msft.hsprotect.net Open in urlscan Pro
2a02:26f0:480:25::1726:622b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://msft.hsprotect.net/index.html
Submission: On September 06 via manual (September 6th 2024, 7:43:01 am UTC) from SE — Scanned from SE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2a02:26f0:480:25::1726:622b, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is msft.hsprotect.net. The Cisco Umbrella rank of the primary domain is 117400.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 27th 2024. Valid for: a year.

This is the only time msft.hsprotect.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a02:26f0:480... 2a02:26f0:480:25::1726:622b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.107.199.61 34.107.199.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
8	4

3 2a02:26f0:480:25::1726:622b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

msft.hsprotect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
client.hsprotect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.199.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.199.107.34.bc.googleusercontent.com

stk.hsprotect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-pxzc5j78di.hsprotect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collector-pxzc5j78di.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	hsprotect.net msft.hsprotect.net — Cisco Umbrella Rank: 117400 client.hsprotect.net — Cisco Umbrella Rank: 118115 stk.hsprotect.net collector-pxzc5j78di.hsprotect.net — Cisco Umbrella Rank: 119858	68 KB
1	px-cloud.net collector-pxzc5j78di.px-cloud.net	1 KB
8	2

	Domain	Requested by
2	collector-pxzc5j78di.hsprotect.net	client.hsprotect.net
2	msft.hsprotect.net
1	collector-pxzc5j78di.px-cloud.net	client.hsprotect.net
1	stk.hsprotect.net	client.hsprotect.net
1	client.hsprotect.net	msft.hsprotect.net
8	5

This site contains no links.

Subject Issuer	Validity	Valid
*.hsprotect.net DigiCert TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-03-26`	a year	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2024-08-16` - `2025-09-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://msft.hsprotect.net/index.html
Frame ID: 18EAA7FDF24F26D768B8128CD257FAD0
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Human Sensor Script Iframe

Detected technologies

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

8
Requests

88 %
HTTPS

33 %
IPv6

2
Domains

5
Subdomains

4
IPs

2
Countries

69 kB
Transfer

155 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response msft.hsprotect.net/	1 KB 1 KB	358ms 219ms	Document text/html	2a02:26f0:480:25::1726:622b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://msft.hsprotect.net/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:25::1726:622b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash `3b8d3c93fd78c24f4c175c8515e4a5df79aee536af4ced58ba078ea591569eac` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Alt-Svc h3=":443"; ma=93600 Cache-Control max-age=0 Connection keep-alive Content-Encoding gzip Content-Length 687 Content-Type text/html Date Fri, 06 Sep 2024 07:42:56 GMT ETag "5dc258f6742f6d22a4cd80f50926ed70" Expires Fri, 06 Sep 2024 07:42:56 GMT Last-Modified Thu, 06 Jun 2024 12:39:48 GMT Server UploadServer Vary Accept-Encoding X-GUploader-UploadID AHxI1nN5uxXoJOTkDnQCaQq1xH4omhGsEj6jcBqEy_5--Aig8g-2N_gi_dga1D6MRoonFW-cpDQ x-amz-checksum-crc32c 5beoRw== x-goog-generation 1717677588065406 x-goog-hash crc32c=5beoRw== x-goog-metageneration 1 x-goog-storage-class STANDARD x-goog-stored-content-encoding identity x-goog-stored-content-length 1233
GET H2	200	main.min.js Show response client.hsprotect.net/PXzC5j78di/	151 KB 64 KB	197ms 55ms	Script application/javascript	2a02:26f0:480:25::1726:622b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://client.hsprotect.net/PXzC5j78di/main.min.js Requested by Host: msft.hsprotect.net URL: https://msft.hsprotect.net/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:25::1726:622b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash `f4fc5115848cb59a447d130e6516c22b16a1b64083ab786f68ee1023c2495cc7` Request headers Referer https://msft.hsprotect.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 06 Sep 2024 07:42:56 GMT content-encoding gzip last-modified Fri, 06 Sep 2024 07:37:48 GMT server UploadServer etag "d8bb41aebcc6b2da56b18e9e513d48e7" active-cdn Akamai vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers active-cdn,x-served-by,Akamai-Request-BC cache-control max-age=600 accept-ranges bytes content-length 64844 expires Fri, 06 Sep 2024 07:51:29 GMT
GET H/1.1	200 OK	ns Show response stk.hsprotect.net/	260 B 394 B	224ms 58ms	XHR text/html	34.107.199.61 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://stk.hsprotect.net/ns?c=a2007990-6c23-11ef-adc8-c9d52ac1945f Requested by Host: client.hsprotect.net URL: https://client.hsprotect.net/PXzC5j78di/main.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.107.199.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 61.199.107.34.bc.googleusercontent.com Software / Resource Hash `4a42891dbeb97f3d15275dd39a7ea634584e5cd6884147aa73c8daf31920a66f` Request headers Referer https://msft.hsprotect.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 06 Sep 2024 07:42:57 GMT Content-Length 260 Content-Type text/html
POST H2	200	msft Show response collector-pxzc5j78di.hsprotect.net/api/v2/	844 B 1 KB	171ms 85ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxzc5j78di.hsprotect.net/api/v2/msft Requested by Host: client.hsprotect.net URL: https://client.hsprotect.net/PXzC5j78di/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash `496b6a5b51dbe00abad7588f145d70eecb797bc0ce52cfe85fe0622b5aa97d71` Request headers Referer https://msft.hsprotect.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 06 Sep 2024 07:42:56 GMT via 1.1 google access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://msft.hsprotect.net access-control-allow-credentials true timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 844
GET H/1.1	404 Not Found	favicon.ico msft.hsprotect.net/	198 B 548 B	289ms 288ms	Other application/xml	2a02:26f0:480:25::1726:622b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://msft.hsprotect.net/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:25::1726:622b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash `874800ef3495a0af012aa1eee248a3a2ce891c7837f0864fe4d8883fe5438633` Request headers Referer https://msft.hsprotect.net/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Date Fri, 06 Sep 2024 07:42:57 GMT Server UploadServer X-GUploader-UploadID AD-8ljvfF5MmIefuUgn-oW1QC9e5_KcxWaI1ooNfliCd1uXoFqYUmJ3qOW0UXgAm50su6pVk6Ms Content-Type application/xml; charset=UTF-8 Cache-Control private, max-age=0 Connection keep-alive Content-Length 198 Expires Fri, 06 Sep 2024 07:42:57 GMT
POST H2	200	msft Show response collector-pxzc5j78di.hsprotect.net/api/v2/	932 B 988 B	100ms 95ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxzc5j78di.hsprotect.net/api/v2/msft Requested by Host: client.hsprotect.net URL: https://client.hsprotect.net/PXzC5j78di/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash `a5bf98749b29fa7ff921778e99192885471d8f1e4ae594c416674abf7190fd90` Request headers Referer https://msft.hsprotect.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 06 Sep 2024 07:42:57 GMT via 1.1 google access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://msft.hsprotect.net access-control-allow-credentials true timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 932
POST		msft collector-pxzc5j78di.hsprotect.net/api/v2/	0 0

POST H2	200	msft Show response collector-pxzc5j78di.px-cloud.net/api/v2/	932 B 1 KB	175ms 95ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxzc5j78di.px-cloud.net/api/v2/msft Requested by Host: client.hsprotect.net URL: https://client.hsprotect.net/PXzC5j78di/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash `d19c1a31f6a42438ea9944317919494babdd6ff336f7a9b6bc19b9a39c4c59af` Request headers Referer https://msft.hsprotect.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 06 Sep 2024 07:43:00 GMT via 1.1 google access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://msft.hsprotect.net access-control-allow-credentials true timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 932

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: collector-pxzc5j78di.hsprotect.net
URL: https://collector-pxzc5j78di.hsprotect.net/api/v2/msft

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hsprotect.net/	1969-12-31 23:59:59	Name: pxcts Value: a2192194-6c23-11ef-bb7c-49de3438e49c
.hsprotect.net/	1970-01-21 08:05:44	Name: _pxvid Value: a21913c2-6c23-11ef-bb7c-1057c666fbc1
.hsprotect.net/	1970-01-20 23:20:08	Name: _px3 Value: 19d16058eb834e0461071e664816376db7c80cd8057b03dd8c0de01d601c153c:l4YBenwYGObshEMreeagEdvkqRl7EBL/oLuHb6xuLt1RH6FOZJRY4oyvpqbI6xUK56tq8ZjMSFswEM/KblLqIg==:1000:C8JmiR8gXomcJZrau1YIv/8drAclIxevLtZK7jJaCJjXUn+mFQ0KlwA5YfLUMBD0en1YLZxvu/QzAbAVCW/cdRjS+HX5hXw2m3XkX92Gz7ze0+Fbpg5Ld7m/8shIBDc27pnTidWn6jvsDEuD0spHycrA/YHP5C9nL28Lb5JCcxK8X5wybskF4dnHsgvYSQj3SqPyZZfYnCz05JLZPhBM5FmSbVaAQ1igT0NaF25HSkI=
.hsprotect.net/	1970-01-20 23:20:08	Name: _pxde Value: 5c1cf52e85d25b57aef84c4fd8118452409f04d727c048374cd8c197b7bc5814:eyJ0aW1lc3RhbXAiOjE3MjU2MDg1Nzc5NDUsImZfa2IiOjAsImlwY19pZCI6W10sImluY19pZCI6WyJkZjkyMjkxZmM5YWUyODM1NzcyNmI4ZjhhMTY1YzVjYyJdfQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://msft.hsprotect.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
rendering	warning	URL: https://msft.hsprotect.net/index.html Message: [.WebGL-0x1af001496a00]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.hsprotect.net
collector-pxzc5j78di.hsprotect.net
collector-pxzc5j78di.px-cloud.net
msft.hsprotect.net
stk.hsprotect.net
collector-pxzc5j78di.hsprotect.net
2a02:26f0:480:25::1726:622b
34.107.199.61
35.190.10.96
3b8d3c93fd78c24f4c175c8515e4a5df79aee536af4ced58ba078ea591569eac
496b6a5b51dbe00abad7588f145d70eecb797bc0ce52cfe85fe0622b5aa97d71
4a42891dbeb97f3d15275dd39a7ea634584e5cd6884147aa73c8daf31920a66f
874800ef3495a0af012aa1eee248a3a2ce891c7837f0864fe4d8883fe5438633
a5bf98749b29fa7ff921778e99192885471d8f1e4ae594c416674abf7190fd90
d19c1a31f6a42438ea9944317919494babdd6ff336f7a9b6bc19b9a39c4c59af
f4fc5115848cb59a447d130e6516c22b16a1b64083ab786f68ee1023c2495cc7

msft.hsprotect.net Open in urlscan Pro 2a02:26f0:480:25::1726:622b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

33 %IPv6

2 Domains

5 Subdomains

4 IPs

2 Countries

69 kBTransfer

155 kBSize

4 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

4 Cookies

2 Console Messages

Indicators

msft.hsprotect.net Open in urlscan Pro
2a02:26f0:480:25::1726:622b Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

33 %
IPv6

2
Domains

5
Subdomains

4
IPs

2
Countries

69 kB
Transfer

155 kB
Size

4
Cookies

8 HTTP transactions
0 data transactions