worker-withered-sound-fb55.yzmbechiengels.workers.dev Open in urlscan Pro
2606:4700:3036::6815:39c4  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response worker-withered-sound-fb55.yzmbechiengels.workers.dev/	2 KB 1 KB	70ms 27ms	Document text/html	2606:4700:3036::6815:39c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:39c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68514c88bebf7faeccddd6284a4140f7e6827d6830e3f2f5493a0e1728b4a255 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-ray 884585c45f5fbbb5-FRA content-encoding br content-type text/html;charset=UTF-8 date Wed, 15 May 2024 19:26:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G7WQlUA%2FzGDpXSIwnduD%2FogjBAn1TZC29MmVjFWQ0%2Bdxs9eMq%2Br5Ax7i1HGJcuqFqIS1nlSDH%2FuvB9zezJboPM0VK7rJuximWQU4Az%2F04zO8QVi7Jm944wl0F%2B3PattWgHFm9Wimdu9qWDtrFiMfycsAOziugq7zYqCiqaKuje16MK9pwfkR3LZjFeJGf%2F0Tj5QiWw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 964 B	37ms 21ms	Script text/javascript	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS Requested by Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 3953b3a943823d58f71366f7f51eed66d66f5b524536ae04773ac07af0be6544 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 19:26:56 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Wed, 15 May 2024 19:26:56 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/	505 KB 202 KB	37ms 9ms	Script text/javascript	2a00:1450:4001:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Origin https://worker-withered-sound-fb55.yzmbechiengels.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 13:08:52 GMT content-encoding gzip x-content-type-options nosniff age 22684 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 206091 x-xss-protection 0 last-modified Sun, 05 May 2024 20:00:16 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 15 May 2025 13:08:52 GMT
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 5D19	0 0	57ms 44ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=21cptcj11vge Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-21AZ-T1nyrN6V1DfCOSOog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-21AZ-T1nyrN6V1DfCOSOog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 15 May 2024 19:26:56 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 5BFA	0 0	45ms 34ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS&co=aHR0cHM6Ly93b3JrZXItd2l0aGVyZWQtc291bmQtZmI1NS55em1iZWNoaWVuZ2Vscy53b3JrZXJzLmRldjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=normal&cb=v1n4yk86mmfl Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-APEy66E9HCB3PECXDtHZsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-APEy66E9HCB3PECXDtHZsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 15 May 2024 19:26:56 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	template.htm Show response endurable-lateral-walk.glitch.me/	270 B 764 B	358ms 153ms	Fetch text/html	54.82.73.145 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://endurable-lateral-walk.glitch.me/template.htm Requested by Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.82.73.145 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-82-73-145.compute-1.amazonaws.com Software AmazonS3 / Resource Hash cdfa5d229d99c544d2b46a3ad900020c518f800f43048d78c037dd604b30cc52 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 19:26:57 GMT x-amz-version-id hLBYCJfv4MXrLhV1y11nVDDTf4ThygFS x-amz-request-id TFH107ZNW4WEK42Q x-amz-server-side-encryption AES256 content-length 270 x-amz-id-2 RjuwIZCTOcN0kXM/3Wjwz4hCJM71lu42Z+L7OaVhKsjR8kGXJaI6tQfmDce577TuKigDPbgJKds= last-modified Fri, 03 May 2024 01:43:25 GMT server AmazonS3 etag "554a4d91defd80c083caf48a38f21a30" access-control-max-age 3600 access-control-allow-methods GET, HEAD content-type text/html; charset=utf-8 access-control-allow-origin * vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method cache-control no-cache accept-ranges bytes
GET H2	200	favicon.ico worker-withered-sound-fb55.yzmbechiengels.workers.dev/	2 KB 1 KB	26ms 25ms	Other text/html	2606:4700:3036::6815:39c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:39c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68514c88bebf7faeccddd6284a4140f7e6827d6830e3f2f5493a0e1728b4a255 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 19:26:57 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BoODZ0z2zQZYAf9Ms5KvgtVkS69fuTbVEFqKspfyVTxYoVz65prMzTj1tcsEVS3hyB%2B1eyI2ur3yUynfEgdHnuQpgd%2FzX0AhVi3G3PD6l7oFfOVvMEkfzpyWvpzAYKOy%2FyXM%2FybRLRG%2FBetLuleCbgwe5M08Mlo2xQVdm%2FdiJ8VEFSTL7iruxKK5xDlTOkfYQ2jiJg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=UTF-8 cf-ray 884585c6aac3bbb5-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bframe www.google.com/recaptcha/api2/ Frame 8D2E	0 0	23ms 22ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=vjbW55W42X033PfTdVf6Ft4q&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-IrNpGyiDT6dCMKIWKC_OIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-IrNpGyiDT6dCMKIWKC_OIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 15 May 2024 19:26:57 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	bframe www.google.com/recaptcha/api2/ Frame 6F29	0 0	45ms 22ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=vjbW55W42X033PfTdVf6Ft4q&k=6Lcd1d0pAAAAABdEYPjMVNuKdXLhUu8iFnCaeBuS Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-bHTqPERScmkslvlN1b3uLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-bHTqPERScmkslvlN1b3uLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 15 May 2024 19:26:57 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET DATA	200 OK	truncated Show response /	114 B 0		Script text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a8341fced36479b5df8c6854ea7b161d71c1a23251f81f6172963908baf5bfd8 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/plain;charset=US-ASCII
GET H2	200	datt.js Show response endurable-lateral-walk.glitch.me/	993 KB 995 KB	443ms 256ms	Script application/javascript	54.82.73.145 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://endurable-lateral-walk.glitch.me/datt.js Requested by Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.82.73.145 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-82-73-145.compute-1.amazonaws.com Software AmazonS3 / Resource Hash bcf19cc049a6970b7f104c8bb8e7cdf18bd2cc6b6887fbeef58ef0e0949f9825 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 19:26:57 GMT x-amz-version-id bnPpTymefOzY97uuedilkmmuGQLrc5dR last-modified Fri, 03 May 2024 01:43:25 GMT server AmazonS3 x-amz-request-id TFH4MV9STVZPT5FQ etag "0a8978556df1a8898e41b02b6a95b2cd" x-amz-server-side-encryption AES256 content-type application/javascript; charset=utf-8 cache-control no-cache accept-ranges bytes content-length 1016966 x-amz-id-2 k31/q9JRdHhaX6hBiMQvB+6uGwfeNlbNUDhsa/9VIWflfdL1KDDJHBg776OtMv11OqjtyIdz0NgQ0rT/9gn3LSxiO4thCwSG
GET H3	200	font-awesome.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	37 KB 6 KB	31ms 19ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css Requested by Host: endurable-lateral-walk.glitch.me URL: https://endurable-lateral-walk.glitch.me/datt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Origin https://worker-withered-sound-fb55.yzmbechiengels.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 19:26:58 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2298536 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5884 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-9226" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2N7%2FvG9bEog1DwwdWM3pSjEOXiCSS813Z5OfQLGzxHvvbh7fx1G11B2jgYKwkEuTsjy6pqw9h3pnJgy1mn3deIk%2FKDejC%2Fu%2FKA1Qc9W9hvofCaGL1Kwp1%2BzHgKjQszyGWL3SABXiOefwIqnJoPyNparE"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 884585cedbe8380d-FRA expires Mon, 05 May 2025 19:26:58 GMT
GET H2	200	jquery-3.1.1.min.js Show response code.jquery.com/	85 KB 30 KB	35ms 7ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.1.1.min.js Requested by Host: endurable-lateral-walk.glitch.me URL: https://endurable-lateral-walk.glitch.me/datt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 19:26:58 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 3247308 x-cache HIT, HIT content-length 30070 x-served-by cache-lga21947-LGA, cache-fra-eddf8230059-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1715801218.400077,VS0,VE0 etag W/"28feccc0-152b5" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 93, 76343
GET DATA	200 OK	truncated /	4 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	756 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	899 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b7fcd37eaafe3f08647ed072d5289eadfff6c660a26cdef31532b3fcfb4a0bb2 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	222 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 749f85621d92a5b31b2a377a8c385a36d48a83327dad9a8a8da93cd831b8c9a2 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	513 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg aadcdn.msauth.net/shared/1.0/content/images/	250 B 763 B	78ms 10ms	Image image/svg+xml	2620:1ec:46::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg Requested by Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8ed8f3acb9b87f99e42c74463d4e2be96ee85b8a87cd6eb874295ace420a5904 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Wed, 15 May 2024 19:26:58 GMT content-encoding gzip x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 4554691 content-length 199 x-ms-lease-status unlocked last-modified Fri, 17 Jan 2020 19:28:39 GMT etag 0x8D79B8374CE7F93 x-azure-ref 20240515T192658Z-1675f555588h4d758unxxe60yg00000000gg00000000gbn5 content-type image/svg+xml access-control-allow-origin * x-ms-request-id 4ba5783e-501e-007b-7aee-a63289000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg aadcdn.msauth.net/shared/1.0/content/images/	3 KB 2 KB	79ms 11ms	Image image/svg+xml	2620:1ec:46::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg Requested by Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Wed, 15 May 2024 19:26:58 GMT content-encoding gzip x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 4554691 content-length 1173 x-ms-lease-status unlocked last-modified Fri, 17 Jan 2020 19:28:39 GMT etag 0x8D79B83749623C9 x-azure-ref 20240515T192658Z-1675f555588h4d758unxxe60yg00000000gg00000000gbn6 content-type image/svg+xml access-control-allow-origin * x-ms-request-id 314fd904-d01e-005f-75f1-a60fb2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg aadcdn.msauth.net/shared/1.0/content/images/	7 KB 3 KB	78ms 10ms	Image image/svg+xml	2620:1ec:46::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_b59c16ca9bf156438a8a96d45e33db64.svg Requested by Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Wed, 15 May 2024 19:26:58 GMT content-encoding gzip x-cache TCP_HIT x-cache-info L1_T2 x-fd-int-roxy-purgeid 4554691 content-length 2407 x-ms-lease-status unlocked last-modified Fri, 11 Mar 2022 11:11:29 GMT etag 0x8DA034FE445C10D x-azure-ref 20240515T192658Z-1675f555588h4d758unxxe60yg00000000gg00000000gbn7 content-type image/svg+xml access-control-allow-origin * x-ms-request-id 03a002c2-401e-0062-5c55-a5f1b8000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET DATA	200 OK	truncated Show response /	114 B 0		Script text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4da9a57d1bc6ba4ee6a59c9459ee9b35ec11fd7f9fe9e4323c224b7f0c8203bb Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type text/plain;charset=US-ASCII
GET H2	200	seet.js Show response endurable-lateral-walk.glitch.me/	84 KB 85 KB	182ms 181ms	Script application/javascript	54.82.73.145 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://endurable-lateral-walk.glitch.me/seet.js Requested by Host: worker-withered-sound-fb55.yzmbechiengels.workers.dev URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.82.73.145 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-82-73-145.compute-1.amazonaws.com Software AmazonS3 / Resource Hash 09eb533a5fd70272de744f9ca0ff7b9ca0af77c6675440f290e4a7459629627c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 19:26:58 GMT x-amz-version-id DG3DaKxfKSd1fiXkGo.O2x5rBtrgiVFg last-modified Fri, 03 May 2024 01:43:25 GMT server AmazonS3 x-amz-request-id 1FJZJV11HX557ZX0 etag "3c251732c3853cdf318bd284937a5c15" x-amz-server-side-encryption AES256 content-type application/javascript; charset=utf-8 cache-control no-cache accept-ranges bytes content-length 86375 x-amz-id-2 ftiBGpgZpFJ09FL2jsnQ8nHAhVO9vmknj4ZlzVZVZoGVwZlUaNDCOrUZvaJ9NM8GbIyMEwdE0u8=

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onSubmit object| recaptcha object| closure_lm_311649 function| _0x3476 function| _0x3d7b12 function| _0x1b1c18 function| _0xcefc function| _0x5aa2a0 function| _0x4f6eb5 function| _0x211993 function| _0x1b84 function| $ function| jQuery function| _0x198b string| em string| ur function| nextClicked object| text function| _0x3ef90b function| _0x529f9d function| _0x15c7

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-21 00:55:53	Name: _GRECAPTCHA Value: 09AGaHCq8lma-S8GO-f7PmHrT2-71XD118S4AumdYyFj7qwL12Jg-RJPo2BxTw-8_XJQCB4TqPudDcBq_CjwbiQzM

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: data:/html;base64,ZG9jdW1lbnQud3JpdGUoJzxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Imh0dHBzOi8vZW5kdXJhYmxlLWxhdGVyYWwtd2Fsay5nbGl0Y2gubWUvZGF0dC5qcyI+PC9zY3JpcHQ+Jyk7 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://endurable-lateral-walk.glitch.me/datt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: data:/html;base64,ZG9jdW1lbnQud3JpdGUoJzxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Imh0dHBzOi8vZW5kdXJhYmxlLWxhdGVyYWwtd2Fsay5nbGl0Y2gubWUvZGF0dC5qcyI+PC9zY3JpcHQ+Jyk7 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://endurable-lateral-walk.glitch.me/datt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://endurable-lateral-walk.glitch.me/datt.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://endurable-lateral-walk.glitch.me/datt.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.1.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: data:/html;base64,ZG9jdW1lbnQud3JpdGUoJzxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Imh0dHBzOi8vZW5kdXJhYmxlLWxhdGVyYWwtd2Fsay5nbGl0Y2gubWUvc2VldC5qcyI+PC9zY3JpcHQ+Jyk7 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://endurable-lateral-walk.glitch.me/seet.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: data:/html;base64,ZG9jdW1lbnQud3JpdGUoJzxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Imh0dHBzOi8vZW5kdXJhYmxlLWxhdGVyYWwtd2Fsay5nbGl0Y2gubWUvc2VldC5qcyI+PC9zY3JpcHQ+Jyk7 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://endurable-lateral-walk.glitch.me/seet.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation	warning	URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Message: [DOM] Found 2 elements with non-unique id #idTxtBx_SAOTCC_OTC: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://worker-withered-sound-fb55.yzmbechiengels.workers.dev/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
cdnjs.cloudflare.com
code.jquery.com
endurable-lateral-walk.glitch.me
worker-withered-sound-fb55.yzmbechiengels.workers.dev
www.google.com
www.gstatic.com
2606:4700:3036::6815:39c4
2606:4700::6811:190e
2620:1ec:46::45
2a00:1450:4001:81d::2003
2a00:1450:4001:828::2004
2a04:4e42:400::649
54.82.73.145
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
09eb533a5fd70272de744f9ca0ff7b9ca0af77c6675440f290e4a7459629627c
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3953b3a943823d58f71366f7f51eed66d66f5b524536ae04773ac07af0be6544
4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0
4da9a57d1bc6ba4ee6a59c9459ee9b35ec11fd7f9fe9e4323c224b7f0c8203bb
55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1
5d3357bd875b7335ace42e8ee3a64578e4253bed1a4e279109de403eedae3a69
68514c88bebf7faeccddd6284a4140f7e6827d6830e3f2f5493a0e1728b4a255
749f85621d92a5b31b2a377a8c385a36d48a83327dad9a8a8da93cd831b8c9a2
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8ed8f3acb9b87f99e42c74463d4e2be96ee85b8a87cd6eb874295ace420a5904
a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8
a8341fced36479b5df8c6854ea7b161d71c1a23251f81f6172963908baf5bfd8
b7fcd37eaafe3f08647ed072d5289eadfff6c660a26cdef31532b3fcfb4a0bb2
bcf19cc049a6970b7f104c8bb8e7cdf18bd2cc6b6887fbeef58ef0e0949f9825
cdfa5d229d99c544d2b46a3ad900020c518f800f43048d78c037dd604b30cc52