download.windowsmicrosoft.ml

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is download.windowsmicrosoft.ml.
TLS certificate: Issued by E1 on December 4th 2022. Valid for: 3 months.

This is the only time download.windowsmicrosoft.ml was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.58.158 162.19.58.158	16276 (OVH) (OVH)
1	162.159.134.233 162.159.134.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

download.windowsmicrosoft.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.58.158 (France)

ASN16276 (OVH, FR)
PTR: ns3096590.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.134.233 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	windowsmicrosoft.ml download.windowsmicrosoft.ml	5 KB
1	discordapp.com cdn.discordapp.com — Cisco Umbrella Rank: 2290	897 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 11302	4 KB
5	3

	Domain	Requested by
3	download.windowsmicrosoft.ml	download.windowsmicrosoft.ml
1	cdn.discordapp.com	download.windowsmicrosoft.ml
1	i.ibb.co	download.windowsmicrosoft.ml
5	3

This site contains links to these domains. Also see Links.

Domain
cdn.glitch.global

Subject Issuer	Validity	Valid
*.windowsmicrosoft.ml E1	`2022-12-04` - `2023-03-04`	3 months	crt.sh
ibb.co R3	`2022-12-08` - `2023-03-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-19` - `2023-11-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://download.windowsmicrosoft.ml/
Frame ID: 8199AEF8C636D585807F2CC280C8200F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Windows 10 - Hizmet Optimizasyonu

Page Statistics

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

906 kB
Transfer

908 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cdn.glitch.global/83a91258-4423-417b-81c6-5bb69a74868b/Microsoft%20Windows%20-%20Service%20Optimizer.rar
Title: Şimdi İndir

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response download.windowsmicrosoft.ml/	4 KB 2 KB	349ms 303ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://download.windowsmicrosoft.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4561de6d4ce73fb34807a623261aea3f2e3a83b2a29b7e489e016a07f4f1e3c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 785a45fb4d919a0b-FRA content-encoding br content-type text/html; charset=utf-8 date Sat, 07 Jan 2023 05:25:32 GMT fly-request-id 01GP5B1Y8S15FPYE3CSGFWYNCN-fra last-modified Thu, 06 Oct 2022 16:01:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0oh7gVa%2FKTDaho5bTjc9VFRGnGSGh1u2TfGi8KiA%2BHYoWdGEyvB0vJRRy4sjHxYDoTw2Yu47PDrkoSJCj9nS3IxTm3tCOzZnIiA6IO3k9p%2BVi2kMcbFn8uge%2B8T%2FvTKYwIFLYFcjLgNnos2N%2FuD9KP2DjfzwzwgBW56"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 fly.io x-amz-id-2 62GnznaMH9oXLQJqgigorgpQyGKYtPGGnLSyefWGhM05XZ0zzUHuds7W+ICjnHNBCO8IkWOAQr4= x-amz-request-id BB2J2W8RQF5H6MKZ x-amz-version-id PdlJIf7Pnt_YqYOnj1xriJ64x00At3gO
GET H2	200	style.css download.windowsmicrosoft.ml/	5 KB 2 KB	209ms 209ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://download.windowsmicrosoft.ml/style.css Requested by Host: download.windowsmicrosoft.ml URL: https://download.windowsmicrosoft.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6d338a70516e336938a97ac7ea126a3fa2a60a00ea85a1ea3dddf397c6928094` Request headers accept-language nl-NL,nl;q=0.9 Referer https://download.windowsmicrosoft.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 07 Jan 2023 05:25:32 GMT x-amz-version-id h2VCTTaIdgNhgho5yuCqCc4sXcenoTz5 via 1.1 fly.io cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 8RXXSZNWESBJ2VHV content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 XNpRsRnkqwJ8QD871NE2mRt7gx1HW38Nl55GZSnj6t0ky4aDze2yIh6p+NaaA3CyD+6zaIPseBs= fly-request-id 01GP503THW7M1824KDQ73FD0XW-fra last-modified Thu, 06 Oct 2022 16:01:42 GMT server cloudflare etag W/"4d7f38ac0689743d84a78b8e042c6eb9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjKt5CYas6h1xwIqtBQYycpSjkF9tIGmM4z6V2geV2TPlqi9L9QPDdu9PQwYiLrT%2BNMjENAW0ostR9LhgVA2EPLJrQR6rYiMS476JUv5dlgeWQg54R5W5pl%2B30lhsePpvMwRgwmFmM8iHQWKsb%2ByHYFx4qBc6gl1j1Df"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 cf-ray 785a45fd3fb59a0b-FRA
GET H2	200	script.js Show response download.windowsmicrosoft.ml/	131 B 583 B	290ms 290ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://download.windowsmicrosoft.ml/script.js Requested by Host: download.windowsmicrosoft.ml URL: https://download.windowsmicrosoft.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d6416bbf14a09aed48a6c642c5ed915dae3a3b675e7579cdfd8f08d27c4bd6ad` Request headers accept-language nl-NL,nl;q=0.9 Referer https://download.windowsmicrosoft.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 07 Jan 2023 05:25:32 GMT x-amz-version-id LVG1IeGL90g1RiVZdT2CWkOVGQVOKQQQ via 1.1 fly.io cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 8RXT4836MZASTZDY content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 vcn5+C5wayViREgUZm8Ez5HmlLgaO+mA8v0n/lSCvSHcES6qLpHEUAmzFUJpBRH7VBZKq8ZOgug= fly-request-id 01GP503THXEQB8WDBDTF0W1434-fra last-modified Thu, 06 Oct 2022 16:01:42 GMT server cloudflare etag W/"1c2b933d1620eaae37dfd601b176109f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emwCwXqi8LgPeQoVYumc86fXHbl8%2FKY2AZ3Y8AxjrpYzpRDVzz%2F5A0cVYuWOK6y%2FfOZBe5yghdNky5WXK6zY8Rb1cb366us2Q7ZAuTZ2Mt6qbBX5iX%2FzRVKPbvU90F52Tt6TYStxOBIqoS6dd9uORrOyVVAeTuUIUfBU"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 785a45fd3fb89a0b-FRA
GET H2	200	logo.png i.ibb.co/wwLhz98/	4 KB 4 KB	162ms 18ms	Image image/png	162.19.58.158 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/wwLhz98/logo.png Requested by Host: download.windowsmicrosoft.ml URL: https://download.windowsmicrosoft.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.158 , France, ASN16276 (OVH, FR), Reverse DNS ns3096590.ip-162-19-58.eu Software nginx / Resource Hash `112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960` Request headers accept-language nl-NL,nl;q=0.9 Referer https://download.windowsmicrosoft.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 07 Jan 2023 05:25:32 GMT last-modified Tue, 11 Feb 2020 15:49:27 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 4054 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	Baslksz46_20221006151053.png cdn.discordapp.com/attachments/840300112205840404/1027554142840963082/	895 KB 897 KB	89ms 40ms	Image image/png	162.159.134.233 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.discordapp.com/attachments/840300112205840404/1027554142840963082/Baslksz46_20221006151053.png Requested by Host: download.windowsmicrosoft.ml URL: https://download.windowsmicrosoft.ml/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `34e70f56e2617b7e43dc94b2075ffef1cdf994dbcb1f178b08610647aa23a0c3` Request headers accept-language nl-NL,nl;q=0.9 Referer https://download.windowsmicrosoft.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 07 Jan 2023 05:25:32 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 14634 x-guploader-uploadid ADPycds7-ugz-HCI_RRQCt8fHfJ5clnzc91xcAaakNpyxqBInB78cfaLRvpg1d6CeCT77hJgzU828xfmMARg17HW_EKJ1HaI4qat x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 916481 last-modified Thu, 06 Oct 2022 12:13:18 GMT server cloudflare etag "1233b61dccb707112f2219a3c775b86f" vary Accept-Encoding x-goog-generation 1665058398761372 content-type image/png x-goog-hash crc32c=h0XrGg==, md5=EjO2Hcy3BxEvIhmjx3W4bw== cache-control public, max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdABJDk%2FqBb4M8vDxIZijlYSvg1h%2FuABy7HMmT3P8v9Jul0u7Htr0YmXYvJSGKEcAa0ZcyadR2%2BkC3pjTMidK2c3YbMAgwHy9Lx0dJ2ETsJ1lylZS9gof3E1tTFeHAX1EsTfVw%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 916481 accept-ranges bytes cf-ray 785a45fed8952c32-FRA x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp expires Sun, 07 Jan 2024 05:25:32 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.discordapp.com/	1970-01-20 08:44:30	Name: __cf_bm Value: 8lggJYDZ..JKhSgcAI_FPLKQArLjCP9afqfdQ8zW66U-1673069132-0-AfKYv2j1pbTrlRvRlbAAVmyfxYGSqLTRxj71cKyjv8XyIZjhuoq0hJXARwnbcAL9m3v2WP0At7gBKJqm2o6HAaw=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.discordapp.com
download.windowsmicrosoft.ml
i.ibb.co
162.159.134.233
162.19.58.158
2a06:98c1:3120::3
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
34e70f56e2617b7e43dc94b2075ffef1cdf994dbcb1f178b08610647aa23a0c3
6d338a70516e336938a97ac7ea126a3fa2a60a00ea85a1ea3dddf397c6928094
d4561de6d4ce73fb34807a623261aea3f2e3a83b2a29b7e489e016a07f4f1e3c
d6416bbf14a09aed48a6c642c5ed915dae3a3b675e7579cdfd8f08d27c4bd6ad

download.windowsmicrosoft.ml Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

906 kBTransfer

908 kBSize

1 Cookies

1 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Indicators

download.windowsmicrosoft.ml Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

906 kB
Transfer

908 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions