rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net Open in urlscan Pro
20.60.220.228  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/	213 KB 213 KB	697ms 111ms	Document text/html	20.60.220.228 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash a6a6d2cb29e98dc11f02be55de9aded3274884e0d9832add10916b348f2cc992 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Content-Length 217749 Content-MD5 JDQS4ORxjzq8eenD5O+YBw== Content-Type text/html Date Wed, 28 Aug 2024 20:50:10 GMT ETag "0x8DCC793C1AD2E51" Last-Modified Wed, 28 Aug 2024 19:01:00 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id 74099a25-e01e-007f-488b-f90526000000 x-ms-version 2018-03-28
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/	216 KB 33 KB	127ms 18ms	Stylesheet text/css	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Origin https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 28 Aug 2024 20:50:10 GMT x-content-type-options nosniff content-encoding br age 1959658 x-jsd-version 5.3.0-alpha1 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 33467 x-served-by cache-fra-etou8220034-FRA x-jsd-version-type version etag W/"35e6c-cZlWqlLbTIr9xcDPs8verWJYuKY" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/	82 KB 27 KB	122ms 29ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 612521 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 26660 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-14983" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUSpipkmXn4Jb%2F2HM5HC9r1SOijChMKjia0lfbxVtZOUz%2FiALJqUgdRylF9GuYYWZg0Dj9V74OtYRT6I6lbV0DXIOjRfEQUWD5R9RDzMRu8B%2BkfMN8cZ6rpXfIrKwFY%2BLiSIGsxd"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8ba72c0e8a2f190f-FRA expires Mon, 18 Aug 2025 20:50:10 GMT
GET H3	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/	59 KB 17 KB	268ms 160ms	Script application/javascript	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Origin https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:10 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 1070 strict-transport-security max-age=31536000; includeSubDomains; preload cdn-cachedat 03/18/2024 12:05:28 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:11 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"02d223393e00c273efdcb1ade8f4f8b1" vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid b7ed78fe0763b5d571e6b59cbfddead7 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8ba72c0eabb5d345-FRA cdn-requestpullsuccess True
GET H3	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/	27 KB 7 KB	121ms 31ms	Stylesheet text/css	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:10 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 1047 strict-transport-security max-age=31536000; includeSubDomains; preload age 14520547 cdn-cachedat 10/31/2023 18:58:32 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:54 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"4fbd15cb6047af93373f4f895639c8bf" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 9bd489b3b47817325036093612d128df timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 8ba72c0e893a9a23-FRA cdn-requestpullsuccess True
GET H2	200	js Show response www.googletagmanager.com/gtag/	309 KB 102 KB	254ms 35ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-F9ZFHN0DV3 Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4549db4d10496e4b4aeb1b2821555db522887338525ecd7c35822217f30d7c54 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 104535 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 28 Aug 2024 20:50:10 GMT
GET H2	200	st.jpeg nerdinthebrain.com/sin/gluco/	1 KB 1 KB	697ms 486ms	Image image/webp	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://nerdinthebrain.com/sin/gluco/st.jpeg Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash 1bf2d147ce393f4dd577d7ce2f03ab5cc1005b84870b567002646977bbcdbb32 Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:10 GMT x-hcdn-cache-status MISS server hcdn x-hcdn-request-id 9333d2948c9e4d7456eea5938ad3305b-srv-edge3 content-type image/webp cache-control public, max-age=604800 x-hcdn-image-optimizer f:webp q:85 w:1600 x-hcdn-upstream-rt 0.427 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 1178
GET		kxFy-clip.png nerdinthebrain.com/sin/gluco/	0 0
GET		qsbs-firewall.png nerdinthebrain.com/sin/gluco/	0 0
GET		s-S4-acc.png nerdinthebrain.com/sin/gluco/	0 0
GET		Z5BR-network.png nerdinthebrain.com/sin/gluco/	0 0
GET		uZbx-si.png nerdinthebrain.com/sin/gluco/	0 0
GET H2	200	guard.png nerdinthebrain.com/sin/gluco/	620 B 871 B	475ms 456ms	Image image/webp	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://nerdinthebrain.com/sin/gluco/guard.png Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash 87e1e97f8193d0c91c59f17dd99254819b70b31f606f7708553a2bb5c39c56e6 Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:10 GMT x-hcdn-cache-status MISS server hcdn x-hcdn-request-id 091ea7671e46c01f54e2d8eab1b2067e-srv-edge3 content-type image/webp cache-control public, max-age=604800 x-hcdn-image-optimizer f:webp q:85 w:1600 x-hcdn-upstream-rt 0.432 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 620
GET H2	200	time.png nerdinthebrain.com/sin/gluco/	620 B 871 B	474ms 455ms	Image image/webp	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://nerdinthebrain.com/sin/gluco/time.png Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash 64717fb39bb1e506645bf1dcfaed16410737e89c5b8b102a6436bea0c2b18722 Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:10 GMT x-hcdn-cache-status MISS server hcdn x-hcdn-request-id 0b1d048ca31d910e18c21ed44d2a7f7a-srv-edge3 content-type image/webp cache-control public, max-age=604800 x-hcdn-image-optimizer f:webp q:85 w:1600 x-hcdn-upstream-rt 0.424 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 620
GET H2	200	set.png nerdinthebrain.com/sin/gluco/	694 B 945 B	516ms 498ms	Image image/webp	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://nerdinthebrain.com/sin/gluco/set.png Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash 38966ad4737cccc1ba6d65402250dcc6a0ac3a742dafff6ba5d13455265f0c38 Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:11 GMT x-hcdn-cache-status MISS server hcdn x-hcdn-request-id 186a8d8fc76039cc7d97ccc06da51ea6-srv-edge3 content-type image/webp cache-control public, max-age=604800 x-hcdn-image-optimizer f:webp q:85 w:1600 x-hcdn-upstream-rt 0.436 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 694
GET H2	200	taiyo.png nerdinthebrain.com/sin/gluco/	3 KB 3 KB	474ms 456ms	Image image/webp	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://nerdinthebrain.com/sin/gluco/taiyo.png Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash 2857f63364af66a66a12d15d4bf9f536769f489e9080d7a0514b313a771fb161 Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:10 GMT x-hcdn-cache-status MISS server hcdn x-hcdn-request-id bdb511efde72c76b0c732d6ea287ed05-srv-edge3 content-type image/webp cache-control public, max-age=604800 x-hcdn-image-optimizer f:webp q:85 w:1600 x-hcdn-upstream-rt 0.424 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 2680
GET H2	200	al.png nerdinthebrain.com/sin/gluco/	2 KB 2 KB	473ms 455ms	Image image/webp	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://nerdinthebrain.com/sin/gluco/al.png Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash f674866044b3bb79ef21edd3ecd89bb0eb849ee2f1439d0ce7e6fc3d5cd9d626 Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:10 GMT x-hcdn-cache-status MISS server hcdn x-hcdn-request-id 9d2909e4210c98c07a91e427acb83ee0-srv-edge3 content-type image/webp cache-control public, max-age=604800 x-hcdn-image-optimizer f:webp q:85 w:1600 x-hcdn-upstream-rt 0.429 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 1622
GET H2	200	dplt_n.png nerdinthebrain.com/sin/gluco/	88 KB 88 KB	1383ms 1367ms	Image image/webp	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://nerdinthebrain.com/sin/gluco/dplt_n.png Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash ebf0674ce9dbac3587282b46bbfd7ce4340273ef6f02f5240ed2d1087a9700b2 Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:11 GMT x-hcdn-cache-status MISS server hcdn x-hcdn-request-id 17e03a16646cee7d03ead8b2edce4270-srv-edge3 content-type image/webp cache-control public, max-age=604800 x-hcdn-image-optimizer f:webp q:85 w:1600 x-hcdn-upstream-rt 1.353 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 89718
GET H2	200	bun.jpeg nerdinthebrain.com/sin/gluco/	2 KB 2 KB	513ms 498ms	Image image/webp	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://nerdinthebrain.com/sin/gluco/bun.jpeg Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash 2487850348dd29c6f7e190529a27dc1ea67a0085eac7a26f6837fe0012ce052e Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:11 GMT x-hcdn-cache-status MISS server hcdn x-hcdn-request-id 958239dd94de3b97a5b4c6f963f3835c-srv-edge3 content-type image/webp cache-control public, max-age=604800 x-hcdn-image-optimizer f:webp q:85 w:1600 x-hcdn-upstream-rt 0.434 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 2106
GET H2	200	ag.png nerdinthebrain.com/sin/gluco/	542 B 793 B	512ms 490ms	Image image/webp	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://nerdinthebrain.com/sin/gluco/ag.png Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash 9d5c5fd7edfe78091f468edaeee3fc8e0ac021e6099c96e7a833b4fee1502433 Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:11 GMT x-hcdn-cache-status MISS server hcdn x-hcdn-request-id f8e7e751ad83e391cf6976ef62efd4f9-srv-edge3 content-type image/webp cache-control public, max-age=604800 x-hcdn-image-optimizer f:webp q:85 w:1600 x-hcdn-upstream-rt 0.435 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 542
GET H2	200	rub_m.png nerdinthebrain.com/sin/gluco/	9 KB 9 KB	713ms 691ms	Image image/webp	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://nerdinthebrain.com/sin/gluco/rub_m.png Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash 8f2acb7a211912e9312a0653a37f40de2ba9d817baf4d0e051b872c8a1e41abc Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:11 GMT x-hcdn-cache-status MISS server hcdn x-hcdn-request-id 8b8e08d64512fde5767276eec5238bd3-srv-edge3 content-type image/webp cache-control public, max-age=604800 x-hcdn-image-optimizer f:webp q:85 w:1600 x-hcdn-upstream-rt 0.582 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 8716
GET H2	200	contactus support.microsoft.com/ Frame E0D2	0 0	403ms 167ms	Document text/html	2a02:26f0:ab00:3bf::f03 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://support.microsoft.com/contactus Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:ab00:3bf::f03 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / ASP.NET Resource Hash Security Headers Name Value Strict-Transport-Security max-age=86400 ; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-expose-headers X-Ems-Correlationid,X-Ems-SessionId cache-control max-age=0, no-cache, no-store content-encoding gzip content-length 31786 content-type text/html; charset=utf-8 date Wed, 28 Aug 2024 20:50:10 GMT expires Wed, 28 Aug 2024 20:50:10 GMT pragma no-cache request-context appId=cid-v1:88d1df04-7c5c-4bfe-913f-bf83b3b4fb0a strict-transport-security max-age=86400 ; includeSubDomains vary Accept-Encoding x-azure-ref 20240828T205010Z-r1bf48c95479qbr43unsb0p4z4000000059g00000000renh x-content-type-options nosniff x-ems-correlationid 3ae57712-0395-452e-940c-b7680d1d46f3 x-ems-envname emerald-prod-ne x-ems-instname PD1SDWK000J9I x-ems-sessionid 3ae57712-0395-452e-940c-b7680d1d46f3 x-powered-by ASP.NET x-processing-time-from-csp 59ms
GET H2	206	big.mp3 nerdinthebrain.com/sin/gluco/	196 KB 197 KB	683ms 681ms	Media audio/mpeg	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://nerdinthebrain.com/sin/gluco/big.mp3 Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Range bytes=0- Response headers date Wed, 28 Aug 2024 20:50:11 GMT content-security-policy upgrade-insecure-requests x-hcdn-cache-status MISS last-modified Mon, 26 Aug 2024 08:40:36 GMT server hcdn etag "31080-66cc3f84-125569fabf7b91dc;;;" x-hcdn-request-id 47a51a301d6b94ea3059bfb60909470b-srv-edge3 content-type audio/mpeg Content-Range bytes 0-200831/200832 x-turbo-charged-by LiteSpeed x-hcdn-upstream-rt 0.430 platform hostinger alt-svc h3=":443"; ma=86400 Content-Length 200832
GET H2	206	sup.mp3 nerdinthebrain.com/sin/gluco/	8 KB 9 KB	489ms 482ms	Media audio/mpeg	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://nerdinthebrain.com/sin/gluco/sup.mp3 Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Range bytes=0- Response headers date Wed, 28 Aug 2024 20:50:11 GMT content-security-policy upgrade-insecure-requests x-hcdn-cache-status MISS last-modified Mon, 26 Aug 2024 08:40:36 GMT server hcdn etag "20d5-66cc3f84-301a7100110a4c41;;;" x-hcdn-request-id ef6fadefd8a6d9c546dd797a2944e330-srv-edge3 content-type audio/mpeg Content-Range bytes 0-8404/8405 x-turbo-charged-by LiteSpeed x-hcdn-upstream-rt 0.434 platform hostinger alt-svc h3=":443"; ma=86400 Content-Length 8405
GET H/1.1	404 The requested content does not exist.	stars2.html rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/images/	321 B 321 B	113ms 108ms	Image text/html	20.60.220.228 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/images/stars2.html Requested by Host: rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.60.220.228 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 3e072f7c39a592015b6afc4c65f1412eac83e6713519f177025c0567d48fde5a Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers x-ms-request-id 74099df0-e01e-007f-748b-f90526000000 Date Wed, 28 Aug 2024 20:50:10 GMT x-ms-version 2018-03-28 Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-error-code WebContentNotFound Content-Length 321 Content-Type text/html
POST H2	204	collect region1.google-analytics.com/g/	0 0	162ms 52ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-F9ZFHN0DV3&gtm=45je48r0v9182508741za200&_p=1724878210541&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1448942388.1724878211&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724878211&sct=1&seg=0&dl=https%3A%2F%2Frzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net%2F&dt=Microsoft%20Support%20Final%20Warning&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1645 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-F9ZFHN0DV3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Wed, 28 Aug 2024 20:50:11 GMT server Golfe2 content-type text/plain access-control-allow-origin https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ag.png nerdinthebrain.com/sin/gluco/	542 B 0	0ms 0ms	Other image/webp	2a02:4780:32:f3a2:17a3:2370:a458:16e7 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://nerdinthebrain.com/sin/gluco/ag.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:32:f3a2:17a3:2370:a458:16e7 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software hcdn / Resource Hash 9d5c5fd7edfe78091f468edaeee3fc8e0ac021e6099c96e7a833b4fee1502433 Request headers Referer https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:11 GMT x-hcdn-cache-status MISS server hcdn x-hcdn-request-id f8e7e751ad83e391cf6976ef62efd4f9-srv-edge3 content-type image/webp cache-control public, max-age=604800 x-hcdn-image-optimizer f:webp q:85 w:1600 x-hcdn-upstream-rt 0.435 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 542
GET H3	200	fontawesome-webfont.woff2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/	65 KB 66 KB	46ms 28ms	Font font/woff2	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 Requested by Host: maxcdn.bootstrapcdn.com URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css Origin https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Wed, 28 Aug 2024 20:50:15 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 723 age 6505 cdn-cachedat 10/31/2023 18:48:08 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 66624 last-modified Mon, 25 Jan 2021 22:04:54 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag "db812d8a70a4e88e888744c1c9a27e89" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid d9d54de7c7c7ae0f875c2a1061747a99 accept-ranges bytes timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 8ba72c3148c31da4-FRA cdn-requestpullsuccess True

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

nerdinthebrain.com

URL

https://nerdinthebrain.com/sin/gluco/kxFy-clip.png

Domain

nerdinthebrain.com

URL

https://nerdinthebrain.com/sin/gluco/qsbs-firewall.png

Domain

nerdinthebrain.com

URL

https://nerdinthebrain.com/sin/gluco/s-S4-acc.png

Domain

nerdinthebrain.com

URL

https://nerdinthebrain.com/sin/gluco/Z5BR-network.png

Domain

nerdinthebrain.com

URL

https://nerdinthebrain.com/sin/gluco/uZbx-si.png

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| bootstrap function| gtag object| dataLayer object| elem function| openFullscreen function| closeFullscreen function| getVariableFromURl function| startScan function| playSound object| date string| current_date string| current_time string| date_time function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| FlipDown function| pad function| appendChildren function| getParameterByName function| finalCountdown function| exitModal number| _now object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.windows.net/	1970-01-21 08:43:58	Name: _ga_F9ZFHN0DV3 Value: GS1.1.1724878211.1.0.1724878211.0.0.0
			.windows.net/	1970-01-21 08:43:58	Name: _ga Value: GA1.1.1448942388.1724878211
			support.microsoft.com/	1970-01-20 23:07:59	Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8IKOsuL6JMpArHCK0p_qbNGEHRRUxgIn5c1MrziX-803FrA98DB7Zpfa7-Gj2mLWcapocGSoDfleSC6B4-Bi-D5v1Zg1el8i-0XXcc2yUYh8F_IMqB0nvNO11KjmgShbevdsAOiVupt0K63GKKRLPboGbEcDNRbT3YfxmqUDE01MlEXWMQf55mWN_4YGDxwS6hk4jn1287a8TTviggMYbWwsQ4zybm3CutYPLbQmN8vh3y-2fSCONz0a_HhzP9GD9pepNY58pUdSk8zhXqGZLzQ Value: N
			support.microsoft.com/	1970-01-21 07:53:34	Name: ai_user Value: eIO7NfNAOrdvbrXrY1xDjV|2024-08-28T20:50:12.244Z
			login.microsoftonline.com/	1970-01-20 23:51:10	Name: buid Value: 0.ARoAMe_N-B6jSkuT5F9XHpElWmKcklne7TpBswilBX89HLUBAAA.AQABGgEAAAApTwJmzXqdR4BN2miheQMY3tO6B-zkl_qIO_bf8EOLVRqBrk9LswJH8TnKFVEOLyxRgVdgGNQf0glCUb-_b6C4U2VhJ1yQt_33N4gG_QtEAyltEkuQ3AgL7cjaPcxymzogAA
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAAApTwJmzXqdR4BN2miheQMY1rCC1S9-6Ptp3TUhawdu7b4JRpyfqPN5EQ1rwKMmIIAogdloKhDfV8P1sG4n50nzoJaGG74ze8--BwTv3wke5OmS7zf480OCz0of8A40R_ZmRcS7vxslABUlzvuqtNkHhbthoBD7_fdo9Jdm6ku-pwawr5M72dPQ4nIAOg_fVRIgAA
			.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-TBdOijlhxJ8 Value: AQABCQEAAAApTwJmzXqdR4BN2miheQMYammiPPLQIyiDj-t3XcWVd8-HYqm8LuXYEkQ_tx6L-f_zghfRe_q70FLS8Q7_mB-JwQzO8z8zAJJssgBpXHuOS73VDm76Oh3MKFsyuu4GLsDBbE4UxSYgU1AjAdvru8BBGq45C5ewEV4tqLXDwlywkyAA
			login.microsoftonline.com/	1970-01-20 23:51:10	Name: fpc Value: AhAeWf1DSCdEgnEnMKuYarmOO6eBAQAAAIOEYd4OAAAA
			login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
			login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
			support.microsoft.com/	1970-01-21 07:53:34	Name: MicrosoftApplicationsTelemetryDeviceId Value: e490d48b-270f-4344-87a2-ded6c0ea5b39
			.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 74d698517a994726a194a2a7450f04b4
			.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1724878212&co=1
			.support.microsoft.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 23d7764dc2b657e1be32f59a313e5b0f1e5effe4d8f20b09bfb6fac3e079170d
			.microsoft.com/	1970-01-21 08:29:34	Name: MUID Value: 05191465A5366EB31D28008CA1366850
			.bing.com/	1970-01-21 08:29:34	Name: MUID Value: 05191465A5366EB31D28008CA1366850
			.c.bing.com/	1970-01-20 23:18:03	Name: MR Value: 0
			.c.bing.com/	1970-01-21 08:29:34	Name: SRM_B Value: 05191465A5366EB31D28008CA1366850
			.c.bing.com/	1970-01-21 08:29:34	Name: SRM_I Value: 05191465A5366EB31D28008CA1366850
			.c1.microsoft.com/	1969-12-31 23:59:59	Name: SM Value: C
			.c1.microsoft.com/	1970-01-21 08:29:34	Name: SRM_I Value: 05191465A5366EB31D28008CA1366850
			.c1.microsoft.com/	1970-01-20 23:18:03	Name: MR Value: 0
			.c1.microsoft.com/	1970-01-20 23:07:58	Name: ANONCHK Value: 0
			support.microsoft.com/	1970-01-20 23:08:00	Name: ai_session Value: t8CSg2FF96gsH91KqKCSaG|1724878212319|1724878214697

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net/images/stars2.html Message: Failed to load resource: the server responded with a status of 404 (The requested content does not exist.)
security	error	Message: Refused to frame 'https://mem.gfx.ms/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://support.microsoft.com".
security	error	Message: Refused to frame 'https://mem.gfx.ms/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://support.microsoft.com".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
maxcdn.bootstrapcdn.com
nerdinthebrain.com
region1.google-analytics.com
rzijs6cg2940bk7qe51zm8u.z13.web.core.windows.net
stackpath.bootstrapcdn.com
support.microsoft.com
www.googletagmanager.com
nerdinthebrain.com
104.17.25.14
104.18.10.207
20.60.220.228
2001:4860:4802:32::36
2a00:1450:4001:810::2008
2a02:26f0:ab00:3bf::f03
2a02:4780:32:f3a2:17a3:2370:a458:16e7
2a04:4e42:400::485
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
1bf2d147ce393f4dd577d7ce2f03ab5cc1005b84870b567002646977bbcdbb32
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2487850348dd29c6f7e190529a27dc1ea67a0085eac7a26f6837fe0012ce052e
2857f63364af66a66a12d15d4bf9f536769f489e9080d7a0514b313a771fb161
38966ad4737cccc1ba6d65402250dcc6a0ac3a742dafff6ba5d13455265f0c38
3e072f7c39a592015b6afc4c65f1412eac83e6713519f177025c0567d48fde5a
4549db4d10496e4b4aeb1b2821555db522887338525ecd7c35822217f30d7c54
64717fb39bb1e506645bf1dcfaed16410737e89c5b8b102a6436bea0c2b18722
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
87e1e97f8193d0c91c59f17dd99254819b70b31f606f7708553a2bb5c39c56e6
8f2acb7a211912e9312a0653a37f40de2ba9d817baf4d0e051b872c8a1e41abc
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
9d5c5fd7edfe78091f468edaeee3fc8e0ac021e6099c96e7a833b4fee1502433
a6a6d2cb29e98dc11f02be55de9aded3274884e0d9832add10916b348f2cc992
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
ebf0674ce9dbac3587282b46bbfd7ce4340273ef6f02f5240ed2d1087a9700b2
f674866044b3bb79ef21edd3ecd89bb0eb849ee2f1439d0ce7e6fc3d5cd9d626
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995