urlscan.io logo urlscan.io
SecurityTrails logo

www.microsoft.com Open in urlscan Pro
2a02:26f0:fb:599::356e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/#:~:text=Wordlist%20of%20obser...
Effective URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Submission: On February 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 8 domains to perform 50 HTTP transactions. The main IP is 2a02:26f0:fb:599::356e, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.microsoft.com. The Cisco Umbrella rank of the primary domain is 292.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on July 28th 2021. Valid for: a year.
This is the only time www.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2620:1ec:bdf::45 8068 (MICROSOFT...)
1 2620:1ec:46::45 8068 (MICROSOFT...)
1 2.16.186.10 20940 (AKAMAI-ASN1)
3 2620:1ec:bdf::44 8068 (MICROSOFT...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 40.77.226.250 8075 (MICROSOFT...)
1 40.126.31.6 8075 (MICROSOFT...)
1 192.229.221.185 15133 (EDGECAST)
2 104.46.162.226 8075 (MICROSOFT...)
50 12
30    2a02:26f0:fb:599::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.microsoft.com
c.s-microsoft.com
3    2a02:26f0:6c00:281::2957 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.onestore.ms
1    2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wcpstatic.microsoft.com
1    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
js.monitor.azure.com
1    2.16.186.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com
statics-marketingsites-wcus-ms-com.akamaized.net
3    2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mem.gfx.ms
2    2a02:26f0:6c00::210:ba1b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-prod-cms-rt-microsoft-com.akamaized.net
5    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com
1    40.126.31.6 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    192.229.221.185 (United States)

ASN15133 (EDGECAST, US)
logincdn.msauth.net
2    104.46.162.226 (Melbourne, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
33 microsoft.com
www.microsoft.com — Cisco Umbrella Rank: 292
wcpstatic.microsoft.com — Cisco Umbrella Rank: 4245
web.vortex.data.microsoft.com — Cisco Umbrella Rank: 1421
browser.events.data.microsoft.com — Cisco Umbrella Rank: 240
646 KB
5 s-microsoft.com
c.s-microsoft.com — Cisco Umbrella Rank: 8172
147 KB
3 gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 2898
54 KB
3 akamaized.net
statics-marketingsites-wcus-ms-com.akamaized.net — Cisco Umbrella Rank: 7507
img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 1055
9 KB
3 onestore.ms
assets.onestore.ms — Cisco Umbrella Rank: 8607
212 KB
1 msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 2289
6 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 73
6 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 2949
44 KB
50 8
Domain Requested by
25 www.microsoft.com www.microsoft.com
5 web.vortex.data.microsoft.com mem.gfx.ms
5 c.s-microsoft.com assets.onestore.ms
3 mem.gfx.ms www.microsoft.com
mem.gfx.ms
3 assets.onestore.ms www.microsoft.com
2 browser.events.data.microsoft.com js.monitor.azure.com
2 img-prod-cms-rt-microsoft-com.akamaized.net www.microsoft.com
1 logincdn.msauth.net login.live.com
1 login.live.com mem.gfx.ms
1 statics-marketingsites-wcus-ms-com.akamaized.net www.microsoft.com
1 js.monitor.azure.com www.microsoft.com
1 wcpstatic.microsoft.com www.microsoft.com
50 12
Subject Issuer Validity Valid
www.microsoft.com
Microsoft RSA TLS CA 01		 2021-07-28 -
2022-07-28		 a year crt.sh
wildcard.onestore.ms
Microsoft RSA TLS CA 01		 2022-01-05 -
2023-01-05		 a year crt.sh
wcpstatic.microsoft.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-12 -
2022-06-12		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06		 2021-12-27 -
2022-12-22		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 01		 2022-02-15 -
2023-02-10		 a year crt.sh
*.vortex.data.microsoft.com
Microsoft RSA TLS CA 01		 2022-01-13 -
2023-01-13		 a year crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2022-01-25 -
2023-01-25		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2021-12-12 -
2022-12-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Frame ID: DD1C2265E25DD4CEFB2260C453732804
Requests: 51 HTTP requests in this frame

Frame: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=2ad59316-019f-4550-9e37-7713a4583c7a&partnerId=mssecurity
Frame ID: 5BB112645D86F1E270520F159D881C17
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ACTINIUM targets Ukrainian organizations - Microsoft Security Blogtwitter

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

12
Subdomains

12
IPs

4
Countries

1124 kB
Transfer

3277 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/ 		203 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
daddff9e9e55a9c17a266dd67f0eacaa3ec253d05323a08aa975285fbb3526f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
last-modified
Fri, 25 Feb 2022 08:38:40 GMT
cache-control
max-age=43, must-revalidate
x-frame-options
SAMEORIGIN
link
<https://www.microsoft.com/security/blog/wp-json/>; rel="https://api.w.org/" <https://www.microsoft.com/security/blog/wp-json/wp/v2/posts/106281>; rel="alternate"; type="application/json" <https://www.microsoft.com/security/blog/?p=106281>; rel=shortlink
x-ten-cache
HIT
content-encoding
gzip
content-length
42468
x-edgeconnect-midmile-rtt
116
x-edgeconnect-origin-mex-latency
17
date
Fri, 25 Feb 2022 08:43:18 GMT
vary
Accept-Encoding
tls_version
tls1.3
strict-transport-security
max-age=31536000
x-rtag
RT
style.min.css
www.microsoft.com/security/blog/wp-includes/css/dist/block-library/ 		77 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-includes/css/dist/block-library/style.min.css?ver=5.9
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
last-modified
Mon, 07 Feb 2022 14:56:19 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
117
etag
W/"62013313-1357b"
vary
Accept-Encoding
content-type
text/css
x-edgeconnect-origin-mex-latency
22
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
10905
expires
Sun, 27 Mar 2022 08:43:19 GMT
styles.css
www.microsoft.com/security/blog/wp-content/plugins/wds-ms-inline-interruption-styles-officeblogs/css/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-content/plugins/wds-ms-inline-interruption-styles-officeblogs/css/styles.css?ver=1645778321
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b201ab52de2c92539f7a276b6cf170b1bdf0f3705f1b6ab9597517d030afefe4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 19:28:25 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
118
etag
W/"60ccf3d9-29a7"
vary
Accept-Encoding
content-type
text/css
x-edgeconnect-origin-mex-latency
14
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
3910
expires
Sun, 27 Mar 2022 08:43:19 GMT
uhf-search-ui.css
www.microsoft.com/security/blog/wp-content/plugins/wds-ms-searchwp/features/uhf-search-ui/ 		160 B
428 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-content/plugins/wds-ms-searchwp/features/uhf-search-ui/uhf-search-ui.css?ver=1.0.1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f258c099e2bb029f6c9d5e9900a78f53347a16b43aa1e37a9f9c1a1539e0748d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 19:28:23 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
116
etag
W/"60ccf3d7-a0"
vary
Accept-Encoding
content-type
text/css
x-edgeconnect-origin-mex-latency
14
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
145
expires
Sun, 27 Mar 2022 08:43:19 GMT
mwf-west-european-default.min.css
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/ 		581 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=5.9
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:281::2957 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4919e80f038d2b93f1184d1733ac35009643481735c7bc7aa31d8b56e118fc04
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 08:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Feb 2018 02:22:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
QshXRY8/Osc4oVEHlL0Pbw==
etag
"0x8D5691A9EA468B4"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=900
accept-ranges
bytes
content-length
71704
x-ms-lease-state
available
style.css
www.microsoft.com/security/blog/wp-content/themes/ms_s/ 		342 B
522 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-content/themes/ms_s/style.css?ver=1.0.0
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f174b3ce00dc0ef25fe0867dae1da92a595c50f730dbe2cd1fd7f29546034e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 19:28:20 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
119
etag
W/"60ccf3d4-156"
vary
Accept-Encoding
content-type
text/css
x-edgeconnect-origin-mex-latency
15
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
238
expires
Sun, 27 Mar 2022 08:43:19 GMT
style.min.css
www.microsoft.com/security/blog/wp-content/themes/ms-security/ 		69 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-content/themes/ms-security/style.min.css?ver=2.4.2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dbc80402bf86540eb8bede8c34e8b97a903cc751aab0bbe60910ce68749daea6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 20:33:41 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
116
etag
W/"6202d3a5-1143e"
vary
Accept-Encoding
content-type
text/css
x-edgeconnect-origin-mex-latency
15
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
13567
expires
Sun, 27 Mar 2022 08:43:19 GMT
wcp-consent.js
wcpstatic.microsoft.com/mscc/lib/v2/ 		249 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
208edbed32b2adac9446df83caa4a093a261492ba6b8b3bcfe6a75efb8b70294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 25 Feb 2022 08:43:18 GMT
content-encoding
gzip
vary
Accept-Encoding
content-md5
OLdpUi3Q5MKZjJA0pU4XTg==
age
32477
x-cache
HIT, CONFIG_NOCACHE
content-length
75124
x-ms-lease-status
unlocked
last-modified
Wed, 14 Oct 2020 22:31:12 GMT
etag
0x8D87090DB39FE9E
x-azure-ref
0ppYYYgAAAACInVDwP0aTSpZc6E/kkqXPRlJBRURHRTEwMTQAMzliNDYxNTctY2I5ZS00OWI3LWE2NWEtODcyMmEzZjgyNGU0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4cde8870-601e-0041-47d8-29cf60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
jquery.min.js
www.microsoft.com/security/blog/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 16:30:54 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
116
etag
W/"61081dbe-15db1"
vary
Accept-Encoding
content-type
application/javascript
x-edgeconnect-origin-mex-latency
18
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
30953
expires
Sun, 27 Mar 2022 08:43:19 GMT
jquery-migrate.min.js
www.microsoft.com/security/blog/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 19:16:20 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
118
etag
W/"60ccf104-2bd8"
vary
Accept-Encoding
content-type
application/javascript
x-edgeconnect-origin-mex-latency
14
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
4169
expires
Sun, 27 Mar 2022 08:43:19 GMT
mwf-main.var.min.js
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/ 		302 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/mwf-main.var.min.js?ver=v1.23.2+5182151
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:281::2957 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b1d83c2d49c49ea38d578afa752aaec44a86d069d6ce2d54460e2612fc31a102
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff, nosniff, nosniff, nosniff, nosniff, nosniff, nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 08:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff, nosniff, nosniff, nosniff, nosniff, nosniff, nosniff
last-modified
Thu, 01 Feb 2018 02:22:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
FuF99EJdzMvbQQjP24cb+Q==
etag
"0x8D5691AA4A90431"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=900
accept-ranges
bytes
content-length
71185
x-ms-lease-state
available
ms.analytics-web-3.min.js
js.monitor.azure.com/scripts/c/ 		133 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
000edd3768a70f3253fe01b476e90a3e70287e1a243f69b3a6729d2b686cf174

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 08:43:18 GMT
content-encoding
br
x-azure-ref-originshield
0GZEYYgAAAADW1ILh9NMgQZmC52n7jhHLQU1TMDRFREdFMTkyMABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
content-md5
XEm0QZRYIP7NK6UTghAF8Q==
x-cache
TCP_HIT
x-ms-meta-jssdkver
3.1.10
last-modified
Thu, 03 Feb 2022 18:12:31 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.analytics-web-3.1.10.min.js
etag
0x8D9E740BF007DBE
x-azure-ref
0ppYYYgAAAACGefa97PTQS77cTfN2Y+W/RlJBRURHRTEwMDcAZjFjYTczZDQtODg4My00Y2FmLWFiZGMtZmUyZDU2N2FmYjk2
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
c19d8f9a-001e-0008-231e-2af27a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-lastmodified,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
ef-a24652
www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/dd-4224e1/ 		166 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/dd-4224e1/ef-a24652?ver=2.0&_cf=20210618
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
58d444a20d0ac6f199efca28a8c232d7714651bf3a27e9a02c9ef5364aa20250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

ms-operation-id
e6a161591a55e845a8e26f3ee116f257
date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-rtag
RT
x-s2
2022-01-04T00:54:18
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
bbc067b6-6c2a-4c98-ae49-506bdb719166
tls_version
tls1.3
x-s1
2022-01-04T00:54:18
ms-cv
aaWeSqpyVUm9PeZR.0
vary
Accept-Encoding
content-length
22527
x-xss-protection
1; mode=block
last-modified
Tue, 04 Jan 2022 00:54:18 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-12-11T09:19:10.0000000Z}
strict-transport-security
max-age=31536000
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=27015077
timing-allow-origin
*
x-appversion
1.0.8015.2375
expires
Wed, 04 Jan 2023 00:54:36 GMT
override.css
statics-marketingsites-wcus-ms-com.akamaized.net/statics/ 		1 KB
907 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://statics-marketingsites-wcus-ms-com.akamaized.net/statics/override.css
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-10.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 25 Feb 2022 08:43:18 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jun 2019 23:22:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D6EEC3A2D67C35
Vary
Accept-Encoding
Content-Type
text/css
x-ms-request-id
e4723bd2-f01e-001e-62c3-66d0e7000000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
473
37-8473b9
www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/93-04b71e/dd-2cee44/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2... 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/shell/_scrf/js/themes=default/8e-e88b64/93-04b71e/dd-2cee44/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/a0-23c4ba/a7-f7a340/48-6ed936/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/8d-b89eaf/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/37-8473b9?ver=2.0&_cf=20210618&iife=1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
67a1c277d278bee02e90ccf0f47d4d17e774a8d11fb0d986b0621580c652e154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

ms-operation-id
a2852fa578f38443b18c730a3031fcf9
date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-rtag
RT
x-s2
2022-02-01T21:26:29
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
8c5932fc-3a6f-4ce4-85e3-be91f5ccf9b4
tls_version
tls1.3
x-s1
2022-02-01T21:26:29
ms-cv
vqSjPiynhEulp9rM.0
vary
Accept-Encoding
content-length
35658
x-xss-protection
1; mode=block
last-modified
Tue, 01 Feb 2022 21:26:29 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-01-13T07:17:00.0000000Z}
strict-transport-security
max-age=31536000
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=29508121
timing-allow-origin
*
x-appversion
1.0.8047.41910
expires
Wed, 01 Feb 2023 21:25:20 GMT
meversion
mem.gfx.ms/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4470413e736ab213cb1fe03257d8cb5b97f921d228a5b777ea0fc38e5689c63b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-azure-ref-originshield
0Gw0YYgAAAADBnibsUZglR5ghPz5fzwOfQU1TMDRFREdFMTgyMgBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date
Fri, 25 Feb 2022 08:43:19 GMT
x-azure-ref
0p5YYYgAAAABArTqMaO6iQ4ZwtN71RfZqRlJBRURHRTEwMTgAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=43200
x-ua-compatible
IE=edge
expires
Fri, 25 Feb 2022 05:37:53 GMT
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 08:43:19 GMT
last-modified
Wed, 23 Feb 2022 09:17:47 GMT
x-datacenter
northeu
x-source-length
4054
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=261170
x-activityid
c6873fd0-6e3f-47cb-a6ff-f05fac328586
x-resizerversion
1.0
content-location
https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
content-length
4054
expires
Mon, 28 Feb 2022 09:16:09 GMT
wp-emoji-release.min.js
www.microsoft.com/security/blog/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-includes/js/wp-emoji-release.min.js?ver=5.9
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:20 GMT
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 16:30:54 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
116
etag
W/"61081dbe-4705"
vary
Accept-Encoding
content-type
application/javascript
x-edgeconnect-origin-mex-latency
15
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
4926
expires
Sun, 27 Mar 2022 08:43:20 GMT
Fig1a-phishing-email.png
www.microsoft.com/security/blog/uploads/securityprod/2022/02/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/security/blog/uploads/securityprod/2022/02/Fig1a-phishing-email.png
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d7cafb18d9c170fa5c2905ff33cb7cd821d2ad6e0f9057d9e56c3aaaff45862
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Fri, 25 Feb 2022 08:43:20 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
118
tls_version
tls1.3
content-length
48733
x-ms-lease-status
unlocked
last-modified
Fri, 04 Feb 2022 00:42:00 GMT
x-ms-blob-committed-block-count
1
etag
0x8D9E77727ADEAF1
strict-transport-security
max-age=31536000
content-type
image/png
x-edgeconnect-origin-mex-latency
174
x-ms-request-id
c825170b-501e-0072-6d23-2a3bd0000000
cache-control
max-age=600, must-revalidate
x-ms-version
2009-09-19
CLO22_TechOffice_030-440x268.jpg
www.microsoft.com/security/blog/uploads/securityprod/2022/02/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/security/blog/uploads/securityprod/2022/02/CLO22_TechOffice_030-440x268.jpg
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e73ba6dbf5eaa4d8c01dc5a27551d5d1fe9a6badbfab61a70d9e0d30de05208f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Fri, 25 Feb 2022 08:43:20 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
147
tls_version
tls1.3
content-length
13417
x-ms-lease-status
unlocked
last-modified
Fri, 04 Feb 2022 21:11:40 GMT
x-ms-blob-committed-block-count
1
etag
0x8D9E822F042F76A
strict-transport-security
max-age=31536000
content-type
image/jpeg
x-edgeconnect-origin-mex-latency
116
x-ms-request-id
e48e233c-101e-005c-2023-2a69c7000000
cache-control
max-age=600, must-revalidate
x-ms-version
2009-09-19
CLO22_SecOps_008-440x268.jpg
www.microsoft.com/security/blog/uploads/securityprod/2022/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/security/blog/uploads/securityprod/2022/02/CLO22_SecOps_008-440x268.jpg
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
72890405c4d80d3fce1026fa8d2ad8adbcf138d56748ef5cdcba945613623931
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Fri, 25 Feb 2022 08:43:20 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
147
tls_version
tls1.3
content-length
10815
x-ms-lease-status
unlocked
last-modified
Tue, 15 Feb 2022 19:34:01 GMT
x-ms-blob-committed-block-count
1
etag
0x8D9F0BA1E2DD0C6
strict-transport-security
max-age=31536000
content-type
image/jpeg
x-edgeconnect-origin-mex-latency
123
x-ms-request-id
62ef1a4d-701e-0075-5923-2a57b3000000
cache-control
max-age=600, must-revalidate
x-ms-version
2009-09-19
CLO22_SecOps_014-440x268.jpg
www.microsoft.com/security/blog/uploads/securityprod/2022/02/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/security/blog/uploads/securityprod/2022/02/CLO22_SecOps_014-440x268.jpg
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
40aaa464d94c51b9db6c62ed37b384a0dadd402730c11d8cc556bc9a46452e33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Fri, 25 Feb 2022 08:43:20 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
146
tls_version
tls1.3
content-length
20375
x-ms-lease-status
unlocked
last-modified
Mon, 14 Feb 2022 16:58:37 GMT
x-ms-blob-committed-block-count
1
etag
0x8D9EFDB3E5EB532
strict-transport-security
max-age=31536000
content-type
image/jpeg
x-edgeconnect-origin-mex-latency
142
x-ms-request-id
15c20f34-101e-0063-7323-2aa164000000
cache-control
max-age=600, must-revalidate
x-ms-version
2009-09-19
uhf-search-ui.js
www.microsoft.com/security/blog/wp-content/plugins/wds-ms-searchwp/features/uhf-search-ui/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-content/plugins/wds-ms-searchwp/features/uhf-search-ui/uhf-search-ui.js?ver=1.0.1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
16d6e957a9525cb4848051b0efc5aa101d256a3c6838007dc4ac2c41121eaade
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 19:28:23 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
116
etag
W/"60ccf3d7-105b"
vary
Accept-Encoding
content-type
application/javascript
x-edgeconnect-origin-mex-latency
13
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
1035
expires
Sun, 27 Mar 2022 08:43:19 GMT
modernizr.js
www.microsoft.com/security/blog/wp-content/themes/ms-security/assets/bower_components/modernizer/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-content/themes/ms-security/assets/bower_components/modernizer/modernizr.js?ver=2.8.2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b828b15e9b7836b493a8bd6e832a24ee13aa8b6f8b4a1bf307a7af2912014178
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:20 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 19:28:23 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
136
etag
W/"60ccf3d7-c897"
vary
Accept-Encoding
content-type
application/javascript
x-edgeconnect-origin-mex-latency
14
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
15770
expires
Sun, 27 Mar 2022 08:43:20 GMT
mwf-auto-init-main.var.min.js
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/ 		303 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/mwf-auto-init-main.var.min.js?ver=v1.23.2+5182151
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:281::2957 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2a28cd82e7ec00d2d8158f21fb0507722cd8b09fa4a0a16fadc58f30385cc25
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff, nosniff, nosniff, nosniff, nosniff, nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff, nosniff, nosniff, nosniff, nosniff, nosniff
last-modified
Thu, 01 Feb 2018 02:22:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
12go4t01WZJhAGBag3beKQ==
etag
"0x8D5691AA4A3D407"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=900
accept-ranges
bytes
content-length
71611
x-ms-lease-state
available
picturefill.min.js
www.microsoft.com/security/blog/wp-content/themes/ms-security/assets/bower_components/picturefill/dist/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-content/themes/ms-security/assets/bower_components/picturefill/dist/picturefill.min.js?ver=3.0.3
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:20 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 19:28:25 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
135
etag
W/"60ccf3d9-2e1f"
vary
Accept-Encoding
content-type
application/javascript
x-edgeconnect-origin-mex-latency
13
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
5171
expires
Sun, 27 Mar 2022 08:43:20 GMT
imagesloaded.min.js
www.microsoft.com/security/blog/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 09:20:38 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
116
etag
W/"60b89ee6-15fd"
vary
Accept-Encoding
content-type
application/javascript
x-edgeconnect-origin-mex-latency
18
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
1834
expires
Sun, 27 Mar 2022 08:43:19 GMT
masonry.min.js
www.microsoft.com/security/blog/wp-includes/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:20 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 19:16:20 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
129
etag
W/"60ccf104-5e4a"
vary
Accept-Encoding
content-type
application/javascript
x-edgeconnect-origin-mex-latency
15
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
7382
expires
Sun, 27 Mar 2022 08:43:20 GMT
project.min.js
www.microsoft.com/security/blog/wp-content/themes/ms-security/assets/scripts/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-content/themes/ms-security/assets/scripts/project.min.js?ver=1.0.1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4b77438786a8f55a4616725434b1df15692130c6b3ee07b3a4d241ff30f42c62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:19 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 19:28:23 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
116
etag
W/"60ccf3d7-1c37"
vary
Accept-Encoding
content-type
application/javascript
x-edgeconnect-origin-mex-latency
13
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
2124
expires
Sun, 27 Mar 2022 08:43:19 GMT
microsoft-uhf.js
www.microsoft.com/security/blog/wp-content/plugins/microsoft-uhf/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/security/blog/wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.3.9
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cffbae450bcad74d65019c0aa2bada046cdcf5f5fa4af699929838f58c7ff8c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 08:43:20 GMT
content-encoding
gzip
last-modified
Fri, 18 Jun 2021 19:28:23 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
136
etag
W/"60ccf3d7-d4e"
vary
Accept-Encoding
content-type
application/javascript
x-edgeconnect-origin-mex-latency
21
tls_version
tls1.3
cache-control
max-age=2592000, public
strict-transport-security
max-age=31536000
content-length
1370
expires
Sun, 27 Mar 2022 08:43:20 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bf73ba8c24162c4cfd51b3b508b2bc0f8ee00cab13bec8f32b6fb6359be7d17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		223 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
707c5b510b5712a82fd8bdf073a6d9860583931ee85f6ee7e2e735e81ae05d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
mwfmdl2-v3.54.woff
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/dd-4224e1/ef-a24652?ver=2.0&_cf=20210618
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/onerfstatics/marketingsites-wcus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/dd-4224e1/ef-a24652?ver=2.0&_cf=20210618
Origin
https://www.microsoft.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

ms-operation-id
4de7b364d75f934fa9586fcef0182be0
date
Fri, 25 Feb 2022 08:43:20 GMT
x-content-type-options
nosniff
x-rtag
RT
x-edgeconnect-midmile-rtt
14
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
4b466f32-bd5e-45dd-a196-eb7c8beceb3f
tls_version
tls1.3
ms-cv
Q+A11W/N/0KIYz7S.0
content-length
26288
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Mon, 17 May 2021 23:20:05 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-05-07T09:29:32.0000000Z}
strict-transport-security
max-age=31536000
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/font-woff
x-edgeconnect-origin-mex-latency
103
cache-control
public, max-age=7051064
x-appversion
1.0.7797.2686
expires
Tue, 17 May 2022 23:21:04 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
Requested by
Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=5.9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

Referer
https://assets.onestore.ms/
Origin
https://www.microsoft.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 08:43:19 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"5b68d583e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=305759
accept-ranges
bytes
content-length
29388
expires
Mon, 28 Feb 2022 21:39:18 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by
Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=5.9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer
https://assets.onestore.ms/
Origin
https://www.microsoft.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 08:43:19 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"588d483e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=71779
accept-ranges
bytes
content-length
34052
expires
Sat, 26 Feb 2022 04:39:38 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/latest.woff2
Requested by
Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=5.9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b

Request headers

Referer
https://assets.onestore.ms/
Origin
https://www.microsoft.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 08:43:19 GMT
last-modified
Fri, 10 Jan 2020 19:09:42 GMT
etag
"83cce83e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=136487
accept-ranges
bytes
content-length
30132
expires
Sat, 26 Feb 2022 22:38:06 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Light/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Light/latest.woff2
Requested by
Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=5.9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fe8a1047376498c80a157d13555e42a92ad480fcb0bcc9de51ad1930fbeb7f91

Request headers

Referer
https://assets.onestore.ms/
Origin
https://www.microsoft.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 08:43:19 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"1282d283e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=314039
accept-ranges
bytes
content-length
27168
expires
Mon, 28 Feb 2022 23:57:18 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semilight/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semilight/latest.woff2
Requested by
Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=5.9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6ba0d1a726f1887bd61727b308ed0be0e73edba17d4ad11b91ab19b632e078f6

Request headers

Referer
https://assets.onestore.ms/
Origin
https://www.microsoft.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 08:43:19 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"95edd883e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=507952
accept-ranges
bytes
content-length
28908
expires
Thu, 03 Mar 2022 05:49:11 GMT
Fig-a0.png
www.microsoft.com/security/blog/uploads/securityprod/2022/02/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/security/blog/uploads/securityprod/2022/02/Fig-a0.png
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c10c2e29658f3f1c52168ab98298bb77ef7a3a39be0c6cef596809175f3478a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Fri, 25 Feb 2022 08:43:20 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
116
tls_version
tls1.3
content-length
6930
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 23:13:45 GMT
x-ms-blob-committed-block-count
1
etag
0x8D9E76AD3E669C1
strict-transport-security
max-age=31536000
content-type
image/png
x-edgeconnect-origin-mex-latency
122
x-ms-request-id
8a5f92eb-001e-0032-0d23-2a3ce8000000
cache-control
max-age=600, must-revalidate
x-ms-version
2009-09-19
Fig2-email-lure.png
www.microsoft.com/security/blog/uploads/securityprod/2022/02/ 		236 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.microsoft.com/security/blog/uploads/securityprod/2022/02/Fig2-email-lure.png
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:599::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2f21d1a9b87e311a16c4da82abdc5c9921970472f9f1786a9ffb6b2a380e701a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/security/blog/2022/02/04/actinium-targets-ukrainian-organizations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Fri, 25 Feb 2022 08:43:20 GMT
x-rtag
RT
x-edgeconnect-midmile-rtt
116
tls_version
tls1.3
content-length
241180
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 23:14:41 GMT
x-ms-blob-committed-block-count
1
etag
0x8D9E76AF55E0F4C
strict-transport-security
max-age=31536000
content-type
image/png
x-edgeconnect-origin-mex-latency
256
x-ms-request-id
b78249cd-601e-0046-0e23-2a0818000000
cache-control
max-age=600, must-revalidate
x-ms-version
2009-09-19
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ 		155 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meBoot.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.microsoft.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 20 Jan 2022 20:37:20 GMT
x-azure-ref-originshield
042kVYgAAAACKkXyE4qoGR5UDUeoJNmsjQU1TMDRFREdFMTgxNwBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
etag
"1d80e809377acb6"
x-azure-ref
0qJYYYgAAAAD5c18BptTcT6pFuArhEqzMRlJBRURHRTEwMTQAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
date
Fri, 25 Feb 2022 08:43:19 GMT
x-ua-compatible
IE=edge
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-02-25T08%3A43%3A20.340Z%27&appId=%27JS%3AMeControl%27&cV=%27wIsXh%2BI5vQ%2B2k2KT.1%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meversion%27&-dependencyOperationName=%27LoadResource%27&-dependencyName=%27MeControl%27&-latencyMs=908&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3D**%26market%3D**%26uhf%3D**%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%27546dabef-8cea-4333-903a-32dd5ab35690%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A1423.7000007629395%2C%22perfDuration%22%3A907.6000003814697%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22mssecurity%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.21162.3%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22mssecurity%22%2C%22gfx%22%3A%22https%3A%2F%2Fmem.gfx.ms%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Facctcdn.msauth.net%2Foneds_Xr2D7Nex80v7A-8bxF8jgQ2.js%3Fv%3D1%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graph%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22env%22%3Anull%2C%22role%22%3A%22AccountControls%22%2C%22roleInst%22%3Anull%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fblog%2F2022%2F02%2F04%2Factinium-targets-ukrainian-organizations%2F%22%2C%22accts%22%3A%220-0%22%7D%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 08:43:19 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
hbB5MSxqOE23NmFeglDiXg.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-02-25T08%3A43%3A20.384Z%27&appId=%27JS%3AMeControl%27&cV=%27wIsXh%2BI5vQ%2B2k2KT.3%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meBoot.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=37&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.21162.3%2Fen-US%2FmeBoot.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%27546dabef-8cea-4333-903a-32dd5ab35690%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A40.5%2C%22perfDuration%22%3A36.79999923706055%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22mssecurity%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.21162.3%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22mssecurity%22%2C%22gfx%22%3A%22https%3A%2F%2Fmem.gfx.ms%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Facctcdn.msauth.net%2Foneds_Xr2D7Nex80v7A-8bxF8jgQ2.js%3Fv%3D1%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3A%22uhf%22%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graph%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22env%22%3Anull%2C%22role%22%3A%22AccountControls%22%2C%22roleInst%22%3Anull%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fblog%2F2022%2F02%2F04%2Factinium-targets-ukrainian-organizations%2F%22%2C%22accts%22%3A%220-0%22%7D%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 08:43:19 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
OuRySYijo0ekCNsUXmWWVg.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-02-25T08%3A43%3A20.391Z%27&appId=%27JS%3AMeControl%27&cV=%27wIsXh%2BI5vQ%2B2k2KT.5%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.microsoft.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27mssecurity%27&*controlVersion=%2710.21162.3%27&*market=%27en-US%27&*scenario=%27Load%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=50.10000038146973&*details=%27loadV1%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 08:43:20 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
ip0ZkKwY8kmMDX8zeRFpZQ.0
Content-Type
image/gif
Content-Length
43
Expires
0
me.srf
login.live.com/ Frame 5BB1 		11 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=2ad59316-019f-4550-9e37-7713a4583c7a&partnerId=mssecurity
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meBoot.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.31.6 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8d2fb756ede3655bb8d2c4f1077151c4b39a11dbe0da4d1cdd0b030cf6a0429a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/

Response headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
deflate
Expires
Fri, 25 Feb 2022 08:42:20 GMT
Vary
Accept-Encoding
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
X-DNS-Prefetch-Control
on
Link
<https://logincdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
Referrer-Policy
strict-origin-when-cross-origin
x-ms-route-info
R3_BL2
x-ms-request-id
c658218f-d55b-4e9b-bd56-3ab8f42de9c7
PPServer
PPV: 30 H: BL02PF953F45628 V: 0
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Date
Fri, 25 Feb 2022 08:43:20 GMT
Content-Length
4804
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ 		100 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meCore.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.microsoft.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 20 Jan 2022 20:37:26 GMT
x-azure-ref-originshield
0GnkVYgAAAAA/P/uoe/4aRIXldEqL2UmdQU1TMDRFREdFMTgxMwBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
etag
"1d80e809708c940"
x-azure-ref
0qJYYYgAAAABq5nq047RaR6jssp1qP5+JRlJBRURHRTEwMTQAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
date
Fri, 25 Feb 2022 08:43:19 GMT
x-ua-compatible
IE=edge
truncated
/ 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meCore.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.microsoft.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
RE4xdax
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4xdax
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2176784dfc7c4beeacaecacbbc6b7a1f2f281f17ff0a3c644909c3b3849ed01e
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 08:43:20 GMT
last-modified
Tue, 22 Feb 2022 04:21:05 GMT
x-datacenter
northeu
x-source-length
3094
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=157075
x-activityid
c83bafa7-d6d8-45c4-adfc-8a882b603208
x-resizerversion
1.0
content-location
https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE4xdax
content-length
3094
expires
Sun, 27 Feb 2022 04:21:15 GMT
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meCore.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.microsoft.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
MeControl_F-FyPEDmtGjuVHSHiGyMHg2.js
logincdn.msauth.net/16.000/content/js/ Frame 5BB1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msauth.net/16.000/content/js/MeControl_F-FyPEDmtGjuVHSHiGyMHg2.js
Requested by
Host: login.live.com
URL: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=2ad59316-019f-4550-9e37-7713a4583c7a&partnerId=mssecurity
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F6E) /
Resource Hash
53a6ff7d1408305bef62ec3c53b395da5a3fee9d5fcfaad5d9a6d089b7051730

Request headers

Referer
https://login.live.com/
Origin
https://login.live.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 25 Feb 2022 08:43:20 GMT
content-encoding
gzip
content-md5
ZoYJmksu4RfpKQ68QPowtA==
age
868802
x-cache
HIT
content-length
6041
x-ms-lease-status
unlocked
last-modified
Tue, 08 Feb 2022 06:10:47 GMT
server
ECAcc (frc/8F6E)
etag
0x8D9EAC9BF82E7A0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
22559609-a01e-0096-503c-227f29000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=cb68b8f590184975aa5eb4ed576fb074-e666ac9b-fa31-4339-8b9c-775f4bae31f3-6978&upload-time=1645778600974&time-delta-to-apply-millis=use-collector-delta&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.162.226 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
06558ddd5ddc84c07137c06f1d0e59cde45b3ed7b9ae276cea9c45200708d321

Request headers

Referer
https://www.microsoft.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 25 Feb 2022 08:43:21 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
840
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://www.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		153 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=cb68b8f590184975aa5eb4ed576fb074-e666ac9b-fa31-4339-8b9c-775f4bae31f3-6978&upload-time=1645778601976&time-delta-to-apply-millis=840&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.162.226 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
63d35d0d342557d684a74aa95eee638dab307ce6c33b5303d301e1bc0e711460

Request headers

Referer
https://www.microsoft.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 25 Feb 2022 08:43:21 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
119
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://www.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| _wpemojiSettings function| WcpConsent function| mscc function| $ function| jQuery object| mwf object| html5 object| Modernizr object| picturefillCFG function| picturefill object| e function| t object| oneDS string| _linkedin_data_partner_id function| linkedinTracking function| onConsentChanged function| dropAnalyticsCookies function| dropAdvertisingCookies function| dropSocialMediaCookies object| siteConsent object| addthis_config object| config object| WDSMS_SearchWP object| mwfAutoInit function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| wdsWrapBrands object| wdsEmDashFix object| wdsPostFilterToggle object| WDSSinglePostListMarkupObject object| wdsStickyAudioPlayer object| windowReady object| microsoftUhfSettings object| onShellReadyToLoad object| MSA object| MeControl function| MeControlDefine function| MeControlImport object| msCommonShell object| twemoji object| wp

8 Cookies

Domain/Path Name / Value
.microsoft.com/ Name: ak_bmsc
Value: F101F057B4689B2ADAE7E258B04B3380~000000000000000000000000000000~YAAQX5lkXzhCNw1/AQAA63sMMA6ODrH+w7m1g+TYCAen+X1Pu7XTa9VK6LItJZtkveiNKW6nOIigmN6wHDURPsFCVo7xHC7Hv/cvxVqddsGK6ErNaCxJk1aW951sWSkQw7hjW3mNqSQB3sW6ZiNng6nUvvLaBb2OUR/eQ5tK2Jnsy/2jMsQKgAMMOZnnVbE3vmenW2WJQklze29GiieCfRUe5JBlZt/LUZ5gL79f+cL4mDT8Jv5kB+uHwI2uistMsxNqq1Pb1q9zmHpCwLZABv37U4Sq/CcQfxdKKxpAxntAbjnmz5DefHc4USpNOwSTlk19V0aJODl29+Fgh702yDS/iSSjVmQicuqPI2hVxTIJItPv92TmFFMW3jm91Akd4K9P5Kh/pzX2GYViCSG76T4qI2Ocz3LIPg8n7Wh9A2r3b/t9
www.microsoft.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 97b97c14-aee6-440a-8ea3-70319fd4291a
www.microsoft.com/ Name: ai_session
Value: rvcLI+VsBmKqwm6brfGwQg|1645778599971|1645778599971
.microsoft.com/ Name: MC1
Value: GUID=2814ab500c904e54ad6a403a9684f934&HASH=2814&LV=202202&V=4&LU=1645778600516
.microsoft.com/ Name: MS0
Value: 95fb2a30b7f248db962f51068d2250b6
.login.live.com/ Name: uaid
Value: 2ad59316019f45509e377713a4583c7a
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1645778600&co=1
www.microsoft.com/ Name: MSFPC
Value: GUID=2814ab500c904e54ad6a403a9684f934&HASH=2814&LV=202202&V=4&LU=1645778600516

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.onestore.ms
browser.events.data.microsoft.com
c.s-microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
js.monitor.azure.com
login.live.com
logincdn.msauth.net
mem.gfx.ms
statics-marketingsites-wcus-ms-com.akamaized.net
wcpstatic.microsoft.com
web.vortex.data.microsoft.com
www.microsoft.com
104.46.162.226
192.229.221.185
2.16.186.10
2620:1ec:46::45
2620:1ec:bdf::44
2620:1ec:bdf::45
2a02:26f0:6c00:281::2957
2a02:26f0:6c00::210:ba1b
2a02:26f0:fb:599::356e
40.126.31.6
40.77.226.250
000edd3768a70f3253fe01b476e90a3e70287e1a243f69b3a6729d2b686cf174
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06558ddd5ddc84c07137c06f1d0e59cde45b3ed7b9ae276cea9c45200708d321
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
16d6e957a9525cb4848051b0efc5aa101d256a3c6838007dc4ac2c41121eaade
208edbed32b2adac9446df83caa4a093a261492ba6b8b3bcfe6a75efb8b70294
2176784dfc7c4beeacaecacbbc6b7a1f2f281f17ff0a3c644909c3b3849ed01e
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
2bf73ba8c24162c4cfd51b3b508b2bc0f8ee00cab13bec8f32b6fb6359be7d17
2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f21d1a9b87e311a16c4da82abdc5c9921970472f9f1786a9ffb6b2a380e701a
3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1
40aaa464d94c51b9db6c62ed37b384a0dadd402730c11d8cc556bc9a46452e33
4470413e736ab213cb1fe03257d8cb5b97f921d228a5b777ea0fc38e5689c63b
4919e80f038d2b93f1184d1733ac35009643481735c7bc7aa31d8b56e118fc04
4b77438786a8f55a4616725434b1df15692130c6b3ee07b3a4d241ff30f42c62
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
53a6ff7d1408305bef62ec3c53b395da5a3fee9d5fcfaad5d9a6d089b7051730
58d444a20d0ac6f199efca28a8c232d7714651bf3a27e9a02c9ef5364aa20250
63d35d0d342557d684a74aa95eee638dab307ce6c33b5303d301e1bc0e711460
67a1c277d278bee02e90ccf0f47d4d17e774a8d11fb0d986b0621580c652e154
6ba0d1a726f1887bd61727b308ed0be0e73edba17d4ad11b91ab19b632e078f6
6d7cafb18d9c170fa5c2905ff33cb7cd821d2ad6e0f9057d9e56c3aaaff45862
707c5b510b5712a82fd8bdf073a6d9860583931ee85f6ee7e2e735e81ae05d18
72890405c4d80d3fce1026fa8d2ad8adbcf138d56748ef5cdcba945613623931
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
8d2fb756ede3655bb8d2c4f1077151c4b39a11dbe0da4d1cdd0b030cf6a0429a
b1d83c2d49c49ea38d578afa752aaec44a86d069d6ce2d54460e2612fc31a102
b201ab52de2c92539f7a276b6cf170b1bdf0f3705f1b6ab9597517d030afefe4
b828b15e9b7836b493a8bd6e832a24ee13aa8b6f8b4a1bf307a7af2912014178
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c10c2e29658f3f1c52168ab98298bb77ef7a3a39be0c6cef596809175f3478a0
cffbae450bcad74d65019c0aa2bada046cdcf5f5fa4af699929838f58c7ff8c2
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
daddff9e9e55a9c17a266dd67f0eacaa3ec253d05323a08aa975285fbb3526f1
dbc80402bf86540eb8bede8c34e8b97a903cc751aab0bbe60910ce68749daea6
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73ba6dbf5eaa4d8c01dc5a27551d5d1fe9a6badbfab61a70d9e0d30de05208f
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
f174b3ce00dc0ef25fe0867dae1da92a595c50f730dbe2cd1fd7f29546034e81
f258c099e2bb029f6c9d5e9900a78f53347a16b43aa1e37a9f9c1a1539e0748d
f2a28cd82e7ec00d2d8158f21fb0507722cd8b09fa4a0a16fadc58f30385cc25
fe8a1047376498c80a157d13555e42a92ad480fcb0bcc9de51ad1930fbeb7f91
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869