blogs.technet.microsoft.com Open in urlscan Pro
23.38.58.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aka.ms/O365-find-illicit-activity
Effective URL:
https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
Submission: On August 01 via manual (August 1st 2019, 3:01:51 pm UTC) from US

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 25 HTTP transactions. The main IP is 23.38.58.129, located in Netherlands and belongs to AKAMAI-ASN1, US. The main domain is blogs.technet.microsoft.com.
TLS certificate: Issued by Microsoft IT TLS CA 5 on November 7th 2017. Valid for: 2 years.

This is the only time blogs.technet.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.104.185.74 104.104.185.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	23.38.58.129 23.38.58.129	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	52.239.161.42 52.239.161.42	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a02:26f0:6c0... 2a02:26f0:6c00:289::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
25	4

1 104.104.185.74 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-104-185-74.deploy.static.akamaitechnologies.com

aka.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.38.58.129 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-58-129.deploy.static.akamaitechnologies.com

blogs.technet.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.239.161.42 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

msdnshared.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:289::356e (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	microsoft.com blogs.technet.microsoft.com	53 KB
5	windows.net msdnshared.blob.core.windows.net	401 KB
2	s-microsoft.com c.s-microsoft.com	3 KB
1	aka.ms 1 redirects aka.ms	535 B
0	s-msft.com Failed i1.social.s-msft.com Failed
0	aspnetcdn.com Failed ajax.aspnetcdn.com Failed
25	6

	Domain	Requested by
14	blogs.technet.microsoft.com	blogs.technet.microsoft.com
5	msdnshared.blob.core.windows.net	blogs.technet.microsoft.com
2	c.s-microsoft.com	blogs.technet.microsoft.com
1	aka.ms	1 redirects
0	i1.social.s-msft.com Failed	blogs.technet.microsoft.com
0	ajax.aspnetcdn.com Failed	blogs.technet.microsoft.com
25	6

This site contains no links.

Subject Issuer	Validity	Valid
blogs.technet.microsoft.com Microsoft IT TLS CA 5	`2017-11-07` - `2019-11-07`	2 years	crt.sh
*.blob.core.windows.net Microsoft IT TLS CA 1	`2019-04-30` - `2021-04-30`	2 years	crt.sh
www.microsoft.com Microsoft IT TLS CA 4	`2018-01-16` - `2020-01-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
Frame ID: 786B8F2182566095611CF249B255ACCF
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://aka.ms/O365-find-illicit-activity HTTP 301
https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/ Page URL

Page Statistics

25
Requests

84 %
HTTPS

25 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

456 kB
Transfer

528 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aka.ms/O365-find-illicit-activity HTTP 301
https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
Redirect Chain

https://aka.ms/O365-find-illicit-activity
https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

71 KB
24 KB

380ms
33ms

Document
text/html

23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

af9a16111f7e696f9d7ae7862dad1f3fe469ea6db9ab0c45f7bf8a7990760886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: blogs.technet.microsoft.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 24284
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Link: <https://blogs.technet.microsoft.com/office365security/?p=2765>; rel=shortlink
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Request-Context: appId=cid-v1:1e40abc5-5fc0-4c08-939b-4be4566cca4b
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive

Redirect headers

Location: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
Server: Kestrel
Request-Context: appId=cid-v1:b47e5e27-bf85-45ba-a97c-0377ce0e5779
X-Response-Cache-Status: True
X-Powered-By: ASP.NET
Content-Length: 0
Expires: Thu, 01 Aug 2019 15:01:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 01 Aug 2019 15:01:16 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

GET bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/ 0
0

GET
H/1.1 200
OK wds-ratings.css
blogs.technet.microsoft.com/office365security/wp-content/plugins/wds-ratings/ 3 KB
1 KB 48ms
34ms Stylesheet
text/css 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/wp-content/plugins/wds-ratings/wds-ratings.css?ver=20161014

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

913abadc706c39dd6540adab9ce39e6115515ba0515d1e8fe386add03689a5e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Dec 2016 03:02:46 GMT
Cache-Control: max-age=341364
ETag: "aff5dfb4365bd21:0"
Vary: Accept-Encoding
Content-Type: text/css
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 846
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6bba0ebe-ac1f-40f1-a5fe-732db974adfb

GET
H/1.1 200
OK style.css
blogs.technet.microsoft.com/office365security/wp-content/themes/microsoft/ 18 KB
6 KB 79ms
30ms Stylesheet
text/css 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/wp-content/themes/microsoft/style.css?ver=02092017

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

86f2ad8b0415b48e5c4e6cbfbc3b79f48afa1fbfb4648c4f9acb4b8c7f1d6568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Dec 2016 03:02:51 GMT
Cache-Control: max-age=341454
ETag: "87b685b7365bd21:0"
Vary: Accept-Encoding
Content-Type: text/css
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5360
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6bba0ebe-ac1f-40f1-a5fe-732db974adfb

GET
H/1.1 200
OK style.css
blogs.technet.microsoft.com/office365security/wp-content/themes/microsoft-technet/ 899 B
1 KB 111ms
30ms Stylesheet
text/css 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/wp-content/themes/microsoft-technet/style.css?ver=04152016

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

753afdb3e8e9024755c0db094a391ae9003a1cdf6d5a10233a20fde900a7b02a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 08 Sep 2016 13:03:48 GMT
Cache-Control: max-age=341417
ETag: "cdd6a470d19d21:0"
Vary: Accept-Encoding
Content-Type: text/css
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 699
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6bba0ebe-ac1f-40f1-a5fe-732db974adfb

GET jquery-1.12.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 0
0

GET bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/ 0
0

GET
H/1.1 200
OK single.js Show response
blogs.technet.microsoft.com/office365security/wp-content/themes/microsoft/js/ 3 KB
2 KB 141ms
30ms Script
application/x-javascript 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/wp-content/themes/microsoft/js/single.js?ver=02092017

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

8a123916a3f0aacb106e0596bbb5ddf2bf45dd2558632e4262ec7742b95778bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Feb 2017 09:01:37 GMT
Cache-Control: max-age=342323
ETag: "3c5851eb382d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1347
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:1e40abc5-5fc0-4c08-939b-4be4566cca4b

GET
H/1.1 200
OK ms-logo-gray.svg
blogs.technet.microsoft.com/office365security/wp-content/themes/microsoft/images/ 3 KB
2 KB 173ms
32ms Image
image/svg+xml 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogs.technet.microsoft.com/office365security/wp-content/themes/microsoft/images/ms-logo-gray.svg

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

7b792ad810340e788cfd38b7e249f51075445de7741815178e70bdb77f15491f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Jan 2016 05:35:33 GMT
Cache-Control: max-age=341298
ETag: "a739e4614453d11:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1370
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6bba0ebe-ac1f-40f1-a5fe-732db974adfb

GET avatar.jpg
i1.social.s-msft.com/profile/u/ 0
0

GET
H/1.1 200
OK sccauditlogsearch.png
msdnshared.blob.core.windows.net/media/2016/05/ 91 KB
92 KB 14370ms
287ms Image
image/png 52.239.161.42
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://msdnshared.blob.core.windows.net/media/2016/05/sccauditlogsearch.png
Requested by: Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.161.42 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 23d21163f861267b530f9ce7857ad40ff741ec097b347cb84a232140e3b9d6b2

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Aug 2019 15:01:31 GMT
Last-Modified: Thu, 26 May 2016 23:27:57 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D385BD5EDAF951
Content-Type: image/png
x-ms-request-id: 62f0b231-101e-007f-1e7a-48a65b000000
x-ms-version: 2009-09-19
x-ms-meta-Tag: WordPressDefaultUpload
Content-Length: 93305
x-ms-meta-Mimetype: image/png

GET
H/1.1 200
OK aadreports.png
msdnshared.blob.core.windows.net/media/2016/05/ 80 KB
80 KB 287ms
286ms Image
image/png 52.239.161.42
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://msdnshared.blob.core.windows.net/media/2016/05/aadreports.png
Requested by: Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.161.42 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fc2c38bf3e2b2526a28dd9b0b5c5aab34f23c5b65fdf87eb2bf169d48e02a2f7

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Aug 2019 15:01:31 GMT
Last-Modified: Thu, 26 May 2016 23:27:55 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D385BD5D87933B
Content-Type: image/png
x-ms-request-id: 62f0b39d-101e-007f-787a-48a65b000000
x-ms-version: 2009-09-19
x-ms-meta-Tag: WordPressDefaultUpload
Content-Length: 81473
x-ms-meta-Mimetype: image/png

GET
H/1.1 200
OK eac.png
msdnshared.blob.core.windows.net/media/2016/05/ 66 KB
67 KB 203ms
203ms Image
image/png 52.239.161.42
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://msdnshared.blob.core.windows.net/media/2016/05/eac.png
Requested by: Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.161.42 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b946428be3de19c95292fcdd71db5292d1db21db38aa167fc3766c84fa2eca1e

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Aug 2019 15:01:32 GMT
Last-Modified: Thu, 26 May 2016 23:27:59 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D385BD5FCE13C9
Content-Type: image/png
x-ms-request-id: 62f0b3e8-101e-007f-3a7a-48a65b000000
x-ms-version: 2009-09-19
x-ms-meta-Tag: WordPressDefaultUpload
Content-Length: 67956
x-ms-meta-Mimetype: image/png

GET
H/1.1 200
OK odbdocsharelist.png
msdnshared.blob.core.windows.net/media/2016/05/ 61 KB
61 KB 202ms
201ms Image
image/png 52.239.161.42
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://msdnshared.blob.core.windows.net/media/2016/05/odbdocsharelist.png
Requested by: Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.161.42 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 13a01d2f002c400e65b9b8a553804016ce41d9a6aac6f6c6492c716983432263

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Aug 2019 15:01:32 GMT
Last-Modified: Thu, 26 May 2016 23:27:53 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D385BD5C9A1E38
Content-Type: image/png
x-ms-request-id: 62f0b43c-101e-007f-7c7a-48a65b000000
x-ms-version: 2009-09-19
x-ms-meta-Tag: WordPressDefaultUpload
Content-Length: 62115
x-ms-meta-Mimetype: image/png

GET
H/1.1 200
OK github.png
msdnshared.blob.core.windows.net/media/2016/05/ 101 KB
101 KB 190ms
189ms Image
image/png 52.239.161.42
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://msdnshared.blob.core.windows.net/media/2016/05/github.png
Requested by: Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.161.42 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ef08b507217d8ebb72737ffd2f23f459ae94db06c6b64e357fc6649380a1f354

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 01 Aug 2019 15:01:32 GMT
Last-Modified: Thu, 26 May 2016 23:28:00 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D385BD60925495
Content-Type: image/png
x-ms-request-id: 62f0b497-101e-007f-517a-48a65b000000
x-ms-version: 2009-09-19
x-ms-meta-Tag: WordPressDefaultUpload
Content-Length: 103172
x-ms-meta-Mimetype: image/png

GET
H2 200 mscc-0.4.1.min.css
c.s-microsoft.com/mscc/statics/ 1 KB
934 B 47ms
14ms Stylesheet
text/css 2a02:26f0:6c00:289::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.css?ver=4.9.7
Requested by: Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:289::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 01 Aug 2019 15:01:17 GMT
content-encoding: gzip
last-modified: Mon, 10 Sep 2018 17:42:23 GMT
content-md5: 2MKxgMQLzH/8vixotX2Pog==
access-control-allow-origin: *
etag: 0x8D61744C3ED0073
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css;charset=utf-8
status: 200
x-ms-request-id: 41fbeccf-901e-0090-7400-4a86d4000000
x-ms-version: 2009-09-19
content-length: 627

GET
H/1.1 200
OK wp-ajax-response.min.js Show response
blogs.technet.microsoft.com/office365security/wp-includes/js/ 2 KB
2 KB 33ms
33ms Script
application/x-javascript 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/wp-includes/js/wp-ajax-response.min.js?ver=4.9.7

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

1e5097986115719df77c0785d6051ccacd78805b51008a82015d6ddc14318ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 06 Aug 2018 02:30:13 GMT
Cache-Control: max-age=341498
ETag: "d27576672d2dd41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1208
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6bba0ebe-ac1f-40f1-a5fe-732db974adfb

GET
H/1.1 200
OK msdn-delete-comment-script.js Show response
blogs.technet.microsoft.com/office365security/wp-content/plugins/msdn-delete-comment/ 587 B
965 B 31ms
31ms Script
application/x-javascript 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/wp-content/plugins/msdn-delete-comment/msdn-delete-comment-script.js?ver=20180311

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

f2806d0eadc9c15132144d7e7644623dcd7d7e783f62d0839fd7ab7d73580b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 28 Mar 2018 04:58:33 GMT
Cache-Control: max-age=341267
ETag: "12ab116c51c6d31:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 408
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6bba0ebe-ac1f-40f1-a5fe-732db974adfb

GET
H/1.1 200
OK wds-ratings.js Show response
blogs.technet.microsoft.com/office365security/wp-content/plugins/wds-ratings/ 6 KB
3 KB 31ms
31ms Script
application/x-javascript 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/wp-content/plugins/wds-ratings/wds-ratings.js?ver=20161014

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

f018a202d8f9450d64a5ae50edbcfad11273d082c56ae47ae38d62866fa0ad26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 07 Dec 2016 02:42:53 GMT
Cache-Control: max-age=341305
ETag: "b63679c3350d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2342
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6bba0ebe-ac1f-40f1-a5fe-732db974adfb

GET
H/1.1 200
OK jquery-migrate.min.js Show response
blogs.technet.microsoft.com/office365security/wp-includes/js/jquery/ 10 KB
5 KB 32ms
31ms Script
application/x-javascript 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef0968035e387c8b468f4a943a9b5998d159c9e2f1a4994c70aa86bf53a9316d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 08 Sep 2016 12:55:21 GMT
Cache-Control: max-age=341344
ETag: "6dddf741d09d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4819
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6bba0ebe-ac1f-40f1-a5fe-732db974adfb

GET
H/1.1 200
OK theme-merged.js Show response
blogs.technet.microsoft.com/office365security/wp-content/themes/microsoft/js/ 4 KB
2 KB 31ms
30ms Script
application/x-javascript 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/wp-content/themes/microsoft/js/theme-merged.js?ver=02092017

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

a1cdba769e59384c6667b947dc33981e066fbb9a9f02b2ca7feaa534fdd8de63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 07 Dec 2016 02:42:55 GMT
Cache-Control: max-age=341358
ETag: "80a1b79c3350d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1064
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6bba0ebe-ac1f-40f1-a5fe-732db974adfb

GET
H/1.1 200
OK wp-embed.min.js Show response
blogs.technet.microsoft.com/office365security/wp-includes/js/ 1 KB
1 KB 32ms
32ms Script
application/x-javascript 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/wp-includes/js/wp-embed.min.js?ver=4.9.7

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 May 2017 03:50:34 GMT
Cache-Control: max-age=341319
ETag: "82f3f91aed2d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 958
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6bba0ebe-ac1f-40f1-a5fe-732db974adfb

GET
H2 200 mscc-0.4.1.min.js Show response
c.s-microsoft.com/mscc/statics/ 3 KB
2 KB 27ms
26ms Script
text/javascript 2a02:26f0:6c00:289::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.js?ver=4.9.7
Requested by: Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:289::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 01 Aug 2019 15:01:17 GMT
content-encoding: gzip
last-modified: Mon, 10 Sep 2018 17:42:12 GMT
content-md5: XpofSqMdSqYPb4maLkXO+A==
access-control-allow-origin: *
etag: 0x8D61744BD6EA9B6
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
status: 200
x-ms-request-id: 071f608d-d01e-00d8-7c00-4ab449000000
x-ms-version: 2009-09-19
content-length: 1588

GET
H/1.1 200
OK eucookielaw-searchbox-script.js Show response
blogs.technet.microsoft.com/office365security/wp-content/plugins/eu-cookie-law/ 150 B
774 B 46ms
45ms Script
application/x-javascript 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/wp-content/plugins/eu-cookie-law/eucookielaw-searchbox-script.js?ver=4.9.7

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

948885fd3be45fdb44b12f9e067f7d4a63ca93346323114ddbeed1b351f18a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Sep 2017 05:25:50 GMT
Cache-Control: max-age=341369
ETag: "991bd7145137d31:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 217
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6bba0ebe-ac1f-40f1-a5fe-732db974adfb

GET
H/1.1 200
OK jquery.cookie.js Show response
blogs.technet.microsoft.com/office365security/wp-content/themes/microsoft/js/vendor/ 3 KB
2 KB 30ms
30ms Script
application/x-javascript 23.38.58.129
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.technet.microsoft.com/office365security/wp-content/themes/microsoft/js/vendor/jquery.cookie.js?ver=11092015

Requested by

Host: blogs.technet.microsoft.com
URL: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.38.58.129 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-38-58-129.deploy.static.akamaitechnologies.com

Software

Resource Hash

afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blogs.technet.microsoft.com/office365security/finding-illicit-activity-the-old-fashioned-way/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 08 Sep 2016 13:03:49 GMT
Cache-Control: max-age=341346
ETag: "2d35f670d19d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
ARR-Disable-Session-Affinity: true
Date: Thu, 01 Aug 2019 15:01:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1655
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:6bba0ebe-ac1f-40f1-a5fe-732db974adfb

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/css/bootstrap.min.css

Domain: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.12.1.min.js

Domain: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.5/bootstrap.min.js

Domain: i1.social.s-msft.com
URL: https://i1.social.s-msft.com/profile/u/avatar.jpg?displayname=Brandon+Koeller&size=extralarge&version=09a5d2dc-f86a-4ec2-bae2-044581c07285

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
aka.ms
blogs.technet.microsoft.com
c.s-microsoft.com
i1.social.s-msft.com
msdnshared.blob.core.windows.net
ajax.aspnetcdn.com
i1.social.s-msft.com
104.104.185.74
23.38.58.129
2a02:26f0:6c00:289::356e
52.239.161.42
13a01d2f002c400e65b9b8a553804016ce41d9a6aac6f6c6492c716983432263
1e5097986115719df77c0785d6051ccacd78805b51008a82015d6ddc14318ee0
23d21163f861267b530f9ce7857ad40ff741ec097b347cb84a232140e3b9d6b2
35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880
753afdb3e8e9024755c0db094a391ae9003a1cdf6d5a10233a20fde900a7b02a
7b792ad810340e788cfd38b7e249f51075445de7741815178e70bdb77f15491f
86f2ad8b0415b48e5c4e6cbfbc3b79f48afa1fbfb4648c4f9acb4b8c7f1d6568
8a123916a3f0aacb106e0596bbb5ddf2bf45dd2558632e4262ec7742b95778bf
913abadc706c39dd6540adab9ce39e6115515ba0515d1e8fe386add03689a5e7
948885fd3be45fdb44b12f9e067f7d4a63ca93346323114ddbeed1b351f18a17
a1cdba769e59384c6667b947dc33981e066fbb9a9f02b2ca7feaa534fdd8de63
af9a16111f7e696f9d7ae7862dad1f3fe469ea6db9ab0c45f7bf8a7990760886
afd6a5f6de40e9e67b55ff6afec66fff4827e775c996ab80c9e964a872a92523
b946428be3de19c95292fcdd71db5292d1db21db38aa167fc3766c84fa2eca1e
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
ef08b507217d8ebb72737ffd2f23f459ae94db06c6b64e357fc6649380a1f354
ef0968035e387c8b468f4a943a9b5998d159c9e2f1a4994c70aa86bf53a9316d
f018a202d8f9450d64a5ae50edbcfad11273d082c56ae47ae38d62866fa0ad26
f2806d0eadc9c15132144d7e7644623dcd7d7e783f62d0839fd7ab7d73580b78
fc2c38bf3e2b2526a28dd9b0b5c5aab34f23c5b65fdf87eb2bf169d48e02a2f7

blogs.technet.microsoft.com Open in urlscan Pro 23.38.58.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

25 Requests

84 %HTTPS

25 %IPv6

6 Domains

6 Subdomains

4 IPs

3 Countries

456 kBTransfer

528 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

blogs.technet.microsoft.com Open in urlscan Pro
23.38.58.129 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

84 %
HTTPS

25 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

456 kB
Transfer

528 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions