Report - nnb44.z13.web.core.windows.net/?url=https://www.youtube.com&id=5&gclid=EAIaIQobChMI5-_Esuf4ggMV6WRHAR34WwE2EAAYASAAEgJyCfD

Report Overview

Visited public
2023-12-05 20:11:32
Tags
fake_software scam
URL
nnb44.z13.web.core.windows.net/?url=https://www.youtube.com&id=5&gclid=EAIaIQobChMI5-_Esuf4ggMV6WRHAR34WwE2EAAYASAAEgJyCfD_BwE
Finishing URL
nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
IP / ASN
52.239.170.33
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
Computer Error 2V7HG0TV07
Scam - Fake AntiVirus / Security software

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nnb44.z13.web.core.windows.net	unknown	unknown	No data	No data	21 kB	408 kB	52.239.170.33
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-05 05:09:20	436 B	28 kB	151.101.194.137
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-05 06:24:59	449 B	94 kB	142.250.74.136
ipwho.is	unknown	2022-01-29	2020-06-08 13:52:47	2023-12-05 13:04:26	462 B	926 B	195.201.57.90
c.bing.com	247	1996-01-29	2012-05-22 12:26:32	2023-12-05 17:50:35	545 B	1.1 kB	13.107.21.200
ocsp.usertrust.com	899	1997-12-05	2012-05-21 17:43:18	2023-12-05 13:10:27	342 B	826 B	104.18.38.233
www.clarity.ms	1404	2017-04-03	2018-08-22 09:41:57	2023-12-03 14:34:54	944 B	23 kB	13.107.246.53
c.clarity.ms	803	2017-04-03	2021-02-04 00:22:47	2023-12-05 18:14:45	1.0 kB	1.5 kB	68.219.88.97
y.clarity.ms	unknown	2017-04-03	2023-02-13 18:09:57	2023-12-02 17:34:41	2.8 kB	1.5 kB	104.211.35.148

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-05 20:11:20	medium	Client IP	Internal IP	ET INFO External IP Lookup Domain in DNS Lookup (ipwho .is)
2023-12-05 20:11:20	medium	Client IP	Internal IP	ET INFO External IP Lookup Domain in DNS Lookup (ipwho .is)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (30)

	URL	From	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-VLF2FX8QTN	ScriptElement	280 kB	2023-12-05	2023-12-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-VLF2FX8QTN IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 21:11 Last Seen2023-12-05 21:11 Times Seen1 Hash b54f01a5dc33705b9fc38bed7f7f96a8 1de878825c9a6328a190b6e394e5b3580e2f74ed 474b1404dc689d084cd18c378a63020662511477edcb1a81d49e7cfa877bb3bd Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/noir.js	ScriptElement	84 kB	2023-03-09	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/noir.js IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:01 Last Seen2025-05-10 22:27 Times Seen2569 Hash a8325a8dddc75eb4cd78a4c9d207aaf3 5a956570fbffd26b497f38ea3a28f0bc075d5efc 46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/nvidia.js	ScriptElement	2.1 kB	2023-09-03	2025-05-06
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/nvidia.js IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-03 13:51 Last Seen2025-05-06 15:00 Times Seen959 Hash 6ebcbed0dc957cd9298e2629e35a0139 e1603b3e92c0828daebd15b2ddd12c22ceed5b20 73310aa233204005c5d97ccd8b6c8c06dda83205f1de6571aa798400fb5bedeb Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/jupiter.js	ScriptElement	503 B	2023-03-07	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/jupiter.js IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 22:27 Times Seen4282 Hash cd6c33fbc221d0271c910af910e6ebed 9b52f24d6f10b885bb19db1c4b531469f96d2914 318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479 Loading...

	www.clarity.ms/tag/inyarm3guy	ScriptElement	650 B	2023-12-05	2023-12-05
Pretty URL www.clarity.ms/tag/inyarm3guy IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 21:11 Last Seen2023-12-05 21:42 Times Seen4 Hash 76d973d92abc0a4c662dcd32ddbd2d27 e378bea708973761e617b79b9046034007fd47d1 f4c6384990b290ccc7153356ca99f29a0f21e1b70c49c78dae8206381ad51df6 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	153 B	2023-08-02	2024-08-20
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-02 23:15 Last Seen2024-08-20 16:38 Times Seen5 Hash 178cfa5922695acddc0231f7a09cb645 dbb2bdaa92b6634c4a50261be65155aec949c9b7 1d7831ffc42b64d06380c72fbef36ae16b56c7cb5e908f4260ea31cd10b909d6 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	120 B	2023-03-07	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:11 Last Seen2025-05-10 22:27 Times Seen1802 Hash fb5ce230a20baf9bce84978701f34a28 bc1166d544f12f34e387980cd8c8e9abd111f579 1e1dc4934ec57af1a5653b1b8564edffc6e887db27ea7b1064d3c3f0e5a788f7 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	754 B	2023-08-26	2024-10-24
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2024-10-24 23:28 Times Seen47 Hash bad4869854542de2c6bd18e4d98e94b3 853084f61717586c335766263ba7124fd5032c8c f6dd7bb768420dfb8effee4dbabd0cbf92b68c9923e4aae11db3c7e5febbb4a3 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/script.compat.js	ScriptElement	1.4 kB	2023-09-14	2024-10-24
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/script.compat.js IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-14 18:41 Last Seen2024-10-24 23:28 Times Seen48 Hash 80d369914d99db44ac4aa60024adf5f8 74f20b735e0a88954a1a69ccc7af4c78e4d9c494 5a1bc6ee4cc04b8e259bb929bb29d87e8b7eb540f2dc67cbd3bb7dbbe57fd28f Loading...

	unknown	ScriptElement	29 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:38 Last Seen2024-08-20 16:38 Times Seen1 Hash 628b42cb0db103bcfc373a6c22e1e2e1 2c1146e5fb9a9f67670954e9d2d7fc5a1569e879 8e50516bfec77f2b74df55e09324fdceab8149c8976a7e505298a2b064d632c1 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	309 B	2023-09-14	2024-08-21
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-14 18:41 Last Seen2024-08-21 06:53 Times Seen7 Hash 461c2c0ba5843ba44bdabf566b3f881d 483b009745372c4c9bf8ccc4c60e7e1b92a150f4 d46d71f630fa99ccff42b94cb81f893463eacd6f112a385e0e60e3c73357ed99 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	271 B	2023-08-26	2025-05-07
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-07 22:24 Times Seen392 Hash d93ca50849be01ed445da65b43acab48 48d660eb9e1cdd74e8fa66c4ae9f43251c576115 0ea2b77bfbfefca95b806b8027b1a2b8cae74a97b71baf016d82883f28309226 Loading...

	code.jquery.com/jquery-1.4.4.min.js	ScriptElement	79 kB	2023-03-07	2025-05-10
Pretty URL code.jquery.com/jquery-1.4.4.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-10 22:27 Times Seen4869 Hash 73a9c334c5ca71d70d092b42064f6476 b75990598ee8d3895448ed9d08726af63109f842 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	2.0 kB	2023-08-26	2025-05-07
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-07 22:24 Times Seen476 Hash 26cfe07eb2a41d56de3cea428f409e37 4cbd1f05b65cfc7f247da284f1c02264ab526364 f4d6d67bfeda397cd7790aa0a80750cd642a100ea48bbd9e5580c34cce8ec14e Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	246 B	2023-08-26	2025-05-07
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-07 22:24 Times Seen1079 Hash 9ec45c98de528138d873351ee3004c1c be9c6a2c15144063bf95641ec4215a06199b4f5d 28bcb0154baedf9de9f39772f0e45b0c4d88d2e4a951fbd8b4234ea31bd9872a Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	353 B	2023-08-26	2025-04-20
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-04-20 18:15 Times Seen443 Hash 97346bfec286f5dbe3f8b0f08b0552bb 55416a8294f4affa372afbe0af079e41f1a09aa7 24d5ac94396789fb6d5f38f802fb52d60af036eea51f95abae15c8c649c80012 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	100 B	2023-08-26	2025-05-06
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-06 15:00 Times Seen953 Hash c9fa9cae563e0645b0e97ec4f1d0b9e8 60226580a1ebd8763c9df7e4ed67983dcaf1daee 37070777330ae75d3b9b744e7c90a6c85cde07b6a19fd9400683249cb8643fae Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	207 B	2023-08-26	2025-05-06
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-06 15:00 Times Seen870 Hash 1a5ece9807f619d0e109d520f6bc7fe9 47a78a3511304d5cea6209952cdd29f0ea86c175 a8e9a05883f511545b89f51a0a2d9d7bbca4eeaf717abfdf372e14c28b2d53b5 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	139 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 22:27 Times Seen1480 Hash d2687cc9c448d021f4d514857c263b44 9798b6831b702be05805b9b371f3dfb711f26992 73217c33bfb86ea09cd92cba325bef2fc5fe3ea6f1c80b6423e736dac412217c Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	331 B	2023-08-26	2025-05-09
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-09 00:49 Times Seen649 Hash c5460cd2c0b1f0733bdbe0ff9fba46cf c05af44cd16ff7d059fcca90da279b2c2ab2ab2c 8eb34480b3273dc38a8d0b7d38ec4dbf09dce863f7b2aa6c5af78d5e87d7c811 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	262 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 22:27 Times Seen1398 Hash 74061bf8c774116268d7d795e3dbbcf9 8b10cd4c53b815ce536e3f5ce5cb8ba24c74fda7 387f0020bad465fcfc73b9efccf6827948693f24dd51b4ea1afa945509e46f41 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	134 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 22:27 Times Seen1345 Hash bd29bc7e3ebedad970cfd7eff3ab332a 3b44a7c185631660d9590fc6e0ef42f9d1398995 4e024c3aa1ca15aaf533e0893b7b1de8cb561f317b49c61ec884b90f39937db3 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	499 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 18:23 Times Seen985 Hash ce537a44db51b0cae35ab7dfa6ed4644 dfb27cd6622a51999753392a6689f8b67cd0c3b2 7be28397b0fbed39828c70251b4fb256ddfc1a091a2066e61351e1d9681d7629 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	73 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 18:23 Times Seen1545 Hash cd05d2ea6e1e26930fe1232ce0f4709f 1e411c92606c409da1deff96d681bc7c03c3ad35 1515e9dededc6a4e090e8e60a43d98dcc6a44b5f6a8f146244c4e49b5f73f945 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	341 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 18:23 Times Seen823 Hash 1e17fbd37b252bb0f58d6b5395193e23 7a9e03e23171b13a5777a98473fe28a2ad3a946b 831f5dd5cf7871e2cb27909e9babee14485a3c06a2698dbbdd897391f763dfb8 Loading...

	www.clarity.ms/s/0.7.20/clarity.js	ScriptElement	61 kB	2023-11-30	2024-08-20
Pretty URL www.clarity.ms/s/0.7.20/clarity.js IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 22:13 Last Seen2024-08-20 17:17 Times Seen75 Hash fb9b1f0355f169c08596444c68ee49bc bf9044665a2c86577306c547663ea56118e29179 cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	141 B	2023-08-26	2025-05-09
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-09 00:49 Times Seen736 Hash 39dd3d7103fc91da89611e596fd42a2c 168f5f97010b42b0ccb2765bc73f156c4b163a9b b722373934d378dcb69cefac605ecc95f847c803accff3a64f791eb5910b12a0 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	94 B	2023-08-26	2025-05-10
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 22:45 Last Seen2025-05-10 22:11 Times Seen1097 Hash e118dc8196693ba5829b64d3900a44d1 c1af9a5738e8fd92300b16a10c072c91c8188098 74fd362e8ed5cd59129d7d3cfbde3ce0f2fffd815d04d34037d70932f229a8c4 Loading...

	unknown	EventHandler	19 B	2023-04-10	2025-05-10
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23 Last Seen2025-05-10 22:27 Times Seen7895 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html	ScriptElement	90 B	2023-05-13	2025-04-29
Pretty URL nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html IP 52.239.170.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-13 00:31 Last Seen2025-04-29 17:22 Times Seen1047 Hash e549f355ec9b013498cee4479b6c1734 ee702e014a1491972cf45f03d601a4cb1d722e2d 70fcad8ae74a4d5b135d85561562a134705ee5f42437d6a82dde5c1e6eb7f9d4 Loading...

HTTP Transactions (49)

URL IP Response Size

nnb44.z13.web.core.windows.net/?url=https://www.youtube.com&id=5&gclid=EAIaIQobChMI5-_Esuf4ggMV6WRHAR34WwE2EAAYASAAEgJyCfD_BwE

52.239.170.33

1.5 kB

URL
nnb44.z13.web.core.windows.net/?url=https://www.youtube.com&id=5&gclid=EAIaIQobChMI5-_Esuf4ggMV6WRHAR34WwE2EAAYASAAEgJyCfD_BwE
IP
52.239.170.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.5 kB (1544 bytes)
Hash
1ed73fb74f612237df77f312c948ec24
0211b6e4d29f3450d017285e696e0408670d81db
47b6cc0f0396963724324339ba0eb296daffa1e8ebbd4c79b80abd944e2f180c

HTTP Headers

GET /?url=https://www.youtube.com&id=5&gclid=EAIaIQobChMI5-_Esuf4ggMV6WRHAR34WwE2EAAYASAAEgJyCfD_BwE HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1544
Content-Type: text/html
Content-MD5: Htc/t09hIjffd/MSyUjsJA==
Last-Modified: Tue, 05 Dec 2023 17:18:38 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63891B5B9"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 22947e7f-901e-00a2-38b7-27e576000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:12 GMT

code.jquery.com/jquery-1.4.4.min.js

151.101.194.137

200 OK

27 kB

URL GET HTTP/2
code.jquery.com/jquery-1.4.4.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (820)
Size
27 kB (27078 bytes)
Hash
73a9c334c5ca71d70d092b42064f6476
b75990598ee8d3895448ed9d08726af63109f842
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

HTTP Headers

GET /jquery-1.4.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-13309"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 05 Dec 2023 20:11:13 GMT
age: 3679689
x-served-by: cache-lga21980-LGA, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 8715, 1
x-timer: S1701807074.596700,VS0,VE1
vary: Accept-Encoding
content-length: 27078
X-Firefox-Spdy: h2

nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html

52.239.170.33

200 OK

36 kB

URL User Request GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (522)
Size
36 kB (35662 bytes)
Hash
42fae46f61cd6484618001137c3a3661
a7b30496fc30de72948e7dc8a5f3fe080a7e7f20
e0ccd766eceb21b92d21f03b5b0402ee6f89a045f181a335ba20509c589e4afc

HTTP Headers

GET /Win08SuDeEr086/index.html HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/?url=https://www.youtube.com&id=5&gclid=EAIaIQobChMI5-_Esuf4ggMV6WRHAR34WwE2EAAYASAAEgJyCfD_BwE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 35662
Content-Type: text/html
Content-MD5: Qvrkb2HNZIRhgAETfDo2YQ==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63BBB5498"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 22948072-901e-00a2-45b7-27e576000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:12 GMT

www.googletagmanager.com/gtag/js?id=G-VLF2FX8QTN

142.250.74.136

200 OK

93 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-VLF2FX8QTN
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
93 kB (93033 bytes)
Hash
b54f01a5dc33705b9fc38bed7f7f96a8
1de878825c9a6328a190b6e394e5b3580e2f74ed
474b1404dc689d084cd18c378a63020662511477edcb1a81d49e7cfa877bb3bd

HTTP Headers

GET /gtag/js?id=G-VLF2FX8QTN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 20:11:13 GMT
expires: Tue, 05 Dec 2023 20:11:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93033
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nnb44.z13.web.core.windows.net/Win08SuDeEr086/tapa.css

52.239.170.33

200 OK

18 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/tapa.css
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
assembler source, ASCII text, with very long lines (324), with CRLF line terminators
Size
18 kB (18100 bytes)
Hash
61b8b80c330b89cc536fa4fc8afb3eb5
f3ecea02c164cddc93d278b39434b224541407bc
22b2c21cd86ff8e53b784c5e40608872a0666f3682d1331829eb8a643f50b3e4

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/tapa.css HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 18100
Content-Type: text/css
Content-MD5: Ybi4DDMLicxTb6T8ivs+tQ==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C66BD5B"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 22948288-901e-00a2-4fb7-27e576000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:12 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/script.compat.js

52.239.170.33

200 OK

1.4 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/script.compat.js
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
ASCII text, with very long lines (1388)
Size
1.4 kB (1389 bytes)
Hash
80d369914d99db44ac4aa60024adf5f8
74f20b735e0a88954a1a69ccc7af4c78e4d9c494
5a1bc6ee4cc04b8e259bb929bb29d87e8b7eb540f2dc67cbd3bb7dbbe57fd28f

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/script.compat.js HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1389
Content-Type: text/javascript
Content-MD5: gNNpkU2Z20SsSqYAJK31+A==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C10E1ED"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 54e9a174-601e-0042-70b7-2766ef000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:13 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/nvidia.js

52.239.170.33

200 OK

2.1 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/nvidia.js
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
ASCII text, with very long lines (2055), with no line terminators
Size
2.1 kB (2055 bytes)
Hash
6ebcbed0dc957cd9298e2629e35a0139
e1603b3e92c0828daebd15b2ddd12c22ceed5b20
73310aa233204005c5d97ccd8b6c8c06dda83205f1de6571aa798400fb5bedeb

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/nvidia.js HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 2055
Content-Type: text/javascript
Content-MD5: bry+0NyVfNkpjiYp41oBOQ==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C11570A"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 12a2a995-001e-009f-37b7-27936d000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:13 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/jupiter.js

52.239.170.33

200 OK

503 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/jupiter.js
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
ASCII text, with CRLF line terminators
Size
503 B (503 bytes)
Hash
cd6c33fbc221d0271c910af910e6ebed
9b52f24d6f10b885bb19db1c4b531469f96d2914
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/jupiter.js HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 503
Content-Type: text/javascript
Content-MD5: zWwz+8Ih0CcckQr5EObr7Q==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63BB7ABA3"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4b47a646-b01e-007e-24b7-274f28000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:13 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/noir.js

52.239.170.33

200 OK

84 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/noir.js
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
ASCII text, with very long lines (32180)
Size
84 kB (84272 bytes)
Hash
a8325a8dddc75eb4cd78a4c9d207aaf3
5a956570fbffd26b497f38ea3a28f0bc075d5efc
46b5242c5eb6b3b71ef2606f2d0d700142ae58b53c6d018e6bf06bab62437e1b

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/noir.js HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 84272
Content-Type: text/javascript
Content-MD5: qDJajd3HXrTNeKTJ0geq8w==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C03EB8D"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cead77e4-f01e-006f-04b7-27d59c000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:13 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/cs.png

52.239.170.33

200 OK

2.7 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/cs.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 520 x 520, 8-bit colormap, non-interlaced\012- data
Size
2.7 kB (2681 bytes)
Hash
b01a30d354bfcf51edf33e0b0ea07402
c421359518d1ae258237bf501c563b7f059f8b9b
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/cs.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 2681
Content-Type: image/png
Content-MD5: sBow01S/z1Ht8z4LDqB0Ag==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63B618215"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 12a2abf0-001e-009f-4db7-27936d000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:13 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/vsc.png

52.239.170.33

200 OK

722 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/vsc.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 128 x 128, 1-bit colormap, non-interlaced\012- data
Size
722 B (722 bytes)
Hash
42d8f2cc1ae5759c2369f255f36ebc03
8e592162eec14e72d0a751d714a641dbece91f6b
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/vsc.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 722
Content-Type: image/png
Content-MD5: QtjyzBrldZwjafJV8268Aw==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C66965A"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4b47a7e0-b01e-007e-42b7-274f28000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:14 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/re.gif

52.239.170.33

200 OK

15 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/re.gif
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
GIF image data, version 89a, 193 x 71\012- data
Size
15 kB (14751 bytes)
Hash
6fcb78e0cd7933a70eea2cf071f82118
70364bffd62fe33360abe70ecc7f7c0541b3b54c
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/re.gif HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 14751
Content-Type: image/gif
Content-MD5: b8t44M15M6cO6izwcfghGA==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C117E14"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 229487c8-901e-00a2-6cb7-27e576000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:13 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/msmm.png

52.239.170.33

200 OK

168 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/msmm.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 31 x 30, 4-bit colormap, non-interlaced\012- data
Size
168 B (168 bytes)
Hash
acb05ebcd5f488fc99169cff02b6dd04
dca893a7b514503e947a57aa072482a0e0cba912
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/msmm.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 168
Content-Type: image/png
Content-MD5: rLBevNX0iPyZFpz/ArbdBA==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63BC2F48E"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cead79bd-f01e-006f-25b7-27d59c000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:14 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/set.png

52.239.170.33

200 OK

364 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/set.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
364 B (364 bytes)
Hash
e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/set.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 364
Content-Type: image/png
Content-MD5: 4UTDN4CQCHyM4SmjDLbLTg==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C5163CB"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 54e9a2ec-601e-0042-49b7-2766ef000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:13 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/mnc.png

52.239.170.33

200 OK

187 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/mnc.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 140 x 30, 1-bit colormap, non-interlaced\012- data
Size
187 B (187 bytes)
Hash
271021cfa45940978184be0489841fd3
201030af9b1bc5d3c8d453efbfdf89b68d6c1be5
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/mnc.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 187
Content-Type: image/png
Content-MD5: JxAhz6RZQJeBhL4EiYQf0w==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63BBB2D8D"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a26bcaea-c01e-0016-67b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:13 GMT

ocsp.usertrust.com/

104.18.38.233

282 B

URL
ocsp.usertrust.com/
IP
104.18.38.233:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
282 B (282 bytes)
Hash
8666cf051c1e35d45c02946c400e93e4
c4f2943322fd3f208f94d67eca415a90e08742ea
d76f2a6168f48e3d6fd2a68fa54c5f9952ceb6e6971a05c78ffc54df4fb122f1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 20:11:14 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Tue, 05 Dec 2023 01:02:32 GMT
Expires: Tue, 12 Dec 2023 01:02:31 GMT
Etag: "c4f2943322fd3f208f94d67eca415a90e08742ea"
Cache-Control: max-age=601083,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1669
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 830eefe6a85bb4fa-OSL

nnb44.z13.web.core.windows.net/Win08SuDeEr086/bel.png

52.239.170.33

200 OK

276 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/bel.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 13 x 13, 8-bit colormap, non-interlaced\012- data
Size
276 B (276 bytes)
Hash
7616d96c388301e391653647e1f5f057
b1868c8f0f46309a8e26f584ac82000d54c06ecd
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/bel.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 276
Content-Type: image/png
Content-MD5: dhbZbDiDAeORZTZH4fXwVw==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63B6049C9"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4b47a87c-b01e-007e-29b7-274f28000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:14 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/f24.png

52.239.170.33

200 OK

25 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/f24.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 800 x 455, 8-bit colormap, non-interlaced\012- data
Size
25 kB (25288 bytes)
Hash
38ab4e4a2df49047c71ff96553a3ec05
7ccfcdc72611e9134790e555d1feeee63d8c8121
5e0506e9f5736d25677b197cb223b3c6de29d52d06da4aa9a4b2006b28d5039a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/f24.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 25288
Content-Type: image/png
Content-MD5: OKtOSi30kEfHH/llU6PsBQ==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63B87F024"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 12a2ad14-001e-009f-0bb7-27936d000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:13 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/pcm.png

52.239.170.33

200 OK

1.3 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/pcm.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 166 x 92, 4-bit colormap, non-interlaced\012- data
Size
1.3 kB (1270 bytes)
Hash
05cdf1a2c2fc8f07bea0a8f4f9356637
b7bbd626d1d6c832509e820cae1d971b34f625e6
afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/pcm.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1270
Content-Type: image/png
Content-MD5: Bc3xosL8jwe+oKj0+TVmNw==
Last-Modified: Tue, 05 Dec 2023 17:18:44 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C117E14"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2294888f-901e-00a2-7cb7-27e576000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:13 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/dm.png

52.239.170.33

200 OK

332 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/dm.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 100 x 100, 1-bit colormap, non-interlaced\012- data
Size
332 B (332 bytes)
Hash
9d8a90a63d20f05d27e5d6abb35e0cd0
5873b4007e9d55b4d891a4c427b3735ed23dbfe8
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/dm.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 332
Content-Type: image/png
Content-MD5: nYqQpj0g8F0n5dars14M0A==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63B6070D4"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cead7a63-f01e-006f-08b7-27d59c000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:14 GMT

ipwho.is/?lang=en

195.201.57.90

200 OK

668 B

URL GET HTTP/1.1
ipwho.is/?lang=en
IP
195.201.57.90:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerGoGetSSL
Subjectipwho.is
FingerprintCF:72:15:7E:2B:59:F6:B9:88:69:73:70:91:60:90:87:80:67:B9:A4
ValidityWed, 05 Apr 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (668), with no line terminators
Size
668 B (668 bytes)
Hash
7fe1747449cf144f77641e13a8c2d344
c26aab0e1399c6de65a97fba962aa2909ac265c9
c424dde44d25d4d82a4af90465928dccda42b282874f5670a4f638a49eb1a514

HTTP Headers

GET /?lang=en HTTP/1.1
Host: ipwho.is
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 20:11:14 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: ipwhois
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
X-Robots-Tag: noindex

nnb44.z13.web.core.windows.net/api/event

52.239.170.33

405 The resource doesn't support specified Http Verb.

335 B

URL POST HTTP/1.1
nnb44.z13.web.core.windows.net/api/event
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (335), with no line terminators
Size
335 B (335 bytes)
Hash
8812b42829911dddd960456441f214d8
672513e35e20c1770b9c87ca4d020fb878be0c22
40236c3b2cc365d1aa42e0d8df9f3ad630fb8d31730359ff9f95a41536737284

HTTP Headers

POST /api/event HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 251
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 405 The resource doesn't support specified Http Verb.
Allow: GET,HEAD
Content-Length: 335
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: UnsupportedHttpVerb
x-ms-request-id: 54e9a3f1-601e-0042-4ab7-2766ef000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:14 GMT

www.clarity.ms/tag/inyarm3guy

13.107.246.53

200 OK

650 B

URL GET HTTP/2
www.clarity.ms/tag/inyarm3guy
IP
13.107.246.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerDigiCert Inc
Subjectwww.clarity.ms
Fingerprint9C:5D:5A:4A:14:86:80:29:07:68:2B:AA:61:27:87:4B:30:FA:43:F4
ValidityTue, 29 Aug 2023 00:00:00 GMT - Thu, 29 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (650), with no line terminators
Size
650 B (650 bytes)
Hash
76d973d92abc0a4c662dcd32ddbd2d27
e378bea708973761e617b79b9046034007fd47d1
f4c6384990b290ccc7153356ca99f29a0f21e1b70c49c78dae8206381ad51df6

HTTP Headers

GET /tag/inyarm3guy HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 650
content-type: application/x-javascript
expires: -1
set-cookie: CLID=927bbf471b4f4af6bbe4b14e48cb8b05.20231205.20241204; expires=Wed, 04 Dec 2024 20:11:14 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-cache: CONFIG_NOCACHE
x-azure-ref: 04oNvZQAAAABS6lhVD7oTTrvS4tPqWA6oU1ZHMjBFREdFMDYxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 05 Dec 2023 20:11:14 GMT
X-Firefox-Spdy: h2

nnb44.z13.web.core.windows.net/Win08SuDeEr086/ai2.mp3

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/ai2.mp3
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
bd77b13d4e4910bce6ab5a16a5dd735a
a2373c8f289942c519bb3d0f0d5ea8c98fe6f427
a82a766212f95c9bf9ed51770c2fa7751add68b7ac7fdb416f4fbcd3eb28ad11

HTTP Headers

GET /Win08SuDeEr086/ai2.mp3 HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: cead7b60-f01e-006f-1eb7-27d59c000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:14 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/_Fm7-alert.mp3

52.239.170.33

206 Partial Content

201 kB

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/_Fm7-alert.mp3
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2, 64 kbps, 22.05 kHz, Monaural\012- data
Size
201 kB (200832 bytes)
Hash
0116152611dd51432e852781f8cc7e82
2408d3d281b25649894f78a4e19f7f8a8ac735f9
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/_Fm7-alert.mp3 HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Content-Length: 200832
Content-Type: audio/mpeg
Content-Range: bytes 0-200831/200832
Last-Modified: Tue, 05 Dec 2023 17:18:45 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63C882318"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a26bcc31-c01e-0016-1db7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:14 GMT

c.clarity.ms/c.gif

68.219.88.97

302 Found

0 B

URL GET HTTP/2
c.clarity.ms/c.gif
IP
68.219.88.97:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjectc.msn.com
FingerprintD5:8D:1D:2A:BC:86:78:79:30:4B:23:9E:B9:3A:CA:CC:F7:AF:26:61
ValidityTue, 06 Jun 2023 15:27:17 GMT - Fri, 31 May 2024 15:27:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=2668E3736AF24A02875AA0BB12F4DF83&RedC=c.clarity.ms&MXFR=3BD250ECCC4D6675036B4332C84D6844
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=3BD250ECCC4D6675036B4332C84D6844; domain=.clarity.ms; expires=Sun, 29-Dec-2024 20:11:14 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 05 Dec 2023 20:11:14 GMT
content-length: 0
X-Firefox-Spdy: h2

c.bing.com/c.gif?ctsa=mr&CtsSyncId=2668E3736AF24A02875AA0BB12F4DF83&RedC=c.clarity.ms&MXFR=3BD250ECCC4D6675036B4332C84D6844

13.107.21.200

302 Found

0 B

URL GET HTTP/2
c.bing.com/c.gif?ctsa=mr&CtsSyncId=2668E3736AF24A02875AA0BB12F4DF83&RedC=c.clarity.ms&MXFR=3BD250ECCC4D6675036B4332C84D6844
IP
13.107.21.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?ctsa=mr&CtsSyncId=2668E3736AF24A02875AA0BB12F4DF83&RedC=c.clarity.ms&MXFR=3BD250ECCC4D6675036B4332C84D6844 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nnb44.z13.web.core.windows.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2668E3736AF24A02875AA0BB12F4DF83&MUID=1BD6D3C2E97A6FDE1D33C01CE82D6EB5
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=1BD6D3C2E97A6FDE1D33C01CE82D6EB5; domain=.bing.com; expires=Sun, 29-Dec-2024 20:11:14 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.bing.com; expires=Tue, 12-Dec-2023 20:11:14 GMT; path=/; SameSite=None; Secure;
SRM_B=1BD6D3C2E97A6FDE1D33C01CE82D6EB5; domain=c.bing.com; expires=Sun, 29-Dec-2024 20:11:14 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B350642C9ABC45DEA89A93C0795AFD5C Ref B: OSL30EDGE0412 Ref C: 2023-12-05T20:11:14Z
date: Tue, 05 Dec 2023 20:11:14 GMT
content-length: 0
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2668E3736AF24A02875AA0BB12F4DF83&MUID=1BD6D3C2E97A6FDE1D33C01CE82D6EB5

68.219.88.97

200 OK

42 B

URL GET HTTP/2
c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=2668E3736AF24A02875AA0BB12F4DF83&MUID=1BD6D3C2E97A6FDE1D33C01CE82D6EB5
IP
68.219.88.97:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjectc.msn.com
FingerprintD5:8D:1D:2A:BC:86:78:79:30:4B:23:9E:B9:3A:CA:CC:F7:AF:26:61
ValidityTue, 06 Jun 2023 15:27:17 GMT - Fri, 31 May 2024 15:27:17 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?ctsa=mr&CtsSyncId=2668E3736AF24A02875AA0BB12F4DF83&MUID=1BD6D3C2E97A6FDE1D33C01CE82D6EB5 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nnb44.z13.web.core.windows.net/
DNT: 1
Connection: keep-alive
Cookie: SM=T; MUID=3BD250ECCC4D6675036B4332C84D6844
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
accept-ranges: bytes
etag: "8d59566974dbd91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=C; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=1BD6D3C2E97A6FDE1D33C01CE82D6EB5; domain=.clarity.ms; expires=Sun, 29-Dec-2024 20:11:14 GMT; path=/; SameSite=None; Secure; Priority=High;
MR=0; domain=c.clarity.ms; expires=Tue, 12-Dec-2023 20:11:14 GMT; path=/; SameSite=None; Secure;
ANONCHK=0; domain=c.clarity.ms; expires=Tue, 05-Dec-2023 20:21:14 GMT; path=/; SameSite=None; Secure;
date: Tue, 05 Dec 2023 20:11:14 GMT
content-length: 42
X-Firefox-Spdy: h2

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 911
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:11:15 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb44.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb44.z13.web.core.windows.net/Win08SuDeEr086/msmm.png

52.239.170.33

200 OK

168 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/msmm.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
PNG image data, 31 x 30, 4-bit colormap, non-interlaced\012- data
Size
168 B (168 bytes)
Hash
acb05ebcd5f488fc99169cff02b6dd04
dca893a7b514503e947a57aa072482a0e0cba912
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /Win08SuDeEr086/msmm.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 168
Content-Type: image/png
Content-MD5: rLBevNX0iPyZFpz/ArbdBA==
Last-Modified: Tue, 05 Dec 2023 17:18:43 GMT
Accept-Ranges: bytes
ETag: "0x8DBF5B63BC2F48E"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a26bd22d-c01e-0016-55b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:14 GMT

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 34772
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:11:15 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb44.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
f7980cb08740a6845b6a0235de9b528e
467c45aba0ca7d98894b0422cbef1397a6af18f8
bc63f70fcced1dbcb48bb8e18eb3cc9c5b9b8979d18b507fcd6053a6e6838341

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26bd33b-c01e-0016-68b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:15 GMT

www.clarity.ms/s/0.7.20/clarity.js

13.107.246.53

200 OK

21 kB

URL GET HTTP/2
www.clarity.ms/s/0.7.20/clarity.js
IP
13.107.246.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerDigiCert Inc
Subjectwww.clarity.ms
Fingerprint9C:5D:5A:4A:14:86:80:29:07:68:2B:AA:61:27:87:4B:30:FA:43:F4
ValidityTue, 29 Aug 2023 00:00:00 GMT - Thu, 29 Aug 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (60926), with CRLF line terminators
Size
21 kB (20724 bytes)
Hash
fb9b1f0355f169c08596444c68ee49bc
bf9044665a2c86577306c547663ea56118e29179
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

HTTP Headers

GET /s/0.7.20/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Cookie: CLID=927bbf471b4f4af6bbe4b14e48cb8b05.20231205.20241204
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Mon, 04 Dec 2023 12:08:18 GMT
accept-ranges: bytes
etag: "0x8DBF4C1B3818466"
x-cache: TCP_HIT
x-ms-request-id: 1de634c0-501e-005b-76de-2617e0000000
x-ms-version: 2018-03-28
access-control-allow-origin: *
x-azure-ref-originshield: 0RptuZQAAAADwvCqth/onT5WwcFEZ+Iu5QU1TMDRFREdFMTgwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 04oNvZQAAAABpbDOMa/EYSquF/ljRlSmmU1ZHMjBFREdFMDYxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 05 Dec 2023 20:11:14 GMT
X-Firefox-Spdy: h2

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2826
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Cookie: MUID=1BD6D3C2E97A6FDE1D33C01CE82D6EB5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:11:16 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb44.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
b67fbbd9e1bdcad2ac73a3f12ac2a7f6
4e0ee8e807f18bb4af90df8897ff2f2e9d65be97
c88a098e0e60529c2982a0ca18d1673758094ba7800ee52afe8675289e1db5c6

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26bdda6-c01e-0016-0fb7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:17 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
e7e417ccd739cad05898f85a001045f1
b2084ca669ff31215d8fad035d953e0f8c3760c9
68d98246738abcfb3c28d1f0b3273f622f7a9ed955a23a62e5564b8fa9383cfc

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26be456-c01e-0016-21b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:18 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
1c124a598419fac45c80bbb477070905
d9bc4e66aed6ea4bfbd0cc0179313fdfb4efd6bd
c591dbaabe4756146c8aea78d0110142a01af80172ce2088e83c0580bde127d0

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26beb88-c01e-0016-65b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:19 GMT

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 642
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Cookie: MUID=1BD6D3C2E97A6FDE1D33C01CE82D6EB5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:11:20 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb44.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
a81d1d8a05e3a66a20d8201d50aee8b3
c277be03a5b99cff258d7ad25b3d09a4b83dea91
45ab5df219600841a55e157dc4631904813e1f9869534aa8ed7db55e666a7b5b

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26bf1d1-c01e-0016-51b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:20 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
812709d196d3e2eb8dd28d828a37994b
71409c798c72963ea564773ad821b8d26f41720a
65b6c76188bf44f636e06130f28732ae84357a9e5628fb863cbaadea227dd8d9

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26bf861-c01e-0016-47b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:21 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
62cab21c882871ca6195272f23a9b2d9
be81e1b837a22dd3f884c133679772c55ab951bf
cac23a1ae7abfed1133ecee6bdf84a6ca5b94a61203e1690d257e9cfee7f3c12

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26bfef4-c01e-0016-30b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:22 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
19bcd6e0a5ec711d747c633e4d5585a3
82c663233fbcea637073b943ee58ff36e4825d6f
e3e3f16e90f405a4eae3d3a5c3b5c702121466b45650bf79ae2876024f3a676a

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26c0561-c01e-0016-78b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:23 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
19b57006b0a69112af05d59db8877b1d
b6512f4b58daa9f244b79401e71240799ed78bd9
61333f5c120136b5b5ab52255acf2dadc85142bb0c6dc20debd56b6a08a3d4cc

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26c09f0-c01e-0016-80b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:24 GMT

y.clarity.ms/collect

104.211.35.148

204 No Content

0 B

URL POST HTTP/1.1
y.clarity.ms/collect
IP
104.211.35.148:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subjecta.clarity.ms
FingerprintD2:EB:78:0C:7D:85:99:BC:14:0E:75:ED:BE:19:6E:8A:C6:68:D7:73
ValidityMon, 13 Feb 2023 16:57:32 GMT - Thu, 08 Feb 2024 16:57:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: y.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 520
Origin: https://nnb44.z13.web.core.windows.net
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/
Cookie: MUID=1BD6D3C2E97A6FDE1D33C01CE82D6EB5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 05 Dec 2023 20:11:25 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://nnb44.z13.web.core.windows.net
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
3b6c345cdaf479a2c9f53beaeec44521
4f5dcd6f54feb846006306abcf065df70d1557a0
635ba16f41a3bbcca4b0d82fbf4949efdbb71e49a52f3ecf0e603d651f0ccb1f

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26c0d8f-c01e-0016-22b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:25 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
dd1ccd10a637ad1e75d7841da510091c
4a1a84a3eab6bb3a85e3a4e6ab99d7372a78b0df
93eed4c4d01ea3b316bd0d428d2316d6d1362b042c29059ef09d44a6289c563e

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26c10fc-c01e-0016-12b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:26 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document textHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
378dc0bf989b7b7cb6102a5467695e98
0c5b965824800fb6e8c548e5dd8e7ca31b7cd209
55fbbf476c2ce0185f5912dfaa7491865869d1c3ff1e663cc9ebf919cd4cf3c4

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26c1459-c01e-0016-7db7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:27 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w1.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
1055ec3d75c36936da4d090ec53560d3
29bddd16161ad3dc993d121ff971381e6fefb21c
5cd27407fd4f4e72848b08f5f56d697a3c87ec5aea6c3cbe8d68e237163895f9

HTTP Headers

GET /Win08SuDeEr086/w1.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26c1790-c01e-0016-4cb7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:28 GMT

nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png

52.239.170.33

404 The requested content does not exist.

321 B

URL GET HTTP/1.1
nnb44.z13.web.core.windows.net/Win08SuDeEr086/w3.png
IP
52.239.170.33:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Certificate
IssuerMicrosoft Corporation
Subject*.web.core.windows.net
FingerprintC5:06:6A:EF:79:A3:6F:44:07:75:2F:DB:E9:AD:71:71:AE:ED:BC:CC
ValidityWed, 27 Sep 2023 13:41:31 GMT - Fri, 27 Sep 2024 13:41:31 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (321), with no line terminators
Size
321 B (321 bytes)
Hash
7f75907be7ffba3642fea44551a0e599
16d93b3ededcc3bf3c05270f0aaf3fe746083ea3
c85cac56cca7db884db679ca1f8e82341258a5bcbbc674ce3a79c1561d8534f8

HTTP Headers

GET /Win08SuDeEr086/w3.png HTTP/1.1
Host: nnb44.z13.web.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nnb44.z13.web.core.windows.net/Win08SuDeEr086/index.html
Cookie: _ga_VLF2FX8QTN=GS1.1.1701807079.1.0.1701807079.0.0.0; _ga=GA1.1.419017826.1701807080; _clck=11j00xi%7C2%7Cfha%7C0%7C1434; _clsk=x2xe8m%7C1701807081405%7C1%7C1%7Cy.clarity.ms%2Fcollect
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 The requested content does not exist.
Content-Length: 321
Content-Type: text/html
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code: WebContentNotFound
x-ms-request-id: a26c1a87-c01e-0016-74b7-2729b8000000
x-ms-version: 2018-03-28
Date: Tue, 05 Dec 2023 20:11:29 GMT

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash