microsoft-defender.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2cc4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://microsoft-defender.pages.dev/
Submission: On May 02 via automatic, source certstream-suspicious (May 2nd 2024, 8:37:43 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 14 HTTP transactions. The main IP is 2606:4700:310c::ac42:2cc4, located in United States and belongs to CLOUDFLARENET, US. The main domain is microsoft-defender.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on May 2nd 2024. Valid for: 3 months.

This is the only time microsoft-defender.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:310... 2606:4700:310c::ac42:2cc4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:264... 2600:9000:2644:b000:18:c518:7440:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2400:52e0:1e0... 2400:52e0:1e00::860:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.96.124.68 23.96.124.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	8

1 2606:4700:310c::ac42:2cc4 (United States)

ASN13335 (CLOUDFLARENET, US)

microsoft-defender.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2644:b000:18:c518:7440:21 (United States)

ASN16509 (AMAZON-02, US)

dvzvtsvyecfyp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::860:1 (Germany)

ASN200325 (BUNNYCDN, SI)

unicorn-cdn.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.96.124.68 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 c.clarity.ms — Cisco Umbrella Rank: 1385 s.clarity.ms	28 KB
3	b-cdn.net unicorn-cdn.b-cdn.net — Cisco Umbrella Rank: 715054	36 KB
3	cloudfront.net dvzvtsvyecfyp.cloudfront.net	149 KB
2	gstatic.com fonts.gstatic.com	46 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 231	763 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	833 B
1	pages.dev microsoft-defender.pages.dev	6 KB
14	7

	Domain	Requested by
3	unicorn-cdn.b-cdn.net	microsoft-defender.pages.dev
3	dvzvtsvyecfyp.cloudfront.net	microsoft-defender.pages.dev dvzvtsvyecfyp.cloudfront.net
2	c.clarity.ms	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	www.clarity.ms	microsoft-defender.pages.dev www.clarity.ms
1	s.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	fonts.googleapis.com	microsoft-defender.pages.dev
1	microsoft-defender.pages.dev
14	9

This site contains links to these domains. Also see Links.

Domain
culminantoutlook.com

Subject Issuer	Validity	Valid
microsoft-defender.pages.dev GTS CA 1P5	`2024-05-02` - `2024-07-31`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2023-11-05` - `2024-11-11`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://microsoft-defender.pages.dev/
Frame ID: 769D83114D4814FC45CFDB9A8A154D15
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to Microsoft Defender

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

93 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

265 kB
Transfer

978 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://culminantoutlook.com/wp-content/MicrosoftDefender.vhdx
Title: Télécharger

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3AE7CE5062A049DEA42E0A4B701CFD2F&RedC=c.clarity.ms&MXFR=1A142B22D6C961A02DB53F51D2C96F2C HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3AE7CE5062A049DEA42E0A4B701CFD2F&MUID=0F2820E629F464953CF43495289F65C3

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
microsoft-defender.pages.dev/ 20 KB
6 KB 97ms
75ms Document
text/html 2606:4700:310c::ac42:2cc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://microsoft-defender.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bb59de78c43cf6b2ac9e0dedcce26573c7849e417a3c76194292e82020da7e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 87dacf755d323a7c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 02 May 2024 20:37:38 GMT
etag: W/"34dc5aab7beb395f4dae453e8be928c0"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ayuN6KAIV06lTWOTVPunmqlgtOcDAb54Q9zXCR9YOHqMA7aPxNmnW9JMw%2Bn6KrBeN7197eHkL8qbW3KmItcjSJaJTPNtZWayc6I430PQYkDNklcCRRvj5HIaQTYUE8ybVZ%2F%2FiNbQTy3BJgkw%2BTPu%2BLKWhAFWRbGqTo%2Bj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 main.965b3cabc903.css
dvzvtsvyecfyp.cloudfront.net/static/css/ 472 KB
45 KB 43ms
8ms Stylesheet
text/css 2600:9000:2644:b000:18:c518:7440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dvzvtsvyecfyp.cloudfront.net/static/css/main.965b3cabc903.css
Requested by: Host: microsoft-defender.pages.dev
URL: https://microsoft-defender.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:b000:18:c518:7440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 80e2beae8e34589b8ab33d47c90a80166b990e3d646c1112c4f1e00e37f5b7ff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://microsoft-defender.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 08:36:53 GMT
content-encoding: br
via: 1.1 d2d6641f7f4e620ab86172e07bc2a884.cloudfront.net (CloudFront)
last-modified: Wed, 10 Apr 2024 08:33:01 GMT
server: nginx
x-amz-cf-pop: FRA60-P6
age: 1944045
etag: "66164ebd-760ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=31536000, public
content-length: 46051
x-amz-cf-id: wEK2pZufDRqUsJC9HUTdsJeBCY55XZ27jC8pARlreL7OHVI1GdOzjQ==

GET
H2 200 main.26769b514691.js Show response
dvzvtsvyecfyp.cloudfront.net/static/js/ 342 KB
103 KB 50ms
15ms Script
application/javascript 2600:9000:2644:b000:18:c518:7440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dvzvtsvyecfyp.cloudfront.net/static/js/main.26769b514691.js
Requested by: Host: microsoft-defender.pages.dev
URL: https://microsoft-defender.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:b000:18:c518:7440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c045255492448a5ef0878e269412eeb1dae8c294a23818650d07f6b90524449b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://microsoft-defender.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Mar 2024 12:36:52 GMT
content-encoding: gzip
via: 1.1 d2d6641f7f4e620ab86172e07bc2a884.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2024 12:05:32 GMT
server: nginx
x-amz-cf-pop: FRA60-P6
age: 3830446
etag: "65f97f8c-55636"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=31536000, public
content-length: 105077
x-amz-cf-id: L3CrNHY3G-_KHO5PkDNXCPkY3qSg5U69GjQj8LkLN-rSa8buCbL82Q==

GET
H2 200 css
fonts.googleapis.com/ 1 KB
833 B 38ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700&display=swap

Requested by

Host: microsoft-defender.pages.dev
URL: https://microsoft-defender.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://microsoft-defender.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 May 2024 20:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 May 2024 18:37:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 May 2024 20:37:38 GMT

GET
H2 200 2022-02-08-microsoft-defender-preview-for-windows-10-11-5.png
unicorn-cdn.b-cdn.net/90ebfd6c-a706-46b9-a9ab-43261d17419f/ 26 KB
27 KB 69ms
31ms Image
image/webp 2400:52e0:1e00::860:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unicorn-cdn.b-cdn.net/90ebfd6c-a706-46b9-a9ab-43261d17419f/2022-02-08-microsoft-defender-preview-for-windows-10-11-5.png?width=869&height=543
Requested by: Host: microsoft-defender.pages.dev
URL: https://microsoft-defender.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-860 /
Resource Hash: c80845775be01e5a9a61327631747015f7e70281f66b79da670a66282b23893d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://microsoft-defender.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 20:37:38 GMT
x-downloadsize: 44206
cdn-edgestorageid: 1047
x-bo-processingtime: 28
cdn-cachedat: 05/01/2024 16:31:05
cdn-pullzone: 1024597
content-length: 27102
x-bo-server: DE-153
last-modified: Wed, 01 May 2024 16:31:05 GMT
server: BunnyCDN-DE1-860
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 247
content-type: image/webp
cdn-cache: HIT
cdn-uid: ac01cb10-85f6-45b7-9a7b-60b70d5d369f
cache-control: public, max-age=31919000
x-bo-compressionratio: 38.69%
cdn-requestid: 139a47400022da15ce1e7f8867b95add
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dell_xps_15.png
unicorn-cdn.b-cdn.net/c5adde7e-37c8-49b1-83d4-27ed953431de/ 4 KB
5 KB 46ms
8ms Image
image/webp 2400:52e0:1e00::860:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unicorn-cdn.b-cdn.net/c5adde7e-37c8-49b1-83d4-27ed953431de/dell_xps_15.png?width=756&height=436
Requested by: Host: microsoft-defender.pages.dev
URL: https://microsoft-defender.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-860 /
Resource Hash: 52623f4599a90f34c953478e307904b27d2b14b83441fb17a9d7f4263acc0069

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://microsoft-defender.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 20:37:38 GMT
x-downloadsize: 70161
cdn-edgestorageid: 860
x-bo-processingtime: 25
cdn-cachedat: 04/28/2024 22:10:55
cdn-pullzone: 1024597
content-length: 4236
x-bo-server: DE-139
last-modified: Sun, 28 Apr 2024 22:10:55 GMT
server: BunnyCDN-DE1-860
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 125
content-type: image/webp
cdn-cache: HIT
cdn-uid: ac01cb10-85f6-45b7-9a7b-60b70d5d369f
cache-control: public, max-age=31919000
x-bo-compressionratio: 93.96%
cdn-requestid: 63db7403585d11a0858c1740425cc436
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lun1h5t6wl Show response
www.clarity.ms/tag/ 667 B
1 KB 149ms
106ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/lun1h5t6wl
Requested by: Host: microsoft-defender.pages.dev
URL: https://microsoft-defender.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: edae221a4fea831bfa09e010a53c73bdf6c10f1b355d7809ccc5727be31d830a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://microsoft-defender.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Thu, 02 May 2024 20:37:39 GMT
x-azure-ref: 20240502T203738Z-15ff4544644kzpstfwq7hww0zc00000000k000000000xxf9
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 667
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 white-waves.8fbe13fbd386.svg
dvzvtsvyecfyp.cloudfront.net/static/img/other/ 912 B
806 B 10ms
9ms Image
image/svg+xml 2600:9000:2644:b000:18:c518:7440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dvzvtsvyecfyp.cloudfront.net/static/img/other/white-waves.8fbe13fbd386.svg
Requested by: Host: dvzvtsvyecfyp.cloudfront.net
URL: https://dvzvtsvyecfyp.cloudfront.net/static/css/main.965b3cabc903.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:b000:18:c518:7440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e560817a788f9da0db2f9ad1fba7afe4140e81645b2e80f16627a4b0a5842f97

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://dvzvtsvyecfyp.cloudfront.net/static/css/main.965b3cabc903.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 19 Mar 2024 12:36:02 GMT
content-encoding: br
via: 1.1 d2d6641f7f4e620ab86172e07bc2a884.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2024 12:05:32 GMT
server: nginx
x-amz-cf-pop: FRA60-P6
age: 3830496
etag: "65f97f8c-390"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
content-length: 427
x-amz-cf-id: NwFJrluVlrMv34Dz3fSrFJWDPb-RcaTM5HFnX9RlKA8qb8MsNET_JQ==

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://microsoft-defender.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 19:07:30 GMT
x-content-type-options: nosniff
age: 437408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Apr 2025 19:07:30 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 39ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://microsoft-defender.pages.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 08:02:21 GMT
x-content-type-options: nosniff
age: 218117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Apr 2025 08:02:21 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 20ms
20ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lun1h5t6wl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://microsoft-defender.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 20:37:39 GMT
content-encoding: br
last-modified: Wed, 01 May 2024 11:24:58 GMT
etag: W/"0x8DC69D155BAD85E"
vary: Accept-Encoding
x-azure-ref: 20240502T203739Z-15ff4544644kzpstfwq7hww0zc00000000k000000000xxfp
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 2562c992-701e-0001-5780-9c7107000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3AE7CE5062A049DEA42E0A4B701CFD2F&RedC=c.clarity.ms&MXFR=1A142B22D6C961A02DB53F51D2C96F2C
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3AE7CE5062A049DEA42E0A4B701CFD2F&MUID=0F2820E629F464953CF43495289F65C3

42 B
442 B

27ms
26ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3AE7CE5062A049DEA42E0A4B701CFD2F&MUID=0F2820E629F464953CF43495289F65C3
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://microsoft-defender.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 May 2024 20:37:38 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 02 May 2024 20:37:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 53383398C6FA4DCCA9A8B00D25B9AF7E Ref B: FRAEDGE1115 Ref C: 2024-05-02T20:37:39Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3AE7CE5062A049DEA42E0A4B701CFD2F&MUID=0F2820E629F464953CF43495289F65C3
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 favicon_icon0.png
unicorn-cdn.b-cdn.net/8a62037b-020b-424d-86ef-ba535f42d15a/ 4 KB
4 KB 9ms
8ms Other
image/webp 2400:52e0:1e00::860:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://unicorn-cdn.b-cdn.net/8a62037b-020b-424d-86ef-ba535f42d15a/favicon_icon0.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::860:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-860 /
Resource Hash: 39120c418394aa6ae8876e5d40acb82e510da9e7adc05dc1cbdafc27bf0f1d57

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://microsoft-defender.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 20:37:39 GMT
x-downloadsize: 4899
cdn-edgestorageid: 874
x-bo-processingtime: 0
cdn-cachedat: 04/13/2024 01:28:29
cdn-pullzone: 1024597
content-length: 3814
x-bo-server: DE-132
last-modified: Sat, 13 Apr 2024 01:28:29 GMT
server: BunnyCDN-DE1-860
cdn-proxyver: 1.04
cdn-requestpullcode: 200
x-bo-origindownloadtime: 148
content-type: image/webp
cdn-cache: HIT
cdn-uid: ac01cb10-85f6-45b7-9a7b-60b70d5d369f
cache-control: public, max-age=31919000
x-bo-compressionratio: 22.15%
cdn-requestid: cd46b139ac629444a43efd3fcb3888c5
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
308 B 307ms
105ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/x-clarity-gzip
Referer: https://microsoft-defender.pages.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://microsoft-defender.pages.dev
Date: Thu, 02 May 2024 20:37:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 05:03:38	Name: CLID Value: c11e3a5c375442dbbe84b5bf88155b72.20240502.20250502
.microsoft-defender.pages.dev/	1970-01-21 05:03:38	Name: _clck Value: 1lor1vm%7C2%7Cflf%7C0%7C1583
.bing.com/	1970-01-21 05:39:38	Name: MUID Value: 0F2820E629F464953CF43495289F65C3
.c.bing.com/	1970-01-20 20:28:07	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:39:38	Name: SRM_B Value: 0F2820E629F464953CF43495289F65C3
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:39:38	Name: MUID Value: 0F2820E629F464953CF43495289F65C3
.c.clarity.ms/	1970-01-20 20:28:07	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 20:18:02	Name: ANONCHK Value: 0
.microsoft-defender.pages.dev/	1970-01-20 20:19:28	Name: _clsk Value: h8bbwe%7C1714682259449%7C1%7C1%7Cs.clarity.ms%2Fcollect

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://microsoft-defender.pages.dev/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
dvzvtsvyecfyp.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
microsoft-defender.pages.dev
s.clarity.ms
unicorn-cdn.b-cdn.net
www.clarity.ms
23.96.124.68
2400:52e0:1e00::860:1
2600:9000:2644:b000:18:c518:7440:21
2606:4700:310c::ac42:2cc4
2620:1ec:46::45
2620:1ec:c11::237
2a00:1450:4001:810::2003
2a00:1450:4001:81c::200a
68.219.88.97
39120c418394aa6ae8876e5d40acb82e510da9e7adc05dc1cbdafc27bf0f1d57
52623f4599a90f34c953478e307904b27d2b14b83441fb17a9d7f4263acc0069
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
80e2beae8e34589b8ab33d47c90a80166b990e3d646c1112c4f1e00e37f5b7ff
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bb59de78c43cf6b2ac9e0dedcce26573c7849e417a3c76194292e82020da7e2
c045255492448a5ef0878e269412eeb1dae8c294a23818650d07f6b90524449b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c80845775be01e5a9a61327631747015f7e70281f66b79da670a66282b23893d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e560817a788f9da0db2f9ad1fba7afe4140e81645b2e80f16627a4b0a5842f97
edae221a4fea831bfa09e010a53c73bdf6c10f1b355d7809ccc5727be31d830a

microsoft-defender.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2cc4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

78 %IPv6

7 Domains

9 Subdomains

8 IPs

3 Countries

265 kBTransfer

978 kBSize

10 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

10 Cookies

13 Console Messages

Security Headers

Indicators

microsoft-defender.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2cc4 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

265 kB
Transfer

978 kB
Size

10
Cookies

14 HTTP transactions
0 data transactions