D:1D:2A:BC:86:78:79:30:4B:23:9E:B9:3A:CA:CC:F7:AF:26:61
ValidityTue, 06 Jun 2023 15:27:17 GMT - Fri, 31 May 2024 15:27:17 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?ctsa=mr&CtsSyncId=152B49884C2449F088AEBC1386AEF88B&MUID=15B093F27694610E2021802C77C360DD HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nnb48.z13.web.core.windows.net/
DNT: 1
Connection: keep-alive
Cookie: SM=T; MUID=01D9103E61216E921F6C03E065216012
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
accept-ranges: bytes
etag: "8d59566974dbd91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=C; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=15B093F27694610E2021802C77C360DD; domain=.clarity.ms; expires=Sun, 29-Dec-2024 20:41:52 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.clarity.ms; expires=Tue, 12-Dec-2023 20:41:52 GMT; path=/; SameSite=None; Secure;
ANONCHK=0; domain=c.clarity.ms; expires=Tue, 05-Dec-2023 20:51:52 GMT; path=/; SameSite=None; Secure;
date: Tue, 05 Dec 2023 20:41:52 GMT
content-length: 42
X-Firefox-Spdy: h2

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 817
Origin: https://nnb48.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:41:52 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb48.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
7eb7248c20c4f0fa21f718a2729112fa
b9a780a06671423986ccb23563404e73692b0bfd
7980bf52459a6556a7fea73adc4f496860446274e7eb6a63aaa8dc240a1fe13a

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55f704d-b01e-0000-0bbb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:52 GMT

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 34856
Origin: https://nnb48.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/
Cookie: MUID=01D9103E61216E921F6C03E065216012
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:41:53 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb48.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
a39c8d9b7b909cfdf02e0ef28a0948a9
b49704f2418e22a03b412713ed17549ad9ce57a3
a1b5aa6193a9fd2d12f42af81821d8f1c951a64a47cd590d9e4aef71e27b42e7

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55f751b-b01e-0000-09bb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:53 GMT

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2512
Origin: https://nnb48.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/
Cookie: MUID=15B093F27694610E2021802C77C360DD
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:41:54 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb48.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
704830aa4468b1e7bf2bb702a8e002ac
24965c79f5d014fdd6c1d9ad9510fe349762c8ff
e67bd8f0db7432cb2284c49237e4e68d38570b6635e3c9012b64fe3b97d98df0

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55f7b88-b01e-0000-1bbb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:54 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
cf0ea821660262e6a8530e369962d721
9731a3fddf8f61d72943a128b46c79ed0724095c
ab59fed482f88548ed7428a32f02ced81c091b65e8189d5c8f2effa87fc0c2c7

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55f811b-b01e-0000-6bbb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:55 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
ec4980f13175a86ad20a4aaea5e26fe5
fd60bd53969baaccb903a2329a227418e0510ed2
f6e2bb324921f092f465b5bc8e76ad6687302437db7591e20e878d7072d5bdad

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55f8687-b01e-0000-7fbb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:56 GMT

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 626
Origin: https://nnb48.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/
Cookie: MUID=15B093F27694610E2021802C77C360DD
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:41:58 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb48.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
f09c74e665a5959b1d581b4d465bd605
78fda17204e25e217015c644cafa50fbaa219c5a
eb23259148ef489bde5f952d389c6c61a8668f0a36746618ad42b970efc845ac

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55f8b5f-b01e-0000-7fbb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:57 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
6cd791efe6a45dafab4ff55163370b34
d10bd98fa1b8994a8e57b5f32f53d9ee68145775
27f183160c38ddb951d366788ba12c5994cfc0ecfab6170ad4a23d4fb9f19398

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55f8fa4-b01e-0000-7abb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:58 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
34d8796112d5b5c653d092a7aeb924d6
d91e968db0037d9b970a1ac8d08222ef6e9e5586
f922ae9eb6165b22875e4bfac6950d5934b8aebdeb78a11da05d4a2909dbaaf2

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55f9425-b01e-0000-38bb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:41:59 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
bef1fa7fad570062ee98626d4b0e68d3
beaa9ce0ae6272e6ddd8a49d42027311e9cb88e0
2e570b425e32fffdd4babcd031c04c9111a44f4baa74ec41fcb1dc65c5cca8b6

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55f99ec-b01e-0000-67bb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:42:00 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
3cf27c8b16dd0f19706c97e193e825ff
18819d7468ec5e811acc569ba591f85f3dd3f8c4
cdc3414633617c995c4d25a0dd49e3c9d22da92c02daa3aa2ae3e9270c9ca7fe

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55f9fc7-b01e-0000-4cbb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:42:01 GMT

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 512
Origin: https://nnb48.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/
Cookie: MUID=15B093F27694610E2021802C77C360DD
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:42:02 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb48.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
03f0d65efd5bdb60a1107bebeb361e1d
38b2ff0559778056ef6e7a2542649c0272d9a2b8
cc918d5be81bdfe677b9f3bc719c5a6534e6435597739be6ea41d512c9a31880

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55fa4f9-b01e-0000-20bb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:42:02 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
667e076054c6e216fe15362b784050b7
060a2f8cca2d2bef6795c399fc02076ed6744709
738e2fe0e796557eb2511625abc59173eae13faec7d88be9ef031d00facf658b

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55faa1b-b01e-0000-56bb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:42:03 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
33d587f505848249f3f724eed5e336e9
8a422e0c594cd527eb25e4936b4f00827b1eba82
605102b4bc4d3c9a4232008d10cd6f16e7e6b85ce5cd166a75823681fe6fb5f1

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55faf73-b01e-0000-3cbb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:42:04 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
9bb4188e2b0db225c52b296422266ce1
0056cc94cef086913ee1d73b54cea4818a682507
203cea8a35c2b71fb610054ec04e0051c235ae9b88520821dbdddae6d1ffa67f

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55fb3c6-b01e-0000-42bb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:42:05 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
21696a8f3f077f9a33b5b339eaf0cc53
22a5f08d370e67877fc0ccb78aaed3070e971f7c
46805727f9bddab8fa3b0aefbee115ea9f0e4dcc269bc452d830d0e6477f9749

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55fb876-b01e-0000-15bb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:42:06 GMT

nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png

20.209.1.110

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb48.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
20.209.1.110:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
Fingerprint2A:A8:C1:A4:81:6F:6D:7B:03:D9:5A:E6:9A:10:70:88:3D:69:64:E5
ValidityTue, 14 Nov 2023 21:31:17 GMT - Thu, 27 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
3bc7976bdcff693bcda6aa66581344c7
473b7f1a404d9447a589c8737379875b6ec13dad
0f58b375a91db802b7b394f9a695f0d0e056c62d2c7436142930934e6d7de642

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb48.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701808917.1.0.1701808917.0.0.0; _ga=GA1.1.1655463850.1701808918; _clck=fdi2s6%7C2%7Cfha%7C0%7C1434; _clsk=15sx9k8%7C1701808918824%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: c55fbce2-b01e-0000-0dbb-27e155000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:42:07 GMT

c.bing.com/c.gif?ctsa=mr&CtsSyncId=152B49884C2449F088AEBC1386AEF88B&RedC=c.clarity.ms&MXFR=01D9103E61216E921F6C03E065216012

204.79.197.200

302 Found

42 B

URL GET HTTP/2
c.bing.com/c.gif?ctsa=mr&CtsSyncId=152B49884C2449F088AEBC1386AEF88B&RedC=c.clarity.ms&MXFR=01D9103E61216E921F6C03E065216012
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb48.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type

Size
42 B (42 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?ctsa=mr&CtsSyncId=152B49884C2449F088AEBC1386AEF88B&RedC=c.clarity.ms&MXFR=01D9103E61216E921F6C03E065216012 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nnb48.z13.web.core.windows.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=152B49884C2449F088AEBC1386AEF88B&MUID=15B093F27694610E2021802C77C360DD
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=15B093F27694610E2021802C77C360DD; domain=.bing.com; expires=Sun, 29-Dec-2024 20:41:52 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.bing.com; expires=Tue, 12-Dec-2023 20:41:52 GMT; path=/; SameSite=None; Secure;
SRM_B=15B093F27694610E2021802C77C360DD; domain=c.bing.com; expires=Sun, 29-Dec-2024 20:41:52 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E06FBE150BC24DC2B379E09ECFD12DBA Ref B: OSL30EDGE0410 Ref C: 2023-12-05T20:41:52Z
date: Tue, 05 Dec 2023 20:41:52 GMT
content-length: 0
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash