urlscan.io logo urlscan.io
SecurityTrails logo

microsofticais.com Open in urlscan Pro
2606:4700:3030::ac43:cdce  Public Scan

Go To Rescan Add Verdict Report
URL: https://microsofticais.com/
Submission: On July 31 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3030::ac43:cdce, located in United States and belongs to CLOUDFLARENET, US. The main domain is microsofticais.com.
TLS certificate: Issued by GTS CA 1P5 on July 31st 2023. Valid for: 3 months.
This is the only time microsofticais.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 4
Apex Domain
Subdomains		 Transfer
5 hell-leads.win
hell-leads.win
69 KB
1 gstatic.com
fonts.gstatic.com
689 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
2 KB
1 microsofticais.com
microsofticais.com
2 KB
8 4
Domain Requested by
5 hell-leads.win microsofticais.com
hell-leads.win
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com hell-leads.win
1 microsofticais.com
8 4

This site contains no links.

Subject Issuer Validity Valid
microsofticais.com
GTS CA 1P5		 2023-07-31 -
2023-10-29		 3 months crt.sh
hell-leads.win
GTS CA 1P5		 2023-07-12 -
2023-10-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://microsofticais.com/
Frame ID: 0B95E89DC48A1173C0A855A8EA113040
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Offer

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

763 kB
Transfer

933 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
microsofticais.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsofticais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cdce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea7a952d3fa01f22f0c785185ac091f63d5195b5add6a07498db7e1866d102a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ef5a5a1db2468ec-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 31 Jul 2023 11:54:30 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upPtkwWnhOaBVAC6yFdj6ftRN%2FV8DJw8MO2vx1wp9sGfaHFRSZCc1YUgf8vkVl0pcDAj7HE3eEFtl7X2aOarTvCcP%2FrBsdy1KwlHRCKSGBcuxILFgozjPzyXjPAXWm0StCl1%2BHHMaRXdpQVn0%2Fa4bIQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
valid.css
hell-leads.win/validation/ 		2 KB
928 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hell-leads.win/validation/valid.css
Requested by
Host: microsofticais.com
URL: https://microsofticais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c6686d1fd249792aaff42267e52bfc8a6fdc73d0066df0b4b2656f0b6ba4f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsofticais.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 11:54:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Apr 2023 08:24:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1970
etag
W/"6437bc41-639"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BKn7JTVcpcdTtFQqbz07G4%2F3ZzzGOn27WtrZvgsO9bP0MlFvKrWtqfh144TLIUpKpXeoBcZhz4gXAKZnMhjeeLwIoY5JjRn3p%2BOB5UhdIR9tftxMpGcv7qmIdJqUJHUj9Ijp%2FYLU2yUn4Zzkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7ef5a5a2fbba68fd-FRA
alt-svc
h3=":443"; ma=86400
valid.js
hell-leads.win/validation/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hell-leads.win/validation/valid.js
Requested by
Host: microsofticais.com
URL: https://microsofticais.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549878fc0f529c0cf60a86665a49107bb30c4b0f78c4ba6ddf97cebbfaa0303f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsofticais.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 11:54:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 31 May 2023 15:11:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5530
etag
W/"647763a7-498f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhkNYuWeS%2BH6mFs2FWPkAAd1SstQ4npbFcsOVNkaW7dou8fy%2Bj2Tx74GEeT5pXQpmSuTzAzdhhGSw7ktrev7k%2FVdyCjPS4eQyUCZ7DZHBQMwrqXk7%2BuNh8lvnHzC5uCPobs1S2FGQw2X2P8WGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7ef5a5a2fbbb68fd-FRA
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Color+Emoji&display=swap
Requested by
Host: hell-leads.win
URL: https://hell-leads.win/validation/valid.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d57499b4f4bb05c6417b948379919afaf514dee36dde70f7f3cbb663bb1263c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hell-leads.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 31 Jul 2023 11:54:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 10:29:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jul 2023 11:54:30 GMT
/
hell-leads.win/ip/ 		983 B
883 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hell-leads.win/ip/
Requested by
Host: hell-leads.win
URL: https://hell-leads.win/validation/valid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.8
Resource Hash
1a14ed8e046a65b1e671927d0bc3f7e3a8d6ba403ebb065c6a13ac1abdfd4cc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsofticais.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 11:54:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLHp8kf5OjBfkKnP5Wi93QkcDMJTMZlt5NBihkVK17nJtXldjEMHjh2wxJwON4cGTA3Tr6P1YocTPJB%2FgEOS2xV5VXTSfz3oJRNLkD9MsrdL4z6HBEiqsKSR1i9Y3n3HJejcHITEPalpL04jRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf8
access-control-allow-origin
*
cf-ray
7ef5a5a4482f9b86-FRA
alt-svc
h3=":443"; ma=86400
libphonenumber-max.js
hell-leads.win/validation/ 		207 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hell-leads.win/validation/libphonenumber-max.js
Requested by
Host: hell-leads.win
URL: https://hell-leads.win/validation/valid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b2638a8273dc5ba4dc5f94d58d679fcbc2f70f3cf830f11a32ef03dd7c158e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsofticais.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 11:54:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Apr 2023 10:53:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1969
etag
W/"6437df2f-33dcb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXkDSDJNify0bLtWy%2F4aJalP29K8rkAihdBNEfjtHBgC1ZyKhDZJ%2BrLC%2Bbl%2FcfBLqx3mnIRhUetxffddXvlCitk2Ldi1q9Op9j4%2BnijK4v%2B6OqmNgp8gSX1O4G51ea5qEU4cLRqQaEg6ssQ00g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-ray
7ef5a5a58eca68fd-FRA
alt-svc
h3=":443"; ma=86400
examples.mobile.json
hell-leads.win/validation/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hell-leads.win/validation/examples.mobile.json
Requested by
Host: hell-leads.win
URL: https://hell-leads.win/validation/valid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca48a3df1d55d0a16dbccc7c1ed89ac4a604a1fbb5825db8ee1947798b74a8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsofticais.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 11:54:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 13 Apr 2023 10:51:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6437de9c-fdd"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xodpXHYBjfM%2BZkCVu4YfpkuA2ZygmrJpE41sKYPd1M0wW6uoHgj3ggBA0AkIYI1bplE6qR%2FCukE4NAMFV7CAjqhXKIpWB6tAdqRClE5z%2FCGRdDE5Z3sZt1R0wj%2B1yE6qGqDvciO4juDV%2Fgl%2B6A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json
cf-ray
7ef5a5a5fa1f91d2-FRA
alt-svc
h3=":443"; ma=86400
Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.0.woff2
fonts.gstatic.com/s/notocoloremoji/v25/ 		688 KB
689 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notocoloremoji/v25/Yq6P-KqIXTD0t4D9z1ESnKM3-HpFabsE4tq3luCC7p-aXxcn.0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Color+Emoji&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3046f8882510b58453a1b2fc5c296a46834b39daff4854c9115a387cf8d40114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://microsofticais.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 21:40:41 GMT
x-content-type-options
nosniff
age
137630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
704380
x-xss-protection
0
last-modified
Tue, 30 May 2023 20:53:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 21:40:41 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| setCC function| openCodeSelect undefined| gtag object| libphonenumber

3 Cookies

Domain/Path Name / Value
microsofticais.com/ Name: _subid
Value: mlu3c011ep2
microsofticais.com/ Name: c8c12
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM0NjZcIjoxNjkwODA0NDcwfSxcImNhbXBhaWduc1wiOntcIjEwNTlcIjoxNjkwODA0NDcwfSxcInRpbWVcIjoxNjkwODA0NDcwfSJ9.FhbhxQPFbQyq4K4UFTL28_bF-DziZcxUiupioOFs00s
microsofticais.com/ Name: _token
Value: uuid_mlu3c011ep2_mlu3c011ep264c7a0f61c5f60.14098214