urlscan.io logo urlscan.io
SecurityTrails logo

nmk00mainworld084.z11.web.core.windows.net Open in urlscan Pro
20.150.85.193  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nmk00mainworld084.z11.web.core.windows.net/
Effective URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Submission: On November 13 via manual from US — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 38 HTTP transactions. The main IP is 20.150.85.193, located in Tokyo, Japan and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is nmk00mainworld084.z11.web.core.windows.net.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 07 on October 29th 2024. Valid for: 6 months.
This is the only time nmk00mainworld084.z11.web.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

IP Address AS Autonomous System
25 20.150.85.193 8075 (MICROSOFT...)
3 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2 142.250.207.34 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 142.250.199.98 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2 142.250.207.100 15169 (GOOGLE)
2 172.217.31.163 15169 (GOOGLE)
38 9
25    20.150.85.193 (Tokyo, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nmk00mainworld084.z11.web.core.windows.net
3    2404:6800:4004:81c::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2404:6800:4004:820::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
2    142.250.207.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f2.1e100.net
googleads.g.doubleclick.net
2    2404:6800:4004:80b::2002 (Australia)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    142.250.199.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net
www.googleadservices.com
2    2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.207.100 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s11-in-f4.1e100.net
www.google.com
2    172.217.31.163 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s22-in-f3.1e100.net
www.google.co.jp
Apex Domain
Subdomains		 Transfer
25 windows.net
nmk00mainworld084.z11.web.core.windows.net
2 MB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
td.doubleclick.net — Cisco Umbrella Rank: 231
2 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 4
88 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
204 KB
2 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 19607
128 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 110
3 KB
38 7
Domain Requested by
25 nmk00mainworld084.z11.web.core.windows.net nmk00mainworld084.z11.web.core.windows.net
3 www.google.com 1 redirects www.googletagmanager.com
nmk00mainworld084.z11.web.core.windows.net
3 www.googletagmanager.com nmk00mainworld084.z11.web.core.windows.net
www.googletagmanager.com
2 www.google.co.jp nmk00mainworld084.z11.web.core.windows.net
2 www.google-analytics.com www.googletagmanager.com
2 td.doubleclick.net www.googletagmanager.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
38 8

This site contains no links.

Subject Issuer Validity Valid
*.web.core.windows.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-10-29 -
2025-04-27		 6 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.googleadservices.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.co.jp
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Frame ID: 9CDAC17DFC25C27736A833BD9B00F15D
Requests: 35 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16611109097?random=1731531124628&cv=11&fst=1731531124628&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 089D07DC02F42CCB9713038E370D366E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16611109097?random=1731531124649&cv=11&fst=1731531124649&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0
Frame ID: 5A8A29C94EBADFD63A763F0442BF7993
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net
Frame ID: B299774747B6664243E5AACE5391DC1A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Windows page

Page URL History Show full URLs

  1. http://nmk00mainworld084.z11.web.core.windows.net/ HTTP 307
    https://nmk00mainworld084.z11.web.core.windows.net/ Page URL
  2. https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

97 %
HTTPS

44 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

2642 kB
Transfer

3037 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nmk00mainworld084.z11.web.core.windows.net/ HTTP 307
    https://nmk00mainworld084.z11.web.core.windows.net/ Page URL
  2. https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://nmk00mainworld084.z11.web.core.windows.net/ HTTP 307
  • https://nmk00mainworld084.z11.web.core.windows.net/
Request Chain 34
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16611109097/?random=1396520108&cv=11&fst=1731531124649&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIosWxAgjTxbECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI19zsjJjaiQMVQfNMAh3Vkji5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjNodHRwczovL25tazAwbWFpbndvcmxkMDg0LnoxMS53ZWIuY29yZS53aW5kb3dzLm5ldC9CWENoRUlnTG5SdVFZUWs1LWZ2TF9mczZyekFSSXRBSThqbkxmTEFLV0RDSVNVcU9oWkpBMk5fVTY5OFJBNDBLNXVnaVRSU0tlOXJfekh2c0FoaVRLT0Z5N20 HTTP 302
  • https://www.google.com/pagead/1p-conversion/16611109097/?random=1396520108&cv=11&fst=1731531124649&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIosWxAgjTxbECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI19zsjJjaiQMVQfNMAh3Vkji5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjNodHRwczovL25tazAwbWFpbndvcmxkMDg0LnoxMS53ZWIuY29yZS53aW5kb3dzLm5ldC9CWENoRUlnTG5SdVFZUWs1LWZ2TF9mczZyekFSSXRBSThqbkxmTEFLV0RDSVNVcU9oWkpBMk5fVTY5OFJBNDBLNXVnaVRSU0tlOXJfekh2c0FoaVRLT0Z5N20&is_vtc=1&cid=CAQSKQCa7L7dg11nEpz3fG-UyC7F8FjklXpxyhS5KFLRlXVAkbGMSSe-wNjG&random=3831250503 HTTP 302
  • https://www.google.co.jp/pagead/1p-conversion/16611109097/?random=1396520108&cv=11&fst=1731531124649&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIosWxAgjTxbECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI19zsjJjaiQMVQfNMAh3Vkji5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjNodHRwczovL25tazAwbWFpbndvcmxkMDg0LnoxMS53ZWIuY29yZS53aW5kb3dzLm5ldC9CWENoRUlnTG5SdVFZUWs1LWZ2TF9mczZyekFSSXRBSThqbkxmTEFLV0RDSVNVcU9oWkpBMk5fVTY5OFJBNDBLNXVnaVRSU0tlOXJfekh2c0FoaVRLT0Z5N20&is_vtc=1&cid=CAQSKQCa7L7dg11nEpz3fG-UyC7F8FjklXpxyhS5KFLRlXVAkbGMSSe-wNjG&random=3831250503&ipr=y

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
nmk00mainworld084.z11.web.core.windows.net/
Redirect Chain
  • http://nmk00mainworld084.z11.web.core.windows.net/
  • https://nmk00mainworld084.z11.web.core.windows.net/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Length
1668
Content-MD5
m1WLsfTDN7qA7ZKTvEP/pA==
Content-Type
text/html
Date
Wed, 13 Nov 2024 20:52:03 GMT
ETag
"0x8DD040E4D289AAF"
Last-Modified
Wed, 13 Nov 2024 18:09:22 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
91b2b875-601e-003f-510d-368b2e000000
x-ms-version
2018-03-28

Redirect headers

Location
https://nmk00mainworld084.z11.web.core.windows.net/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request index.html
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/ 		15 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
362ef28eeca1692cba026615b39196051cb0fceeb9aa2ec442c37a9c26caf4ca

Request headers

Referer
https://nmk00mainworld084.z11.web.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Content-Length
15255
Content-MD5
d0FAh9NvQW4Xas4/d1OCmw==
Content-Type
text/html
Date
Wed, 13 Nov 2024 20:52:03 GMT
ETag
"0x8DD040E4D38C501"
Last-Modified
Wed, 13 Nov 2024 18:09:22 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
91b2b87d-601e-003f-590d-368b2e000000
x-ms-version
2018-03-28
tapa.css
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		19 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/tapa.css
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
863547e9f5235aa4208737d9d86f4d62aa4146acb258399089842f30e79627de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
UHCRdCgGiSCeChzkKQgYzA==
x-ms-version
2018-03-28
ETag
"0x8DD040E55EDC058"
x-ms-request-id
91b2b884-601e-003f-5e0d-368b2e000000
Accept-Ranges
bytes
Content-Length
19500
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
text/css
Last-Modified
Wed, 13 Nov 2024 18:09:37 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
js
www.googletagmanager.com/gtag/ 		322 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MPTCR82JNF
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c76eafe6f94123f31f884ca10beb217504e522eac8f0915878dd14e4433e77f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 13 Nov 2024 20:52:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 20:52:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109428
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		279 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e3357a89612124542a4e37320fc21a65e9c5ef697f4d38dcfd6fd8bb2e9c3db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 13 Nov 2024 20:52:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 20:52:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 19:14:39 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98577
x-xss-protection
0
server
Google Tag Manager
jquery-1.4.4.min.js
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		77 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/jquery-1.4.4.min.js
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
c6nDNMXKcdcNCStCBk9kdg==
x-ms-version
2018-03-28
ETag
"0x8DD040E54115528"
x-ms-request-id
8742b909-d01e-0015-310d-36543e000000
Accept-Ranges
bytes
Content-Length
78601
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
text/javascript
Last-Modified
Wed, 13 Nov 2024 18:09:34 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
def.gif
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/def.gif
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
G30pExj2QoWKUwV9oUABmg==
x-ms-version
2018-03-28
ETag
"0x8DD040E53AD9878"
x-ms-request-id
91b2b88a-601e-003f-620d-368b2e000000
Accept-Ranges
bytes
Content-Length
169529
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/gif
Last-Modified
Wed, 13 Nov 2024 18:09:33 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
f24.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/f24.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
58ad7ea2ca500817266dd0a83b8c4edb0739fd456664b5a2da132204a2240419

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
pSkSKdLMqwMW5i6gUoLzNQ==
x-ms-version
2018-03-28
ETag
"0x8DD040E5639D9B0"
x-ms-request-id
c5827180-d01e-002a-530d-369c9d000000
Accept-Ranges
bytes
Content-Length
1832599
Date
Wed, 13 Nov 2024 20:52:04 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:37 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
mnc.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		166 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/mnc.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1901eeec960650f0c4c31673dde13f934f4e22bcb702383aefacaf00bdd743c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
Ueu7GHkJOJOzm7tulwIXrg==
x-ms-version
2018-03-28
ETag
"0x8DD040E547D9C09"
x-ms-request-id
91b2b898-601e-003f-6c0d-368b2e000000
Accept-Ranges
bytes
Content-Length
166
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:35 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
msmm.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		148 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/msmm.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
eG5FG4kRHQTLH7o9MsOY+g==
x-ms-version
2018-03-28
ETag
"0x8DD040E547E382B"
x-ms-request-id
6b946e49-c01e-00a0-430d-36c72c000000
Accept-Ranges
bytes
Content-Length
148
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:35 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
set.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		360 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/set.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d78dca445132754bf14e22d2dd76a8273a5c77e9a084b12e17ca76d500d3b6e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
B7JU2bpmXo/foaV3hRpJQg==
x-ms-version
2018-03-28
ETag
"0x8DD040E55CDE0D4"
x-ms-request-id
8742b919-d01e-0015-3f0d-36543e000000
Accept-Ranges
bytes
Content-Length
360
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:37 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ques.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		349 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ques.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
dFTGUuBzPZLebJIMLWRq4A==
x-ms-version
2018-03-28
ETag
"0x8DD040E54F61631"
x-ms-request-id
6b946e50-c01e-00a0-480d-36c72c000000
Accept-Ranges
bytes
Content-Length
349
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:35 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
vsc.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		752 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/vsc.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
23e2636c586a13f6dba4730d4d92fccd80ef8d0358e9c266e7cdd1d5123057f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
hwc2RJkMskC8yaykKa8mcA==
x-ms-version
2018-03-28
ETag
"0x8DD040E56367EC8"
x-ms-request-id
91b2b89c-601e-003f-6f0d-368b2e000000
Accept-Ranges
bytes
Content-Length
752
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:37 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
bxs.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/bxs.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
689cfc046cb7a6b6e6f85452bfe224b645ae827d50fb80498326502465327199

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
3RrL2UNcRBXOUDqY2KX/Kw==
x-ms-version
2018-03-28
ETag
"0x8DD040E52F9CB77"
x-ms-request-id
a772fd7f-d01e-0067-560d-365371000000
Accept-Ranges
bytes
Content-Length
4776
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:32 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
bx1.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/bx1.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
N18q7ceiyVXzo9YIarlWCw==
x-ms-version
2018-03-28
ETag
"0x8DD040E532FEEEC"
x-ms-request-id
8742b91c-d01e-0015-420d-36543e000000
Accept-Ranges
bytes
Content-Length
119079
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:32 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
bel.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		296 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/bel.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ef35b00fa94fa0b4991c624c8bff042893b37d4e0c04f03f71533a9cd28c1953

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
XMwz/dJdl28hV57djidBRQ==
x-ms-version
2018-03-28
ETag
"0x8DD040E52F55F48"
x-ms-request-id
804b47c0-401e-0017-080d-36ea86000000
Accept-Ranges
bytes
Content-Length
296
Date
Wed, 13 Nov 2024 20:52:04 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:32 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
pcm.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		428 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/pcm.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b3ab0ec911cf992c5351155a12e2fb12ca908bd36d658d05f2b4cf9912fd8dce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
h/IkHNKH9qwk3LzevtI1yA==
x-ms-version
2018-03-28
ETag
"0x8DD040E547E5F37"
x-ms-request-id
6b946e53-c01e-00a0-4b0d-36c72c000000
Accept-Ranges
bytes
Content-Length
428
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:35 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
winlo.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/winlo.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
IPxzD3sa57kA9m28fdw/ww==
x-ms-version
2018-03-28
ETag
"0x8DD040E56BA41F4"
x-ms-request-id
91b2b8a1-601e-003f-740d-368b2e000000
Accept-Ranges
bytes
Content-Length
12386
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:38 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
dm.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		347 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/dm.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
SjmHbQZgz+Wx9csHNJjGbQ==
x-ms-version
2018-03-28
ETag
"0x8DD040E53A730C4"
x-ms-request-id
6b946e54-c01e-00a0-4c0d-36c72c000000
Accept-Ranges
bytes
Content-Length
347
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:33 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
cs.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/cs.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
kR8Ewh15GiBXSksoe2DTrw==
x-ms-version
2018-03-28
ETag
"0x8DD040E532F79D7"
x-ms-request-id
804b47c2-401e-0017-090d-36ea86000000
Accept-Ranges
bytes
Content-Length
3152
Date
Wed, 13 Nov 2024 20:52:04 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:32 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
re.gif
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/re.gif
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
b8t44M15M6cO6izwcfghGA==
x-ms-version
2018-03-28
ETag
"0x8DD040E55D189D4"
x-ms-request-id
a772fd82-d01e-0067-590d-365371000000
Accept-Ranges
bytes
Content-Length
14751
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/gif
Last-Modified
Wed, 13 Nov 2024 18:09:37 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
esc.js
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		87 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/esc.js
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
46ebb2640aac2186a7cf13f528c03648fa9a498910289cdad41ba87b9770eb14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
MzWhQFDU9gV7sBnPcFhDtA==
x-ms-version
2018-03-28
ETag
"0x8DD040E53A7F3F9"
x-ms-request-id
6b946e4f-c01e-00a0-470d-36c72c000000
Accept-Ranges
bytes
Content-Length
87
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
text/javascript
Last-Modified
Wed, 13 Nov 2024 18:09:33 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
msmm.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		148 B
518 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/msmm.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f14e6d98ec63368a67b4e5376c57b496887eb672a5d5c56c95811a409c4ec727

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
eG5FG4kRHQTLH7o9MsOY+g==
x-ms-version
2018-03-28
ETag
"0x8DD040E547E382B"
x-ms-request-id
6b946e49-c01e-00a0-430d-36c72c000000
Accept-Ranges
bytes
Content-Length
148
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:35 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
msmm.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		148 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/msmm.png
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
eG5FG4kRHQTLH7o9MsOY+g==
x-ms-version
2018-03-28
ETag
"0x8DD040E547E382B"
x-ms-request-id
6b946e49-c01e-00a0-430d-36c72c000000
Accept-Ranges
bytes
Content-Length
148
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:35 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
webs.mp4
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/ 		8 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/webs.mp4
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Request headers

Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-ms-version
2018-03-28
ETag
"0x8DD040E4D271445"
Content-Range
bytes 0-8404/8405
x-ms-request-id
8742b928-d01e-0015-4b0d-36543e000000
Accept-Ranges
bytes
Content-Length
8405
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
video/mp4
Last-Modified
Wed, 13 Nov 2024 18:09:22 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
visudk.mp4
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/ 		196 KB
197 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/visudk.mp4
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Request headers

Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-ms-version
2018-03-28
ETag
"0x8DD040E4DDCDCD3"
Content-Range
bytes 0-200831/200832
x-ms-request-id
a772fd8e-d01e-0067-630d-365371000000
Accept-Ranges
bytes
Content-Length
200832
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
video/mp4
Last-Modified
Wed, 13 Nov 2024 18:09:23 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dr=nmk00mainworld084.z11.web.core.windows.net&dl=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&scrsrc=www.googletagmanager.com&frm=0&rnd=898177627.1731531125&auid=50916471.1731531125&npa=0&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&tft=1731531124635&tfd=276&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/

Response headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/16611109097/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16611109097/?random=1731531124628&cv=11&fst=1731531124628&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
cafe /
Resource Hash
c4fa32036fdc49a0d8768a1b2d19fe55424fdd872990c66cd0346d8df40f5c92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2372
date
Wed, 13 Nov 2024 20:52:04 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16611109097
td.doubleclick.net/td/rul/ Frame 089D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16611109097?random=1731531124628&cv=11&fst=1731531124628&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nmk00mainworld084.z11.web.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 20:52:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/conversion/16611109097/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/16611109097/?random=1731531124649&cv=11&fst=1731531124649&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
df8b993308d555f0c43832148a3c063b842ae190c308c8e6cb117f2c2d94b071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2704
date
Wed, 13 Nov 2024 20:52:04 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
16611109097
td.doubleclick.net/td/rul/ Frame 5A8A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/16611109097?random=1731531124649&cv=11&fst=1731531124649&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nmk00mainworld084.z11.web.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 20:52:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MPTCR82JNF&gtm=45je4b70v9196505401za200&_p=1731531124426&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067554~102077855&cid=1424460332.1731531125&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731531124&sct=1&seg=0&dl=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&dr=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&dt=Windows%20page&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=319
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MPTCR82JNF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nmk00mainworld084.z11.web.core.windows.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 20:52:04 GMT
content-type
text/plain
server
Golfe2
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame B299 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16611109097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 20:52:04 GMT
expires
Thu, 13 Nov 2025 20:52:04 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/16611109097/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/16611109097/?random=1731531124628&cv=11&fst=1731528000000&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dX9Z3nC_cmsUSc3a8LkcUFNOZ_9CQfA&random=4070296392&rmt_tld=0&ipr=y
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 13 Nov 2024 20:52:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.co.jp/pagead/1p-user-list/16611109097/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-user-list/16611109097/?random=1731531124628&cv=11&fst=1731528000000&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dX9Z3nC_cmsUSc3a8LkcUFNOZ_9CQfA&random=4070296392&rmt_tld=1&ipr=y
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 13 Nov 2024 20:52:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.co.jp/pagead/1p-conversion/16611109097/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16611109097/?random=1396520108&cv=11&fst=1731531124649&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=10...
  • https://www.google.com/pagead/1p-conversion/16611109097/?random=1396520108&cv=11&fst=1731531124649&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102...
  • https://www.google.co.jp/pagead/1p-conversion/16611109097/?random=1396520108&cv=11&fst=1731531124649&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~1...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/pagead/1p-conversion/16611109097/?random=1396520108&cv=11&fst=1731531124649&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIosWxAgjTxbECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI19zsjJjaiQMVQfNMAh3Vkji5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjNodHRwczovL25tazAwbWFpbndvcmxkMDg0LnoxMS53ZWIuY29yZS53aW5kb3dzLm5ldC9CWENoRUlnTG5SdVFZUWs1LWZ2TF9mczZyekFSSXRBSThqbkxmTEFLV0RDSVNVcU9oWkpBMk5fVTY5OFJBNDBLNXVnaVRSU0tlOXJfekh2c0FoaVRLT0Z5N20&is_vtc=1&cid=CAQSKQCa7L7dg11nEpz3fG-UyC7F8FjklXpxyhS5KFLRlXVAkbGMSSe-wNjG&random=3831250503&ipr=y
Requested by
Host: nmk00mainworld084.z11.web.core.windows.net
URL: https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html
Protocol
H3
Server
172.217.31.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 13 Nov 2024 20:52:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.co.jp/pagead/1p-conversion/16611109097/?random=1396520108&cv=11&fst=1731531124649&bg=ffffff&guid=ON&async=1&gtm=45be4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102067555~102077855&u_w=1600&u_h=1200&url=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&ref=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&label=YQ2CCPTxy8UZEOnR5fA9&hn=www.googleadservices.com&frm=0&tiba=Windows%20page&gtm_ee=1&npa=0&pscdl=noapi&auid=50916471.1731531125&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQIIosWxAgjTxbECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI19zsjJjaiQMVQfNMAh3Vkji5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOjNodHRwczovL25tazAwbWFpbndvcmxkMDg0LnoxMS53ZWIuY29yZS53aW5kb3dzLm5ldC9CWENoRUlnTG5SdVFZUWs1LWZ2TF9mczZyekFSSXRBSThqbkxmTEFLV0RDSVNVcU9oWkpBMk5fVTY5OFJBNDBLNXVnaVRSU0tlOXJfekh2c0FoaVRLT0Z5N20&is_vtc=1&cid=CAQSKQCa7L7dg11nEpz3fG-UyC7F8FjklXpxyhS5KFLRlXVAkbGMSSe-wNjG&random=3831250503&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 13 Nov 2024 20:52:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
msmm.png
nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/ 		148 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/assets/msmm.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.150.85.193 Tokyo, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/winside/00Windbndktw0win11advance/index.html

Response headers

Content-MD5
eG5FG4kRHQTLH7o9MsOY+g==
x-ms-version
2018-03-28
ETag
"0x8DD040E547E382B"
x-ms-request-id
6b946e49-c01e-00a0-430d-36c72c000000
Accept-Ranges
bytes
Content-Length
148
Date
Wed, 13 Nov 2024 20:52:03 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Nov 2024 18:09:35 GMT
Server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MPTCR82JNF&gtm=45je4b70v9196505401za200&_p=1731531124426&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102067554~102077855&cid=1424460332.1731531125&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731531124&sct=1&seg=0&dl=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2Fwinside%2F00Windbndktw0win11advance%2Findex.html&dr=https%3A%2F%2Fnmk00mainworld084.z11.web.core.windows.net%2F&dt=Windows%20page&en=scroll&epn.percent_scrolled=90&_et=15&tfd=5339
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MPTCR82JNF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nmk00mainworld084.z11.web.core.windows.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nmk00mainworld084.z11.web.core.windows.net
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 20:52:09 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer function| $ function| jQuery number| e number| isNS function| mischandler function| mousehandler function| win_onkeydown_handler object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
.windows.net/ Name: _gcl_au
Value: 1.1.50916471.1731531125
.windows.net/ Name: _ga
Value: GA1.1.1424460332.1731531125
.windows.net/ Name: _ga_MPTCR82JNF
Value: GS1.1.1731531124.1.0.1731531124.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUlO_llv0ejm0Y7XLFoJiTaz73hxxutpCxsGWwtONQhQEsKXwH8rX42x9tZk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
nmk00mainworld084.z11.web.core.windows.net
td.doubleclick.net
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
142.250.199.98
142.250.207.100
142.250.207.34
172.217.31.163
20.150.85.193
2404:6800:4004:80b::2002
2404:6800:4004:81c::2008
2404:6800:4004:820::2004
2404:6800:4004:824::200e
02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5
1901eeec960650f0c4c31673dde13f934f4e22bcb702383aefacaf00bdd743c7
1e3357a89612124542a4e37320fc21a65e9c5ef697f4d38dcfd6fd8bb2e9c3db
23e2636c586a13f6dba4730d4d92fccd80ef8d0358e9c266e7cdd1d5123057f7
250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2
35872af4a794ff3d791b41c4eb58879f4a382d634c7668cd6a5ff42d947c6eb2
362ef28eeca1692cba026615b39196051cb0fceeb9aa2ec442c37a9c26caf4ca
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
46ebb2640aac2186a7cf13f528c03648fa9a498910289cdad41ba87b9770eb14
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
58ad7ea2ca500817266dd0a83b8c4edb0739fd456664b5a2da132204a2240419
689cfc046cb7a6b6e6f85452bfe224b645ae827d50fb80498326502465327199
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6
863547e9f5235aa4208737d9d86f4d62aa4146acb258399089842f30e79627de
b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4
b3ab0ec911cf992c5351155a12e2fb12ca908bd36d658d05f2b4cf9912fd8dce
c4fa32036fdc49a0d8768a1b2d19fe55424fdd872990c66cd0346d8df40f5c92
c76eafe6f94123f31f884ca10beb217504e522eac8f0915878dd14e4433e77f1
d78dca445132754bf14e22d2dd76a8273a5c77e9a084b12e17ca76d500d3b6e3
df8b993308d555f0c43832148a3c063b842ae190c308c8e6cb117f2c2d94b071
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef35b00fa94fa0b4991c624c8bff042893b37d4e0c04f03f71533a9cd28c1953
f14e6d98ec63368a67b4e5376c57b496887eb672a5d5c56c95811a409c4ec727
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65