support.microsoft.com Open in urlscan Pro
2.18.233.31 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-...
Submission: On July 29 via api (July 29th 2021, 7:03:29 pm UTC) from US

Summary HTTP 57 Redirects Links 117 Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 10 domains to perform 57 HTTP transactions. The main IP is 2.18.233.31, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is support.microsoft.com.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on July 28th 2021. Valid for: a year.

This is the only time support.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 25	2.18.233.31 2.18.233.31	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.16.186.27 2.16.186.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2.18.232.50 2.18.232.50	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
2	2620:1ec:29::42 2620:1ec:29::42	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:6c0... 2a02:26f0:6c00:281::37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	104.103.85.62 104.103.85.62	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:6c0... 2a02:26f0:6c00:290::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	20.190.160.75 20.190.160.75	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.190.160.69 20.190.160.69	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.114.20.18 52.114.20.18	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
57	15

25 2.18.233.31 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-31.deploy.static.akamaitechnologies.com

support.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:2ae::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.27 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-27.deploy.static.akamaitechnologies.com

statics-marketingsites-neu-ms-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img-prod-cms-rt-microsoft-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.232.50 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-50.deploy.static.akamaitechnologies.com

support.content.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

az725175.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29::42 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wcpstatic.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:281::37 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mem.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.103.85.62 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-85-62.deploy.static.akamaitechnologies.com

videoplayercdn.osi.office.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:290::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.190.160.75 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.160.69 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.114.20.18 (Melbourne, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	microsoft.com 2 redirects support.microsoft.com www.microsoft.com wcpstatic.microsoft.com web.vortex.data.microsoft.com browser.events.data.microsoft.com	450 KB
7	office.net 1 redirects support.content.office.net videoplayercdn.osi.office.net	1 MB
3	gfx.ms mem.gfx.ms	58 KB
2	microsoftonline.com login.microsoftonline.com	111 KB
2	s-microsoft.com c.s-microsoft.com	62 KB
2	akamaized.net statics-marketingsites-neu-ms-com.akamaized.net img-prod-cms-rt-microsoft-com.akamaized.net	5 KB
1	live.com login.live.com	2 KB
1	azure.com js.monitor.azure.com	43 KB
1	msecnd.net az725175.vo.msecnd.net	18 KB
1	cloudflare.com cdnjs.cloudflare.com	28 KB
57	10

	Domain	Requested by
25	support.microsoft.com	2 redirects support.microsoft.com
8	web.vortex.data.microsoft.com	az725175.vo.msecnd.net
6	support.content.office.net	support.microsoft.com
4	www.microsoft.com	support.microsoft.com www.microsoft.com
3	mem.gfx.ms	support.microsoft.com mem.gfx.ms
2	browser.events.data.microsoft.com	js.monitor.azure.com
2	login.microsoftonline.com	support.microsoft.com login.microsoftonline.com
2	c.s-microsoft.com	www.microsoft.com
1	login.live.com	login.microsoftonline.com
1	videoplayercdn.osi.office.net	1 redirects
1	wcpstatic.microsoft.com	support.microsoft.com
1	js.monitor.azure.com	support.microsoft.com
1	az725175.vo.msecnd.net	support.microsoft.com
1	cdnjs.cloudflare.com	support.microsoft.com
1	img-prod-cms-rt-microsoft-com.akamaized.net	support.microsoft.com
1	statics-marketingsites-neu-ms-com.akamaized.net	support.microsoft.com
57	16

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
www.microsoft.com
www.xbox.com
onedrive.live.com
outlook.live.com
www.skype.com
www.onenote.com
azure.microsoft.com
visualstudio.microsoft.com
developer.microsoft.com
docs.microsoft.com
powerplatform.microsoft.com
powerapps.microsoft.com
support.xbox.com
templates.office.com
answers.microsoft.com
portal.office.com
msrc-blog.microsoft.com
msrc.microsoft.com
www.facebook.com
linkedin.com
insider.microsoft.com
account.microsoft.com
products.office.com
channel9.msdn.com
careers.microsoft.com
news.microsoft.com
privacy.microsoft.com
choice.microsoft.com

Subject Issuer	Validity	Valid
support.microsoft.com Microsoft RSA TLS CA 02	`2021-07-28` - `2022-07-28`	a year	crt.sh
www.microsoft.com Microsoft RSA TLS CA 01	`2020-08-28` - `2021-08-28`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.content.office.net Microsoft RSA TLS CA 02	`2020-10-14` - `2021-10-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 01	`2021-06-30` - `2022-06-25`	a year	crt.sh
wcpstatic.microsoft.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-12` - `2022-06-12`	a year	crt.sh
mem.gfx.ms Microsoft RSA TLS CA 02	`2020-11-11` - `2021-11-11`	a year	crt.sh
*.vortex.data.microsoft.com Microsoft RSA TLS CA 02	`2020-10-05` - `2021-10-05`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2021-05-26` - `2022-05-26`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2021-07-08` - `2022-07-08`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2020-09-14` - `2021-09-09`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Frame ID: DE739A5AF3CEC8D7AEDE0E47167ED659
Requests: 54 HTTP requests in this frame

Frame: https://support.microsoft.com/en-us/silentsigninhandler
Frame ID: E286EF9B7049E1BF86BA5C64D05F145E
Requests: 3 HTTP requests in this frame

Frame: https://login.live.com/Me.htm?v=3
Frame ID: F2ED4211CF77D42C64AB0C1E8F8545D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

headers server /^Kestrel/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Kestrel/i

Kestrel (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Kestrel/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

headers server /^Kestrel/i

Page Statistics

57
Requests

100 %
HTTPS

40 %
IPv6

10
Domains

16
Subdomains

15
IPs

6
Countries

2299 kB
Transfer

4039 kB
Size

9
Cookies

117 Outgoing links

These are links going to different origins than the main page.

URL: https://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/
Title: Microsoft

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/microsoft-365?ocid=oo_support_mix_marvel_ups_support_smcuhfm365
Title: Microsoft 365

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/microsoft-365/microsoft-office?ocid=oo_support_mix_marvel_ups_support_smcuhfoffice
Title: Office

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/windows?ocid=smc_marvel_ups_support_uhfwindows
Title: Windows

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/surface
Title: Surface

Search URL Search Domain Scan URL

URL: https://www.xbox.com/
Title: Xbox

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/sale?icid=TopNavDealsSale
Title: Deals

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=849747
Title: Buy Microsoft 365

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/microsoft-365
Title: Microsoft 365

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/microsoft-365/microsoft-office
Title: Office

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/windows/
Title: Windows

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/surface
Title: Surface

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/sale?icid=gm_nav_L0_salepage
Title: Deals

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/apps/windows?icid=CNavAppsWindowsApps
Title: Windows Apps

Search URL Search Domain Scan URL

URL: https://onedrive.live.com/about/en-us/
Title: OneDrive

Search URL Search Domain Scan URL

URL: https://outlook.live.com/owa/
Title: Outlook

Search URL Search Domain Scan URL

URL: https://www.skype.com/en/
Title: Skype

Search URL Search Domain Scan URL

URL: https://www.onenote.com/
Title: OneNote

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/microsoft-teams/free?icid=SSM_AS_Promo_Apps_MicrosoftTeams
Title: Microsoft Teams

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/edge
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/pc?icid=CNavDevicesPC
Title: Computers

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/xbox?icid=CNavDevicesXbox
Title: Shop Xbox

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/accessories?icid=CNavDevicesAccessories
Title: Accessories

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/virtualreality?icid=CNavVirtualReality
Title: VR & mixed reality

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/mobile?icid=CNavDevicesMobile
Title: Phones

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/xbox-game-pass-ultimate/cfq7ttc0khs0?WT.mc_id=CNavGamesXboxGamePassUltimate
Title: Xbox Game Pass Ultimate

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/xbox-live-gold/cfq7ttc0k5dj?WT.mc_id=CNavGamesXboxLiveGold
Title: Xbox Live Gold

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/games/windows?icid=CNavGamesWindowsGames
Title: PC games

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/games/windows?icid=TopNavWindowsGames
Title: Windows digital games

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/movies-and-tv?icid=TopNavMoviesTv
Title: Movies & TV

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/
Title: Microsoft Azure

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/dynamics365/home
Title: Microsoft Dynamics 365

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/microsoft-365/business/all-business
Title: Microsoft 365

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/windows-365
Title: Windows 365

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/enterprise
Title: Microsoft Industry

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/sql-server/
Title: Data platform

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2026638
Title: Microsoft Advertising

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/business?icid=CNavBusinessStore
Title: Shop Business

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/net/
Title: .NET

Search URL Search Domain Scan URL

URL: https://visualstudio.microsoft.com/
Title: Visual Studio

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/cloud-platform/windows-server
Title: Windows Server

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/en-us/windows
Title: Windows Dev Center

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/
Title: Docs

Search URL Search Domain Scan URL

URL: https://powerplatform.microsoft.com/en-us
Title: Power Platform

Search URL Search Domain Scan URL

URL: https://powerapps.microsoft.com/en-us
Title: Power Apps

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/hololens
Title: HoloLens 2

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/rewards
Title: Microsoft Rewards

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/download/default.aspx
Title: Free downloads & security

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/education?icid=CNavMSCOML0_Studentsandeducation
Title: Education

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/workshops-training-and-events?icid=vl_uf_932020
Title: Virtual workshops and training

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/gift-cards
Title: Gift cards

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/licensing/default
Title: Licensing

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/locations/ny/new-york/fifth-avenue-/store-1087?ICID=uhf_h_mec
Title: Microsoft Experience Center

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/education?icid=CNavStoreL0_Studentsandeducation
Title: Students and Parents deals

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/sitemap.aspx
Title: View Sitemap

Search URL Search Domain Scan URL

URL: https://support.xbox.com/
Title: Xbox

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/hololens/
Title: HoloLens

Search URL Search Domain Scan URL

URL: https://templates.office.com/
Title: Templates

Search URL Search Domain Scan URL

URL: https://answers.microsoft.com/
Title: Community forums

Search URL Search Domain Scan URL

URL: https://portal.office.com/AdminPortal#/support
Title: Microsoft 365 Admins

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/
Title: Developer

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/reportascam/
Title: Report a support scam

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/security-updates/SecurityAdvisories/2009/974926
Title: Microsoft Security Advisory 974926

Search URL Search Domain Scan URL

URL: https://msrc-blog.microsoft.com/2009/12/08/extended-protection-for-authentication/
Title: Extended Protection for Authentication (EPA)

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/dotnet/framework/configure-apps/file-schema/wcf/transport-of-basichttpbinding
Title: <transport> of <basicHttpBinding>

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-ntlm-authentication-in-this-domain
Title: Network security: Restrict NTLM: NTLM authentication in this domain

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-incoming-ntlm-traffic
Title: Network security: Restrict NTLM: Incoming NTLM traffic

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/ADV210003
Title: Microsoft Security Advisory ADV210003

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Ftopic%2Fkb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Title:

Search URL Search Domain Scan URL

URL: https://linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Ftopic%2Fkb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429&title=KB5005413%3A%20Mitigating%20NTLM%20Relay%20Attacks%20on%20Active%20Directory%20Certificate%20Services%20(AD%20CS)
Title:

Search URL Search Domain Scan URL

URL: https://insider.microsoft.com/
Title: Join Microsoft Insiders

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/microsoft-365/try?ocid=oo_support_mix_marvel_ups_support_tryfloatie
Title: A subscription to make the most of your time Try one month free

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/surface-laptop-4/946627FB12T1
Title: Surface Laptop 4

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/surface-laptop-go/94FC0BDGQ7WV
Title: Surface Laptop Go

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/surface-go-2/8PT3S2VJMDR6
Title: Surface Go 2

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/surface-pro-x/8QG3BMRHNWHK
Title: Surface Pro X

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/Surface-Duo/8p98gbqkdzl5
Title: Surface Duo

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/windows/windows-10-apps
Title: Windows 10 apps

Search URL Search Domain Scan URL

URL: https://account.microsoft.com/
Title: Account profile

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/download
Title: Download Center

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2139749
Title: Microsoft Store support

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/p/?LinkID=824764&clcid=0x409
Title: Returns

Search URL Search Domain Scan URL

URL: https://account.microsoft.com/orders
Title: Order tracking

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/why-microsoft-store?icid=footer_why-msft-store_7102020
Title: Microsoft Store Promise

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/payment-financing-options?icid=footer_financing_vcc
Title: Financing

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/education
Title: Microsoft in education

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/education/products/office/default.aspx
Title: Office for students

Search URL Search Domain Scan URL

URL: https://products.office.com/en-us/academic/compare-office-365-education-plans
Title: Office 365 for schools

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/b/education?icid=CNavfooter_Studentsandeducation
Title: Deals for students & parents

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/community/education/
Title: Microsoft Azure in education

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/
Title: Azure

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=808093
Title: AppSource

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/industry/automotive
Title: Automotive

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/industry/government
Title: Government

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/industry/health/microsoft-cloud-for-healthcare
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/industry/manufacturing/microsoft-cloud-for-manufacturing
Title: Manufacturing

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/industry/financial-services/microsoft-cloud-for-financial-services
Title: Financial services

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/industry/retail/microsoft-cloud-for-retail
Title: Retail

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/en-us/store/register
Title: Microsoft developer program

Search URL Search Domain Scan URL

URL: https://channel9.msdn.com/
Title: Channel 9

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/microsoft-365
Title: Microsoft 365 Dev Center

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/microsoft-365/dev-program
Title: Microsoft 365 Developer Program

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/garage/
Title: Microsoft Garage

Search URL Search Domain Scan URL

URL: https://careers.microsoft.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/about
Title: About Microsoft

Search URL Search Domain Scan URL

URL: https://news.microsoft.com/
Title: Company news

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-us
Title: Privacy at Microsoft

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/investor/default.aspx
Title: Investors

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/diversity/
Title: Diversity and inclusion

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/security/default.aspx
Title: Security

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/sitemap1.aspx
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=206977
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/trademarks
Title: Trademarks

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/devices/safety-and-eco
Title: Safety & eco

Search URL Search Domain Scan URL

URL: https://choice.microsoft.com/
Title: About our ads

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://videoplayercdn.osi.office.net/s/js/vxp.js HTTP 302
https://www.microsoft.com/videoplayer/js/vxpiframe.js

Request Chain 41

https://support.microsoft.com/en-us/authentication/silentsignin?ru=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fsilentsigninhandler HTTP 302
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=637631821883223633.MTJmNzI5OTMtNDk2ZC00ZTYwLTljNWMtMWE3ZDk1ODQxMTdkMWQzMGE2MjgtZWEzZi00ZDljLWFiNDMtMGUxOGI3MjJmOTcx&prompt=none&state=CfDJ8GCh8YXpXDVDoVtoijOgOA1PWlRpwAVYZxUlkQPZ40sJ3YJKh8TxeGVRvZ-Lm79kiKThFMEUOOUoTb2P2KLF0i29qBnyuZK5XZLCSTIpa-YY3YP_FOlsa_jOr_ZSB64LTbJTdIM7-AHlzPrcuDL_kaJzeYqMcfoJtaEaAqGawH_ISmHsEOtNGse_BBGYTDOO49iVqrhED_sbdLhCRCGaXdElnAJLkoDyxNT3iFo7NhA-if_ZwhlJFgfr2bpqjRlyvtcuFDT6cQONkJ1fMIaNQYIlpq1Zl2-z96CpD3Yft_tbvzSb-1MrCdp74Fxm30VFXzu8hu71fYQn6stPiB0dVAKGVaA70dSZvC0wGSFLIPvU&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0

Request Chain 54

https://support.microsoft.com/signin-oidc HTTP 302
https://support.microsoft.com/en-us/silentsigninhandler

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429 Show response
support.microsoft.com/en-us/topic/ 112 KB
22 KB 245ms
106ms Document
text/html 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Kestrel /

Resource Hash

83e0f8ff93936f0f970441c89c7e061d25747954e8ebb67b1126c6159c7b88ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Host: support.microsoft.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Server: Kestrel
Request-Context: appId=
x-correlationid: 0HMAHVPH573BB:0000014F
x-operationid: 48cedc0ba229b144b2aaf66396b60952
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 29 Jul 2021 19:03:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Length: 21568
Connection: keep-alive
Set-Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217; max-age=31536000; path=/; secure; samesite=none
Strict-Transport-Security: max-age=86400 ; includeSubDomains

GET
H/1.1 200
OK Cookie set css
support.microsoft.com/SocContent/ 140 KB
25 KB 72ms
71ms Stylesheet
text/css 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/SocContent/css

Requested by

Host: support.microsoft.com
URL: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

4d107266a2f0295908b3ac8287197103c63d32ea4b9a324d3e7b90554d2ce09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: ada4d529-336f-4112-8a90-0df7201435c9
X-EdgeConnect-Origin-MEX-Latency: 13
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-EdgeConnect-MidMile-RTT: 0
X-OfficeVersion: 16.0.14322.37650
X-OfficeFE: OdcSupFrontEnd_IN_10
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 24505
Last-Modified: Thu, 29 Jul 2021 19:03:07 GMT
X-OfficeCluster: weu-zzz.odcsup.osi.office.net
X-UserSessionId: ada4d529-336f-4112-8a90-0df7201435c9
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=1778
Set-Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217; expires=Fri, 29-Jul-2022 19:03:07 GMT; path=/; secure; HttpOnly
Expires: Thu, 29 Jul 2021 19:32:45 GMT

GET
H/1.1 200
OK Cookie set articleCss
support.microsoft.com/SocContent/ 132 KB
19 KB 144ms
63ms Stylesheet
text/css 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/SocContent/articleCss

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

ae64095e7eb4319ced015e51f9ba3ec370c715825c7d7002ab54085e096cd35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: ff6bd48c-9eab-448c-a9a9-bb37a2f2ecf7
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14322.37650
X-OfficeFE: OdcSupFrontEnd_IN_34
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 18642
Pragma: no-cache
Last-Modified: Thu, 29 Jul 2021 19:03:07 GMT
X-OfficeCluster: weu-zzz.odcsup.osi.office.net
X-UserSessionId: ff6bd48c-9eab-448c-a9a9-bb37a2f2ecf7
Vary: User-Agent Accept-Encoding
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217; expires=Fri, 29-Jul-2022 19:03:07 GMT; path=/; secure; HttpOnly
Expires: Thu, 29 Jul 2021 19:03:07 GMT

GET
H/1.1 200
OK Cookie set stickyFeedbackCss
support.microsoft.com/SocContent/ 4 KB
2 KB 136ms
54ms Stylesheet
text/css 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/SocContent/stickyFeedbackCss

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

e1a3184bd0814f1bbe55d855c8626e4c1cb9e5640017d6ecf36fb58fbc086640

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: 4d06c8f2-19ef-42fb-b2ee-768bf45b578e
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14322.37650
X-OfficeFE: OdcSupFrontEnd_IN_24
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1249
Pragma: no-cache
Last-Modified: Thu, 29 Jul 2021 19:03:07 GMT
X-OfficeCluster: weu-zzz.odcsup.osi.office.net
X-UserSessionId: 4d06c8f2-19ef-42fb-b2ee-768bf45b578e
Vary: User-Agent Accept-Encoding
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217; expires=Fri, 29-Jul-2022 19:03:07 GMT; path=/; secure; HttpOnly
Expires: Thu, 29 Jul 2021 19:03:07 GMT

GET
H/1.1 200
OK Cookie set floodgate
support.microsoft.com/SocContent/ 14 KB
3 KB 138ms
57ms Stylesheet
text/css 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/SocContent/floodgate

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

08cf23efd5690dca494b8d97bef56e71649050e630650726b1ea9e15ba1a92ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: deb963ab-b2b5-462e-855f-6ef09e18f196
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14322.37650
X-OfficeFE: OdcSupFrontEnd_IN_8
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 2553
Pragma: no-cache
Last-Modified: Thu, 29 Jul 2021 19:03:07 GMT
X-OfficeCluster: weu-zzz.odcsup.osi.office.net
X-UserSessionId: deb963ab-b2b5-462e-855f-6ef09e18f196
Vary: User-Agent Accept-Encoding
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217; expires=Fri, 29-Jul-2022 19:03:07 GMT; path=/; secure; HttpOnly
Expires: Thu, 29 Jul 2021 19:03:07 GMT

GET
H/1.1 200
OK Cookie set officeShared
support.microsoft.com/SocContent/ 7 KB
3 KB 136ms
55ms Stylesheet
text/css 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/SocContent/officeShared

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

4b458dd17c25332dc7a2e49b900ecbbcf9dd1b2b6d077a22e81865cc647f4638

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: dc884ff7-d3bf-4ebe-8e9e-1f9502dfd7e9
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14322.37650
X-OfficeFE: OdcSupFrontEnd_IN_36
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1653
Pragma: no-cache
Last-Modified: Thu, 29 Jul 2021 19:03:07 GMT
X-OfficeCluster: weu-zzz.odcsup.osi.office.net
X-UserSessionId: dc884ff7-d3bf-4ebe-8e9e-1f9502dfd7e9
Vary: User-Agent Accept-Encoding
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217; expires=Fri, 29-Jul-2022 19:03:07 GMT; path=/; secure; HttpOnly
Expires: Thu, 29 Jul 2021 19:03:07 GMT

GET
H/1.1 200
OK feedBack.css
support.microsoft.com/css/ 5 KB
2 KB 122ms
42ms Stylesheet
text/css 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/css/feedBack.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Kestrel /

Resource Hash

9739202e8f66169614cfb11203c4fc5c94161ceb2a03ddb058f7f30ae68d4f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-correlationid: 0HMAHVOGE8UA3:00000002
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 19:28:12 GMT
Server: Kestrel
ETag: "1d783e6b437fcfe"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Cache-Control: private, max-age=211
x-operationid: 145b449a5457f84b8d93ab8c673264f1
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Accept-Ranges: bytes
Content-Length: 1562
Request-Context: appId=

GET
H/1.1 200
OK promotionBanner.css
support.microsoft.com/css/ 5 KB
2 KB 131ms
44ms Stylesheet
text/css 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/css/promotionBanner.css?v=QjK4bKI1oo5wv1wTHVLfdtDSNM8uHb4GlCgyHknWbG0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Kestrel /

Resource Hash

4232b86ca235a28e70bf5c131d52df76d0d234cf2e1dbe069428321e49d66c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-correlationid: 0HMAHVPH573KV:00000002
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 19:30:08 GMT
Server: Kestrel
ETag: "1d783e6f95c3270"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Cache-Control: private, max-age=205
x-operationid: 5190f21506b7de44a564f7cd54a5174f
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Accept-Ranges: bytes
Content-Length: 1513
Request-Context: appId=

GET
H2 200 12-3fa398
www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/9a-7f4513/d3-aaa44b/b4-c9971d/d5-a1eae7/70-03335b/3c-153056/c9-d90127/ 166 KB
23 KB 38ms
19ms Stylesheet
text/css 2a02:26f0:6c00:2ae::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/9a-7f4513/d3-aaa44b/b4-c9971d/d5-a1eae7/70-03335b/3c-153056/c9-d90127/12-3fa398?ver=2.0&_cf=20210618

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cbfd55e6d467d488ed3a456e0ca01639b945aa656f0824626ef28eeeecd2d4f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ms-operation-id: fd9f7d962a32a545b0a72c862703d811
date: Thu, 29 Jul 2021 19:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2021-07-21T03:39:55
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 31908a7e-9b93-489d-a8bf-1f8164a34024
tls_version: tls1.3
x-s1: 2021-07-21T03:39:55
ms-cv: wbhQPcDBxEO9mU/E.0
vary: Accept-Encoding
content-length: 22501
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Jul 2021 03:39:55 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-06-10T04:04:28.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30789399
timing-allow-origin: *
x-appversion: 1.0.7830.36134
expires: Thu, 21 Jul 2022 03:39:46 GMT

GET
H/1.1 200
OK override.css
statics-marketingsites-neu-ms-com.akamaized.net/statics/ 1 KB
907 B 142ms
42ms Stylesheet
text/css 2.16.186.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://statics-marketingsites-neu-ms-com.akamaized.net/statics/override.css
Requested by: Host: support.microsoft.com
URL: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-27.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jun 2019 23:22:13 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D6EEC3A2D67C35
Vary: Accept-Encoding
Content-Type: text/css
x-ms-request-id: abce744b-901e-0041-680c-342219000000
x-ms-version: 2009-09-19
Connection: keep-alive
Content-Length: 473

GET
H/1.1 200
OK Cookie set topNavCss
support.microsoft.com/SocContent/ 4 KB
2 KB 180ms
58ms Stylesheet
text/css 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/SocContent/topNavCss

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

24cc6cfce7544bd99d0c0015d00ab967675f6b9df32e95d6ed49afd4b90fcbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: a94feb48-5ba2-455c-90cd-d1aa28646822
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14322.37650
X-OfficeFE: OdcSupFrontEnd_IN_8
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 1162
Pragma: no-cache
Last-Modified: Thu, 29 Jul 2021 19:03:07 GMT
X-OfficeCluster: weu-zzz.odcsup.osi.office.net
X-UserSessionId: a94feb48-5ba2-455c-90cd-d1aa28646822
Vary: User-Agent Accept-Encoding
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217; expires=Fri, 29-Jul-2022 19:03:07 GMT; path=/; secure; HttpOnly
Expires: Thu, 29 Jul 2021 19:03:07 GMT

GET
H2 200 RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 4 KB
4 KB 24ms
6ms Image
image/png 2a02:26f0:6c00::210:ba28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:6c00::210:ba28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Jul 2021 19:03:07 GMT
last-modified: Wed, 28 Jul 2021 12:26:54 GMT
x-datacenter: NorthEU
x-source-length: 4054
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=321893
x-activityid: 67a90f43-334d-475b-8ee5-ba800ca87f0e
x-deployment: a89a5014e89c41b7b60a64d7ee950637
content-location: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
content-length: 4054
expires: Mon, 02 Aug 2021 12:28:00 GMT

GET
H/1.1 200
OK Facebook-GrayScale.png
support.microsoft.com/images/ 240 B
743 B 46ms
43ms Image
image/png 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.microsoft.com/images/Facebook-GrayScale.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Kestrel /

Resource Hash

1e6a1db4e61efca3846b5a27f5abb9ed776b935e90424cd55ae1f2ce92d73e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
x-correlationid: 0HMAHVPGDT21Q:00000002
Server: Kestrel
ETag: "1d783e6f8c38970"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: image/png
Cache-Control: private, max-age=152
Last-Modified: Wed, 28 Jul 2021 19:30:07 GMT
x-operationid: 304cbb8ec9a5ac478ac67a3d70eabbb4
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Accept-Ranges: bytes
Content-Length: 246
Request-Context: appId=

GET
H/1.1 200
OK Linkedin-GrayScale.png
support.microsoft.com/images/ 270 B
784 B 42ms
39ms Image
image/png 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.microsoft.com/images/Linkedin-GrayScale.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Kestrel /

Resource Hash

292c4cabd66c25753ce8bbfa1e8a32b47703ab1f809670b056d5b59cfcaf5fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
x-correlationid: 0HMAHVM91Q7N1:00000002
Server: Kestrel
ETag: "1d783e622c87d0e"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: image/png
Cache-Control: private, max-age=170
Last-Modified: Wed, 28 Jul 2021 19:24:08 GMT
x-operationid: d719ae9487ea4341ba464e9e1bdf7282
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Accept-Ranges: bytes
Content-Length: 287
Request-Context: appId=

GET
H/1.1 200
OK Mail-GrayScale.png
support.microsoft.com/images/ 284 B
786 B 46ms
44ms Image
image/png 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.microsoft.com/images/Mail-GrayScale.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Kestrel /

Resource Hash

8ef6e4f16ae501ad18088960b404af57871be54ea8a0c7088872b88eb5dc2b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
x-correlationid: 0HMAHVNJUDGL4:00000002
Server: Kestrel
ETag: "1d783e66ae79f9c"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: image/png
Cache-Control: private, max-age=164
Last-Modified: Wed, 28 Jul 2021 19:26:09 GMT
x-operationid: ce1c3d1dfe07ce46a0fc12a6f66dc99a
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Accept-Ranges: bytes
Content-Length: 289
Request-Context: appId=

GET
H2 200 bf3cb7f2-78c0-42e9-a066-5aec163f95c4.png
support.content.office.net/en-us/media/ 29 KB
29 KB 157ms
45ms Image
image/png 2.18.232.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.content.office.net/en-us/media/bf3cb7f2-78c0-42e9-a066-5aec163f95c4.png
Requested by: Host: support.microsoft.com
URL: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b5ab984fa5f286a9b25bccb92c625b7f584e629c759ae75fa858f19718619493

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 29 Jul 2021 19:03:08 GMT
last-modified: Fri, 19 Mar 2021 20:30:38 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 2X19TWWW4LxZJBYIfWieyg==
etag: 0x8D8EB15DBB20259
content-type: image/png
x-ms-request-id: e8f50276-401e-0018-4c2a-461de3000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
content-length: 29242

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 14ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://support.microsoft.com
Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 19:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 563215
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGuI5X5JSrs5t3qc11HquP8VgvvLMnu%2BNYoGw53nF9nWiw8UDbHS1WHuITkuydItNSw0PGr6nKW078nPhFQCUAsTX3f7DD1dSqXgu3cwUWCzhqcPy85hOmkSWTT5osOcIEbSNFCbV1srRK2hZdWIwP1Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67689b024c5b4dfa-FRA
expires: Tue, 19 Jul 2022 19:03:07 GMT

GET
H2 200 jsll-4.3.5.js Show response
az725175.vo.msecnd.net/scripts/ 55 KB
18 KB 97ms
24ms Script
text/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az725175.vo.msecnd.net/scripts/jsll-4.3.5.js
Requested by: Host: support.microsoft.com
URL: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C20) /
Resource Hash: e246eff2f6ae3e255a06eb561e6fc93ae3bef2cce22c5e0124d713c15f80567c

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jul 2021 19:03:07 GMT
content-encoding: gzip
content-md5: yvXHFTB8uAvUsw4tqOlcNw==
age: 548
x-cache: HIT
content-length: 18421
x-ms-lease-status: unlocked
last-modified: Mon, 22 Feb 2021 22:12:57 GMT
server: ECAcc (mil/6C20)
etag: 0x8D8D77F0258B7A8
vary: Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
x-ms-request-id: e02b3ba2-b01e-001e-3fab-8415c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable
x-ms-version: 2009-09-19

GET
H2 200 ms.analytics-web-3.1.4.min.js Show response
js.monitor.azure.com/scripts/c/ 132 KB
43 KB 75ms
23ms Script
text/javascript 2620:1ec:29::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.1.4.min.js
Requested by: Host: support.microsoft.com
URL: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9e20c155b22a3ff7249186d0a76296160e38f53337be466077a760698280bc2e

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 19:03:07 GMT
content-encoding: br
x-ms-meta-jssdkver: 3.1.4
last-modified: Thu, 08 Jul 2021 22:35:32 GMT
content-md5: 1QO1G1+Kvn3Xq45w7rhBEw==
etag: 0x8D94260B25DC066
x-azure-ref: 0a/sCYQAAAAAI+dEplsy5Q4EQm94/6ur8TE9OMjFFREdFMTUxMgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 7f881dfd-301e-004e-62fa-83c6fd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000, immutable
x-ms-version: 2009-09-19

GET
H2 200 wcp-consent.js Show response
wcpstatic.microsoft.com/mscc/lib/v2/ 249 KB
74 KB 79ms
28ms Script
application/javascript 2620:1ec:29::42
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Requested by: Host: support.microsoft.com
URL: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::42 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 208edbed32b2adac9446df83caa4a093a261492ba6b8b3bcfe6a75efb8b70294

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Jul 2021 19:03:07 GMT
content-encoding: gzip
vary: Accept-Encoding
content-md5: OLdpUi3Q5MKZjJA0pU4XTg==
age: 20874
x-cache: HIT, CONFIG_NOCACHE
content-length: 75124
x-ms-lease-status: unlocked
last-modified: Wed, 14 Oct 2020 22:31:12 GMT
etag: 0x8D87090DB39FE9E
x-azure-ref: 0a/sCYQAAAAA1y+S3ZDqOQqAKNRMY2yJPTE9OMjFFREdFMDExMAAzOWI0NjE1Ny1jYjllLTQ5YjctYTY1YS04NzIyYTNmODI0ZTQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e9ef27ba-501e-0076-037b-843f7f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 17-f90ef1 Show response
www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4... 133 KB
35 KB 28ms
24ms Script
text/javascript 2a02:26f0:6c00:2ae::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/11-240c7b/63-077520/a4-34de62/bb-d7480b/db-bc0148/dc-7e9864/6d-c07ea1/9d-b58f60/f6-aa5278/cd-23d3b0/6d-1e7ed0/b7-cadaa7/c4-898cf2/ca-40b7b0/4e-ee3a55/3e-f5c39b/c3-6454d7/f9-7592d3/92-10345d/79-499886/7e-cda2d3/69-13871c/6a-234a32/e0-3c9860/91-97a04f/1f-100dea/33-abe4df/17-f90ef1?ver=2.0&_cf=20210618&iife=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c136857d2449fb47e6c43792d4b296dff96f4ba5aab06f899bf525b17dd4d4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ms-operation-id: 38742b5e5914e14fb652b598208b3dfd
date: Thu, 29 Jul 2021 19:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-rtag: RT
x-s2: 2021-06-18T10:09:26
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: ecf3b693-d3c3-4345-80db-538b6110d144
tls_version: tls1.3
x-s1: 2021-06-18T10:09:26
ms-cv: 4FwkfsHb20OUKqNQ.0
vary: Accept-Encoding
content-length: 35521
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Jun 2021 10:09:26 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-06-03T05:24:02.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=27961615
timing-allow-origin: *
x-appversion: 1.0.7823.38521
expires: Sat, 18 Jun 2022 10:10:02 GMT

GET
H/1.1 200
OK meversion Show response
mem.gfx.ms/ 27 KB
10 KB 34ms
12ms Script
application/javascript 2a02:26f0:6c00:281::37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/meversion?partner=SMCConvergence&market=en-us&uhf=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:281::37 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c998be5c27da5a60c9f02acb293e2e86bc763a37ff9bc69b2baef158aa89eace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 29 Jul 2021 19:03:07 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, no-transform, max-age=43200
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 9578
Expires: Fri, 30 Jul 2021 01:38:24 GMT

GET
H/1.1 200
OK TelemetryLogging.js Show response
support.microsoft.com/js/ 1 KB
926 B 46ms
43ms Script
application/javascript 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/js/TelemetryLogging.js?v=f4vItOfZ5XSCjEZx1tgEaLysr1h7lmsOGaBapPNdHSo

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Kestrel /

Resource Hash

7f8bc8b4e7d9e574828c4671d6d80468bcacaf587b966b0e19a05aa4f35d1d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-correlationid: 0HMAHVQQ7P54T:00000003
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 19:32:11 GMT
Server: Kestrel
ETag: "1d783e742ac6ac8"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: private, max-age=92
x-operationid: b034f531f6c09e40ad3e288a47b761e1
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Accept-Ranges: bytes
Content-Length: 417
Request-Context: appId=

GET
H/1.1 200
OK promotionBanner.js Show response
support.microsoft.com/js/ 5 KB
2 KB 43ms
40ms Script
application/javascript 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/js/promotionBanner.js?v=B7e8izUe94uuRztPkO_sumpogEaSCGLBH9gKN22PkrI

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Kestrel /

Resource Hash

07b7bc8b351ef78bae473b4f90efecba6a688046920862c11fd80a376d8f92b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-correlationid: 0HMAHVPH573H3:00000002
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 19:30:08 GMT
Server: Kestrel
ETag: "1d783e6f95c32a1"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: private, max-age=33
x-operationid: 1f9d545ca196d64bb2a51f03d474b50d
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Accept-Ranges: bytes
Content-Length: 1600
Request-Context: appId=

GET
H/1.1 200
OK feedback.js Show response
support.microsoft.com/js/ 21 KB
6 KB 48ms
46ms Script
application/javascript 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/js/feedback.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Kestrel /

Resource Hash

dfe0d2875943e0cc7edc28a8e393cb644163150b1f4b685ca03b2ed8d2883f8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-correlationid: 0HMAHVM8ATAS6:00000002
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 19:24:08 GMT
Server: Kestrel
ETag: "1d783e622c82987"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: private, max-age=55
x-operationid: 1939bc9d2f03874899936653ac633b40
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Accept-Ranges: bytes
Content-Length: 5713
Request-Context: appId=

GET
H/1.1 200
OK Cookie set TopNav Show response
support.microsoft.com/socbundles/ 1 KB
1 KB 56ms
55ms Script
text/javascript 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/socbundles/TopNav

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

b846f82239a1e1e0dcf2b52cbebe5da690c623d1fcf92288c077e4d335a09564

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: 44059483-b535-466f-8602-88d3fde4b3ee
Date: Thu, 29 Jul 2021 19:03:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14322.37650
X-OfficeFE: OdcSupFrontEnd_IN_36
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 399
Pragma: no-cache
Last-Modified: Thu, 29 Jul 2021 19:03:07 GMT
X-OfficeCluster: weu-zzz.odcsup.osi.office.net
X-UserSessionId: 44059483-b535-466f-8602-88d3fde4b3ee
Vary: User-Agent Accept-Encoding
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217; expires=Fri, 29-Jul-2022 19:03:07 GMT; path=/; secure; HttpOnly
Expires: Thu, 29 Jul 2021 19:03:08 GMT

GET
H/1.1 200
OK Cookie set support Show response
support.microsoft.com/socbundles/ 46 KB
15 KB 60ms
57ms Script
text/javascript 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/socbundles/support

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

b2ed2aa80725c090bd644c984d0123bca2b288d25c06da025cc9dd54976f57e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: 6610bbed-3786-41fc-9cfd-a2049e23760d
Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14322.37650
X-OfficeFE: OdcSupFrontEnd_IN_36
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 14522
Pragma: no-cache
Last-Modified: Thu, 29 Jul 2021 19:03:07 GMT
X-OfficeCluster: weu-zzz.odcsup.osi.office.net
X-UserSessionId: 6610bbed-3786-41fc-9cfd-a2049e23760d
Vary: User-Agent Accept-Encoding
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217; expires=Fri, 29-Jul-2022 19:03:07 GMT; path=/; secure; HttpOnly
Expires: Thu, 29 Jul 2021 19:03:07 GMT

GET
H/1.1 200
OK Cookie set article Show response
support.microsoft.com/socbundles/ 71 KB
18 KB 68ms
67ms Script
text/javascript 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/socbundles/article

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

06c2c12c14438126adf4197fa1141078e648359aeae21e67eb5cc911eae10374

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: 85a4372e-6204-4fd5-b2c8-18ce82e8eeb5
Date: Thu, 29 Jul 2021 19:03:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14322.37650
X-OfficeFE: OdcSupFrontEnd_IN_34
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 17681
Pragma: no-cache
Last-Modified: Thu, 29 Jul 2021 19:03:07 GMT
X-OfficeCluster: weu-zzz.odcsup.osi.office.net
X-UserSessionId: 85a4372e-6204-4fd5-b2c8-18ce82e8eeb5
Vary: User-Agent Accept-Encoding
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217; expires=Fri, 29-Jul-2022 19:03:07 GMT; path=/; secure; HttpOnly
Expires: Thu, 29 Jul 2021 19:03:08 GMT

GET
H/1.1 200
OK Cookie set autoSuggest Show response
support.microsoft.com/socbundles/ 112 KB
42 KB 72ms
71ms Script
text/javascript 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/socbundles/autoSuggest

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

94fb96e589402e48dab1020a039dea0354e2362803aec419279d5c6bfd10a0fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: db405b65-0140-4fa1-83f7-cae06c6859c2
Date: Thu, 29 Jul 2021 19:03:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14322.37650
Transfer-Encoding: chunked
X-OfficeFE: OdcSupFrontEnd_IN_34
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive Transfer-Encoding
Pragma: no-cache
Last-Modified: Thu, 29 Jul 2021 19:03:08 GMT
X-OfficeCluster: weu-zzz.odcsup.osi.office.net
X-UserSessionId: db405b65-0140-4fa1-83f7-cae06c6859c2
Vary: User-Agent Accept-Encoding
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217; expires=Fri, 29-Jul-2022 19:03:08 GMT; path=/; secure; HttpOnly
Expires: Thu, 29 Jul 2021 19:03:08 GMT

GET
H2

200

vxpiframe.js Show response
www.microsoft.com/videoplayer/js/
Redirect Chain

https://videoplayercdn.osi.office.net/s/js/vxp.js
https://www.microsoft.com/videoplayer/js/vxpiframe.js

18 KB
7 KB

16ms
15ms

Script
application/x-javascript

2a02:26f0:6c00:2ae::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/videoplayer/js/vxpiframe.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3a9548eb083d31a4ddaca69535ce9472c7d187acf105c1ed773f04a2f7cd0636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ms-operation-id: 37b1320d53891e488319837605a4016a
date: Thu, 29 Jul 2021 19:03:08 GMT
content-encoding: gzip
vary: Accept-Encoding
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 635f1a2d-9be8-4591-86c6-f8f4a2b74869
tls_version: tls1.3
ms-cv: pWy/F8kRNkiMdMQ1.0
content-length: 6191
x-xss-protection: 1; mode=block
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-06-10T04:04:28.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-transform
x-appversion: 1.0.7830.36134

Redirect headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 19:03:08 GMT
Server: AkamaiGHost
Location: https://www.microsoft.com/videoplayer/js/vxpiframe.js
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 29 Jul 2021 19:03:08 GMT

GET
H/1.1 200
OK Cookie set floodgate Show response
support.microsoft.com/socbundles/ 272 KB
66 KB 88ms
88ms Script
text/javascript 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/socbundles/floodgate

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

0b0010d3c5a0feffec902bdbf690d68e97e533a2b2007b2a8a314e847f8c2c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Referer: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CorrelationId: 29dcd211-2e33-47a0-a036-dc59c2dcc0ff
Date: Thu, 29 Jul 2021 19:03:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14322.37650
Transfer-Encoding: chunked
X-OfficeFE: OdcSupFrontEnd_IN_24
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive Transfer-Encoding
Pragma: no-cache
Last-Modified: Thu, 29 Jul 2021 19:03:08 GMT
X-OfficeCluster: weu-zzz.odcsup.osi.office.net
X-UserSessionId: 29dcd211-2e33-47a0-a036-dc59c2dcc0ff
Vary: User-Agent Accept-Encoding
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217; expires=Fri, 29-Jul-2022 19:03:08 GMT; path=/; secure; HttpOnly
Expires: Thu, 29 Jul 2021 19:03:08 GMT

GET
H2 200 mwfmdl2-v3.54.woff
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ 26 KB
26 KB 38ms
19ms Font
application/font-woff 2a02:26f0:6c00:2ae::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/9a-7f4513/d3-aaa44b/b4-c9971d/d5-a1eae7/70-03335b/3c-153056/c9-d90127/12-3fa398?ver=2.0&_cf=20210618

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2ae::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://support.microsoft.com
Referer: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/9a-7f4513/d3-aaa44b/b4-c9971d/d5-a1eae7/70-03335b/3c-153056/c9-d90127/12-3fa398?ver=2.0&_cf=20210618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ms-operation-id: ab6cae717d8a8743904e5d95c9d47798
date: Thu, 29 Jul 2021 19:03:07 GMT
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: f02fe018-a5e3-4e23-8ae3-bbcbe2eb0dd6
tls_version: tls1.3
ms-cv: GXsD5slkPEy6wAzU.0
content-length: 26288
x-xss-protection: 1; mode=block
last-modified: Mon, 17 May 2021 23:20:05 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2021-05-07T09:29:32.0000000Z}
strict-transport-security: max-age=31536000
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=25244228
x-appversion: 1.0.7797.2686
expires: Tue, 17 May 2022 23:20:15 GMT

GET
H/1.1 200
OK DevCMDL2.2.50.woff
support.microsoft.com/css/ 18 KB
18 KB 61ms
44ms Font
application/font-woff 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/css/DevCMDL2.2.50.woff

Requested by

Host: support.microsoft.com
URL: https://support.microsoft.com/css/promotionBanner.css?v=QjK4bKI1oo5wv1wTHVLfdtDSNM8uHb4GlCgyHknWbG0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Kestrel /

Resource Hash

12d95d8d400eeafa0258e9d29d6ea5ef0ec9cfc1410b75e47976fcb3f92082b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://support.microsoft.com
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://support.microsoft.com/css/promotionBanner.css?v=QjK4bKI1oo5wv1wTHVLfdtDSNM8uHb4GlCgyHknWbG0
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Origin: https://support.microsoft.com
Referer: https://support.microsoft.com/css/promotionBanner.css?v=QjK4bKI1oo5wv1wTHVLfdtDSNM8uHb4GlCgyHknWbG0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
x-correlationid: 0HMAHVOGE8UES:00000002
Server: Kestrel
ETag: "1d783e6b437a98c"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/font-woff
Cache-Control: private, max-age=172
Last-Modified: Wed, 28 Jul 2021 19:28:12 GMT
x-operationid: b37e45a165d8d146861ca74ef1d6af07
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Accept-Ranges: bytes
Content-Length: 18301
Request-Context: appId=

GET
H/1.1 200
OK OffSMDL2.4.36.woff
support.microsoft.com/socfonts/ 28 KB
29 KB 62ms
45ms Font
font/x-woff 2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/socfonts/OffSMDL2.4.36.woff

Requested by

Host: support.microsoft.com
URL: https://support.microsoft.com/SocContent/css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Resource Hash

3cf4f7c27a62452c548b659e89a672e65a29419940134ec869df0398f8b135cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://support.microsoft.com
Accept-Encoding: gzip, deflate, br
Host: support.microsoft.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://support.microsoft.com/SocContent/css
Cookie: EXPID=90cb54c6-a621-4fd2-85d6-acface661217
Connection: keep-alive
Origin: https://support.microsoft.com
Referer: https://support.microsoft.com/SocContent/css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 19:03:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-OfficeVersion: 16.0.14322.37650
X-OfficeFE: OdcSupFrontEnd_IN_8
P3P: CP="CAO DSP COR ADMa DEV CONi TELi CUR PSA PSD TAI IVDi OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR"
Connection: keep-alive
Content-Length: 28838
Cache-Control: public, max-age=101
Last-Modified: Thu, 22 Jul 2021 00:19:04 GMT
X-OfficeCluster: weu-zzz.odcsup.osi.office.net
X-UserSessionId: b39b7478-23f1-45a3-bade-b9171e2f88a8
ETag: "08c872d8f7ed71:0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400 ; includeSubDomains
Content-Type: font/x-woff
Access-Control-Allow-Origin: https://support.microsoft.com
X-CorrelationId: b39b7478-23f1-45a3-bade-b9171e2f88a8
Accept-Ranges: bytes

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/ 29 KB
29 KB 24ms
6ms Font
font/woff2 2a02:26f0:6c00:290::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/9a-7f4513/d3-aaa44b/b4-c9971d/d5-a1eae7/70-03335b/3c-153056/c9-d90127/12-3fa398?ver=2.0&_cf=20210618
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:290::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

Origin: https://support.microsoft.com
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 19:03:07 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "5b68d583e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=75859
accept-ranges: bytes
content-length: 29388
expires: Fri, 30 Jul 2021 16:07:26 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 18ms
11ms Font
font/woff2 2a02:26f0:6c00:290::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-neu-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/9a-7f4513/d3-aaa44b/b4-c9971d/d5-a1eae7/70-03335b/3c-153056/c9-d90127/12-3fa398?ver=2.0&_cf=20210618
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:290::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Origin: https://support.microsoft.com
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 19:03:07 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "588d483e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=77564
accept-ranges: bytes
content-length: 34052
expires: Fri, 30 Jul 2021 16:35:51 GMT

GET
H2 200 e9341ac7-730d-4fef-81d6-0202605ddcd3.png
support.content.office.net/en-us/media/ 331 KB
332 KB 52ms
51ms Image
image/png 2.18.232.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.content.office.net/en-us/media/e9341ac7-730d-4fef-81d6-0202605ddcd3.png
Requested by: Host: support.microsoft.com
URL: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 891b2cfdd6d2a9221d6b63d651e958608f19a5c688e32e541079881feaf4bede

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 29 Jul 2021 19:03:08 GMT
last-modified: Sat, 24 Jul 2021 07:09:19 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 5NJac/CHB+UyPmWUqTXxfw==
etag: 0x8D94E71F4E1AB4A
content-type: image/png
x-ms-request-id: 1f8c943c-d01e-009e-51a5-804931000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
content-length: 339164

GET
H2 200 d9c09e1d-4d11-449f-8c87-cd81a2bd8f4a.png
support.content.office.net/en-us/media/ 336 KB
337 KB 93ms
92ms Image
image/png 2.18.232.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.content.office.net/en-us/media/d9c09e1d-4d11-449f-8c87-cd81a2bd8f4a.png
Requested by: Host: support.microsoft.com
URL: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 68482ef69cdd7730e9d9b587f0f8ffde1bcf1a0652993371f9fff077ff7c9ab3

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 29 Jul 2021 19:03:08 GMT
last-modified: Sat, 24 Jul 2021 07:09:19 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ElLhPJ5k5RwmUJlHCjH5Pg==
etag: 0x8D94E71F4912DCC
content-type: image/png
x-ms-request-id: 75091a14-201e-004c-43cd-80f769000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
content-length: 344162

GET
H2 200 01ed57e2-29b9-4458-9ce6-6aaebe2b499c.png
support.content.office.net/en-us/media/ 212 KB
212 KB 93ms
92ms Image
image/png 2.18.232.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.content.office.net/en-us/media/01ed57e2-29b9-4458-9ce6-6aaebe2b499c.png
Requested by: Host: support.microsoft.com
URL: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 26b43d3908c0aaf89b202118553f4ff662022331ff5fd41c1f380a0b64435989

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 29 Jul 2021 19:03:08 GMT
last-modified: Wed, 28 Jul 2021 20:32:18 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: ua8Ril86eiPPUYzSzlVUNQ==
etag: 0x8D95206CB923ED3
content-type: image/png
x-ms-request-id: 6e3ee959-101e-000b-4bef-832802000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
content-length: 216701

GET
H2 200 8ba19269-4f02-4b04-8f44-394add1c319b.png
support.content.office.net/en-us/media/ 309 KB
310 KB 95ms
94ms Image
image/png 2.18.232.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.content.office.net/en-us/media/8ba19269-4f02-4b04-8f44-394add1c319b.png
Requested by: Host: support.microsoft.com
URL: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d1b3407b26ca9323476f5dd9acd37ccf533fdf269e468277c8850165715f36e7

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 29 Jul 2021 19:03:08 GMT
last-modified: Sat, 24 Jul 2021 07:09:20 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: zk38fERwL7RIqyUYNM18RA==
etag: 0x8D94E71F59E999A
content-type: image/png
x-ms-request-id: db9ce38e-201e-00cf-52b2-8057c4000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
content-length: 316766

GET
H2 200 0d8a82d3-abbf-43f3-bc2e-3baf6d41225d.png
support.content.office.net/en-us/media/ 301 KB
302 KB 98ms
98ms Image
image/png 2.18.232.50
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://support.content.office.net/en-us/media/0d8a82d3-abbf-43f3-bc2e-3baf6d41225d.png
Requested by: Host: support.microsoft.com
URL: https://support.microsoft.com/en-us/topic/kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-50.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6a7700fa8ac6af48ff692cc7963bbe157cdf3039737b9b0bc2d6678085fbde0c

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 29 Jul 2021 19:03:08 GMT
last-modified: Sat, 24 Jul 2021 07:09:21 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: cJbv5bcPVnEsPMz4j8Lu0Q==
etag: 0x8D94E71F5EC0901
content-type: image/png
x-ms-request-id: 314fd76b-b01e-0102-5d9b-8074d9000000
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
content-length: 308639

GET
H/1.1 200
OK t.js Show response
web.vortex.data.microsoft.com/collect/v1/ 281 B
966 B 166ms
41ms Script
application/javascript 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.js?ver=%272.1%27&name=%27Ms.Webi.PageView%27&time=%272021-07-29T19%3A03%3A08.283Z%27&os=%27Windows%27&appId=%27JS%3Asupport.office.com%27&-ver=%271.0%27&-impressionGuid=%270306c7e8-9202-40ca-924f-fc8393ab55a5%27&-pageName=%27kb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429%27&-uri=%27https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Ftopic%2Fkb5005413-mitigating-ntlm-relay-attacks-on-active-directory-certificate-services-ad-cs-3612b773-4043-4aa9-b23d-b87910cd3429%27&-market=%27en-US%27&-pageType=%27Article%27&-resHeight=1200&-resWidth=1600&-pageTags=%27%7B%22metaTags%22%3A%7B%22kb_id%22%3A%225005413%22%2C%22asst%22%3A%223612b773-4043-4aa9-b23d-b87910cd3429%22%2C%22contentlang%22%3A%22en%22%2C%22userFlightingId%22%3A%2290cb54c6-a621-4fd2-85d6-acface661217%22%2C%22expid%22%3A%22P-E-81319-C1-36%3BP-E-89755-C1-5%3BP-E-81324-2-14%3BP-E-86658-2-7%3BP-E-86151-4-5%3BP-E-82494-4-17%3BP-E-84907-3-6%3BP-E-84745-2-5%3BP-E-84744-C1-6%3BP-E-85251-C1-5%3BP-E-84748-2-5%3BP-E-84747-2-5%3BP-E-84746-2-5%3BP-E-84399-C1-5%3BP-E-84692-2-7%3BP-E-82513-2-10%3BP-E-82505-2-13%3BP-E-55055-C1-107%3BP-E-82511-4-10%3BP-E-83317-2-10%3BP-E-83971-3-6%3BP-E-76786-2-18%3BP-E-75575-C1-7%3BP-E-73628-C1-12%3BP-E-72824-4-7%3BP-R-90963-2-2%3BP-R-85662-1-2%3BP-R-85265-4-8%3BP-R-81586-2-6%3BP-R-80816-1-2%3BP-R-80813-1-2%3BP-R-73296-2-15%3BP-R-72164-1-2%3BP-R-63397-1-9%3BP-R-68455-1-2%22%2C%22variationid%22%3A%22ECS%22%2C%22prdct%22%3A%22office.com%22%2C%22stv%22%3A%221.0.0-2d8a7d4659a05c7081cd7556e6977d771844c261%22%2C%22title%22%3A%22KB5005413%3A%20Mitigating%20NTLM%20Relay%20Attacks%20on%20Active%20Directory%20Certificate%20Services%20(AD%20CS)%22%2C%22ms.product%22%3A%224d83ba0e-5ad3-1b00-4303-1863823d2178%2Cf08822eb-e7c5-9e48-e44c-760a079f84c0%2Cc3a1be8a-50db-47b7-d5eb-259debc3abcc%2Ceb958e25-cff9-2d06-53ca-f656481bb31f%2C2d67e9fb-2bd2-6742-08ee-628da707657f%22%2C%22ms.productName%22%3A%22Windows%20Server%202008%2CWindows%20Server%202008%20R2%2CWindows%20Server%202016%2CWindows%20Server%202019%2CWindows%20Server%202022%22%2C%22ms.lang%22%3A%22en%22%2C%22ms.loc%22%3A%22US%22%2C%22ms.ocpub.assetID%22%3A%223612b773-4043-4aa9-b23d-b87910cd3429%22%7D%7D%27&-behavior=0&*baseType=%27Ms.Content.PageView%27&*cookieEnabled=true&*isJs=true&*title=%27KB5005413%3A%20Mitigating%20NTLM%20Relay%20Attacks%20on%20Active%20Directory%20Certificate%20Services%20(AD%20CS)%27&*isLoggedIn=false&*serverImpressionGuid=%2700-48cedc0ba229b144b2aaf66396b60952-8d2d422407ecec41-00%27&*flashInstalled=false&ext-app-env=%27Production%27&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.3.5%27&ext-javascript-domain=%27support.microsoft.com%27&ext-javascript-userConsent=false&$mscomCookies=false

Requested by

Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.3.5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8ecab5125b120685f2f4fa3c663d67676a3e7f51cdc3d54d0547d2afe0de4089

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jul 2021 19:03:07 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: Bq9GczVH7E29rH1Kx7OmPA.0
Content-Type: application/javascript
Content-Length: 281
Expires: 0

GET
H/1.1

200
OK

Cookie set authorize Show response
login.microsoftonline.com/common/oauth2/v2.0/ Frame E286
Redirect Chain

https://support.microsoft.com/en-us/authentication/silentsignin?ru=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fsilentsigninhandler
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_...

147 KB
54 KB

187ms
63ms

Document
text/html

20.190.160.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=637631821883223633.MTJmNzI5OTMtNDk2ZC00ZTYwLTljNWMtMWE3ZDk1ODQxMTdkMWQzMGE2MjgtZWEzZi00ZDljLWFiNDMtMGUxOGI3MjJmOTcx&prompt=none&state=CfDJ8GCh8YXpXDVDoVtoijOgOA1PWlRpwAVYZxUlkQPZ40sJ3YJKh8TxeGVRvZ-Lm79kiKThFMEUOOUoTb2P2KLF0i29qBnyuZK5XZLCSTIpa-YY3YP_FOlsa_jOr_ZSB64LTbJTdIM7-AHlzPrcuDL_kaJzeYqMcfoJtaEaAqGawH_ISmHsEOtNGse_BBGYTDOO49iVqrhED_sbdLhCRCGaXdElnAJLkoDyxNT3iFo7NhA-if_ZwhlJFgfr2bpqjRlyvtcuFDT6cQONkJ1fMIaNQYIlpq1Zl2-z96CpD3Yft_tbvzSb-1MrCdp74Fxm30VFXzu8hu71fYQn6stPiB0dVAKGVaA70dSZvC0wGSFLIPvU&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.75 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1b1ae3ca17078357cfb2eb897a6f580617b7a200abc597aca45032cfc7dcf8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Host: login.microsoftonline.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://support.microsoft.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://support.microsoft.com/

Response headers

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Length: 54031
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 606f5995-e142-4564-b899-738072eda000
x-ms-ests-server: 2.1.11898.12 - WEULR1 ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem: 1,50168,0,,
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Set-Cookie: fpc=AgEicA09xv1KsNcNNhphz9U; expires=Sat, 28-Aug-2021 19:03:08 GMT; path=/; secure; HttpOnly; SameSite=None x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Referrer-Policy: strict-origin-when-cross-origin
Date: Thu, 29 Jul 2021 19:03:08 GMT

Redirect headers

Server: Kestrel
Content-Length: 0
Location: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=637631821883223633.MTJmNzI5OTMtNDk2ZC00ZTYwLTljNWMtMWE3ZDk1ODQxMTdkMWQzMGE2MjgtZWEzZi00ZDljLWFiNDMtMGUxOGI3MjJmOTcx&prompt=none&state=CfDJ8GCh8YXpXDVDoVtoijOgOA1PWlRpwAVYZxUlkQPZ40sJ3YJKh8TxeGVRvZ-Lm79kiKThFMEUOOUoTb2P2KLF0i29qBnyuZK5XZLCSTIpa-YY3YP_FOlsa_jOr_ZSB64LTbJTdIM7-AHlzPrcuDL_kaJzeYqMcfoJtaEaAqGawH_ISmHsEOtNGse_BBGYTDOO49iVqrhED_sbdLhCRCGaXdElnAJLkoDyxNT3iFo7NhA-if_ZwhlJFgfr2bpqjRlyvtcuFDT6cQONkJ1fMIaNQYIlpq1Zl2-z96CpD3Yft_tbvzSb-1MrCdp74Fxm30VFXzu8hu71fYQn6stPiB0dVAKGVaA70dSZvC0wGSFLIPvU&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0
Request-Context: appId=
x-correlationid: 0HMAHVPH573BB:00000150
x-operationid: 6942f745ab416b43b261867144cfa625
Expires: Thu, 29 Jul 2021 19:03:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 29 Jul 2021 19:03:08 GMT
Connection: keep-alive
Set-Cookie: .AspNetCore.OpenIdConnect.Nonce.CfDJ8GCh8YXpXDVDoVtoijOgOA26hIms9iYNtc2TwvBu3xTCnz2htjMCFxWBHdNSpBpdPrCeopHvQ6I7YCJpXFA2q7QHF2OAoIGsBAKMuezLmBMFCCBly54PI8T1QfpT_MrAybwlX0AbqDSFXVbCa3aovM9G7YxPcgwJv9J-z-wetHSY3hrrJI1HWtV05q2hcYY8Cm-antXMwrTbmXIu8PrO7TLDjld29rFNcAWU1E83SPuTo3_7OPX1O5GsGf581aikDRtgHni74E-L1qE5BQbHCss=N; expires=Thu, 29 Jul 2021 19:18:08 GMT; path=/signin-oidc; secure; samesite=none; httponly .AspNetCore.Correlation.SfCLQ2kVrLLMC3vwOQE4SrQ68KckmaZJW0Vh_8rYVPM=N; expires=Thu, 29 Jul 2021 19:18:08 GMT; path=/signin-oidc; secure; samesite=none; httponly
Strict-Transport-Security: max-age=86400 ; includeSubDomains

GET
H/1.1 200
OK meBoot.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ 155 KB
31 KB 24ms
7ms Script
application/javascript 2a02:26f0:6c00:281::37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meBoot.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=SMCConvergence&market=en-us&uhf=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:281::37 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://support.microsoft.com
Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 11 Jun 2021 23:27:58 GMT
ETag: "1d75f5415e787b6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Date: Thu, 29 Jul 2021 19:03:08 GMT
Connection: keep-alive
Content-Length: 31129
X-UA-Compatible: IE=edge

GET
DATA 200
OK truncated
/ 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 41ms
40ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3Ddca5adb42a004d238560b0a53041a010%26HASH%3Ddca5%26LV%3D202107%26V%3D4%26LU%3D1627585388415%27
Requested by: Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.3.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://support.microsoft.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK meCore.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ 100 KB
17 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:281::37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meCore.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=SMCConvergence&market=en-us&uhf=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:281::37 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Origin: https://support.microsoft.com
Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 11 Jun 2021 23:28:02 GMT
ETag: "1d75f541849cb40"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Date: Thu, 29 Jul 2021 19:03:08 GMT
Connection: keep-alive
Content-Length: 17078
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK Cookie set authorize Show response
login.microsoftonline.com/common/oauth2/v2.0/ Frame E286 156 KB
57 KB 107ms
107ms Document
text/html 20.190.160.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=637631821883223633.MTJmNzI5OTMtNDk2ZC00ZTYwLTljNWMtMWE3ZDk1ODQxMTdkMWQzMGE2MjgtZWEzZi00ZDljLWFiNDMtMGUxOGI3MjJmOTcx&prompt=none&state=CfDJ8GCh8YXpXDVDoVtoijOgOA1PWlRpwAVYZxUlkQPZ40sJ3YJKh8TxeGVRvZ-Lm79kiKThFMEUOOUoTb2P2KLF0i29qBnyuZK5XZLCSTIpa-YY3YP_FOlsa_jOr_ZSB64LTbJTdIM7-AHlzPrcuDL_kaJzeYqMcfoJtaEaAqGawH_ISmHsEOtNGse_BBGYTDOO49iVqrhED_sbdLhCRCGaXdElnAJLkoDyxNT3iFo7NhA-if_ZwhlJFgfr2bpqjRlyvtcuFDT6cQONkJ1fMIaNQYIlpq1Zl2-z96CpD3Yft_tbvzSb-1MrCdp74Fxm30VFXzu8hu71fYQn6stPiB0dVAKGVaA70dSZvC0wGSFLIPvU&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.75 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3cd9d10ac83cfd7ee6a2924228e1dd9c111d3f003d090cffef0816acfda444a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Host: login.microsoftonline.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=637631821883223633.MTJmNzI5OTMtNDk2ZC00ZTYwLTljNWMtMWE3ZDk1ODQxMTdkMWQzMGE2MjgtZWEzZi00ZDljLWFiNDMtMGUxOGI3MjJmOTcx&prompt=none&state=CfDJ8GCh8YXpXDVDoVtoijOgOA1PWlRpwAVYZxUlkQPZ40sJ3YJKh8TxeGVRvZ-Lm79kiKThFMEUOOUoTb2P2KLF0i29qBnyuZK5XZLCSTIpa-YY3YP_FOlsa_jOr_ZSB64LTbJTdIM7-AHlzPrcuDL_kaJzeYqMcfoJtaEaAqGawH_ISmHsEOtNGse_BBGYTDOO49iVqrhED_sbdLhCRCGaXdElnAJLkoDyxNT3iFo7NhA-if_ZwhlJFgfr2bpqjRlyvtcuFDT6cQONkJ1fMIaNQYIlpq1Zl2-z96CpD3Yft_tbvzSb-1MrCdp74Fxm30VFXzu8hu71fYQn6stPiB0dVAKGVaA70dSZvC0wGSFLIPvU&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: fpc=AgEicA09xv1KsNcNNhphz9U; x-ms-gateway-slice=estsfd; stsservicecookie=estsfd; AADSSO=NA|NoExtension; SSOCOOKIEPULLED=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=637631821883223633.MTJmNzI5OTMtNDk2ZC00ZTYwLTljNWMtMWE3ZDk1ODQxMTdkMWQzMGE2MjgtZWEzZi00ZDljLWFiNDMtMGUxOGI3MjJmOTcx&prompt=none&state=CfDJ8GCh8YXpXDVDoVtoijOgOA1PWlRpwAVYZxUlkQPZ40sJ3YJKh8TxeGVRvZ-Lm79kiKThFMEUOOUoTb2P2KLF0i29qBnyuZK5XZLCSTIpa-YY3YP_FOlsa_jOr_ZSB64LTbJTdIM7-AHlzPrcuDL_kaJzeYqMcfoJtaEaAqGawH_ISmHsEOtNGse_BBGYTDOO49iVqrhED_sbdLhCRCGaXdElnAJLkoDyxNT3iFo7NhA-if_ZwhlJFgfr2bpqjRlyvtcuFDT6cQONkJ1fMIaNQYIlpq1Zl2-z96CpD3Yft_tbvzSb-1MrCdp74Fxm30VFXzu8hu71fYQn6stPiB0dVAKGVaA70dSZvC0wGSFLIPvU&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0

Response headers

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: d60307b7-60a6-4d8d-89eb-5c6f55092300
x-ms-ests-server: 2.1.11898.12 - WEULR1 ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem: 1,0,0,,
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Set-Cookie: buid=0.AUcAMe_N-B6jSkuT5F9XHpElWhkrJ-4RRD9DjyhcE8tv1AcBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrrDd0yienZSdJXFejID_aDFFX5sh0y020LcMrPzZdIMbaD4sVfwrg2ZhlmKab2Hvdx9b_xyMMr8-Y-7xJcHhh0DUDL9uHTCatf3p553Aj-2QgAA; expires=Sat, 28-Aug-2021 19:03:08 GMT; path=/; secure; HttpOnly; SameSite=None fpc=AgEicA09xv1KsNcNNhphz9VqwEtIAQAAAGvylNgOAAAA; expires=Sat, 28-Aug-2021 19:03:08 GMT; path=/; secure; HttpOnly; SameSite=None esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevrgPUWFJCK1yuYioyPz5pNyHiGMEWndiB2oxgibTTcXVCP3iOFYsCWSKmbqFOv2DJImPMryf5AznsXLN7TSBBHlYdi2YJo1q95XgdPPUphK0taG21OaNMCZYT0bKCe39rxT2xDg-SWyAzxyXzt9HFfegQewLe5-L8chcKjj1hw0mEgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Referrer-Policy: strict-origin-when-cross-origin
Date: Thu, 29 Jul 2021 19:03:08 GMT
Content-Length: 56936

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 229ms
43ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3Ddca5adb42a004d238560b0a53041a010%26HASH%3Ddca5%26LV%3D202107%26V%3D4%26LU%3D1627585388415%27
Requested by: Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.3.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://support.microsoft.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 178ms
46ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3Ddca5adb42a004d238560b0a53041a010%26HASH%3Ddca5%26LV%3D202107%26V%3D4%26LU%3D1627585388415%27
Requested by: Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.3.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://support.microsoft.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 184ms
41ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3Ddca5adb42a004d238560b0a53041a010%26HASH%3Ddca5%26LV%3D202107%26V%3D4%26LU%3D1627585388415%27
Requested by: Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.3.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://support.microsoft.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 194ms
43ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3Ddca5adb42a004d238560b0a53041a010%26HASH%3Ddca5%26LV%3D202107%26V%3D4%26LU%3D1627585388415%27
Requested by: Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.3.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://support.microsoft.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 415ms
274ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3Ddca5adb42a004d238560b0a53041a010%26HASH%3Ddca5%26LV%3D202107%26V%3D4%26LU%3D1627585388415%27
Requested by: Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.3.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://support.microsoft.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 345ms
78ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1?$mscomCookies=false&ext-javascript-msfpc=%27GUID%3Ddca5adb42a004d238560b0a53041a010%26HASH%3Ddca5%26LV%3D202107%26V%3D4%26LU%3D1627585388415%27
Requested by: Host: az725175.vo.msecnd.net
URL: https://az725175.vo.msecnd.net/scripts/jsll-4.3.5.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://support.microsoft.com
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK Cookie set Me.htm Show response
login.live.com/ Frame F2ED 2 KB
2 KB 239ms
120ms Document
text/html 20.190.160.69
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com/Me.htm?v=3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.69 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: login.live.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://login.microsoftonline.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

Cache-Control: max-age=315360000
Content-Type: text/html; charset=utf-8
Content-Encoding: deflate
Expires: Sun, 27 Jul 2031 19:03:08 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie: uaid=3d1e3636ddbd45a4b261e46a34471e96; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSPRequ=id=N&lt=1627585388&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: 4f8fd346-8f92-452c-b25a-4c165accec40
PPServer: PPV: 30 H: BL02PF12C0813A5 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Date: Thu, 29 Jul 2021 19:03:08 GMT
Content-Length: 1114

GET
H/1.1

200
OK

Cookie set silentsigninhandler Show response
support.microsoft.com/en-us/ Frame E286
Redirect Chain

https://support.microsoft.com/signin-oidc
https://support.microsoft.com/en-us/silentsigninhandler

212 B
839 B

66ms
65ms

Document
text/html

2.18.233.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://support.microsoft.com/en-us/silentsigninhandler

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2.18.233.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-31.deploy.static.akamaitechnologies.com

Software

Kestrel /

Resource Hash

681b20b4832ca1db48b0584ecd697d34f5c6c9b2aa68c885892de3e32ad30532

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=86400 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Host: support.microsoft.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://login.microsoftonline.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: MicrosoftApplicationsTelemetryDeviceId=2356145c-0fff-4b29-8462-2968b9e457df; ai_session=9snhJmTW3I+nPvUYXtSqlD|1627585388297|1627585388297; MC1=GUID=dca5adb42a004d238560b0a53041a010&HASH=dca5&LV=202107&V=4&LU=1627585388415; MS0=18437cf26bdc46c1b4c04cc0368e0171; MSFPC=GUID=dca5adb42a004d238560b0a53041a010&HASH=dca5&LV=202107&V=4&LU=1627585388415
Upgrade-Insecure-Requests: 1
Origin: https://login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

Content-Type: text/html; charset=utf-8
Server: Kestrel
Request-Context: appId=
x-correlationid: 0HMAHVPH573BB:00000152
x-operationid: e5bc23b9a18b8c48a3b1eedb62900b11
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 29 Jul 2021 19:03:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 29 Jul 2021 19:03:09 GMT
Content-Length: 170
Connection: keep-alive
Set-Cookie: EXPID=c000130a-8ffa-4e24-877e-04f60dabfe31; max-age=31536000; path=/; secure; samesite=none
Strict-Transport-Security: max-age=86400 ; includeSubDomains

Redirect headers

Server: Kestrel
Content-Length: 0
Location: /en-us/silentsigninhandler
Request-Context: appId=
x-correlationid: 0HMAHVPH573BB:00000151
x-operationid: 0019ffc0218cbd4a8ec31a06f25b8146
Expires: Thu, 29 Jul 2021 19:03:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 29 Jul 2021 19:03:09 GMT
Connection: keep-alive
Set-Cookie: .AspNetCore.Correlation.SfCLQ2kVrLLMC3vwOQE4SrQ68KckmaZJW0Vh_8rYVPM=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/signin-oidc; secure; samesite=none; httponly
Strict-Transport-Security: max-age=86400 ; includeSubDomains

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 24 B
372 B 1235ms
484ms XHR
application/json 52.114.20.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1627585389300&ext.intweb.msfpc=GUID%3Ddca5adb42a004d238560b0a53041a010%26HASH%3Ddca5%26LV%3D202107%26V%3D4%26LU%3D1627585388415&time-delta-to-apply-millis=use-collector-delta&w=0
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.1.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.20.18 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: d0c3e6c8d25e655f19d3788bbf4982f52cba3498833d7d44ccf64e7e3f3de5a2

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 29 Jul 2021 19:03:10 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 860
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://support.microsoft.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 24 B
372 B 244ms
244ms XHR
application/json 52.114.20.18
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.4&apikey=83328b3c5ab7488692991e7d63483cff-e640bd11-2392-49b1-b739-ed8e62bcb870-7240&upload-time=1627585390539&ext.intweb.msfpc=GUID%3Ddca5adb42a004d238560b0a53041a010%26HASH%3Ddca5%26LV%3D202107%26V%3D4%26LU%3D1627585388415&w=0
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.1.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.114.20.18 Melbourne, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d

Request headers

Referer: https://support.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 29 Jul 2021 19:03:10 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 105
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://support.microsoft.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 24

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1970-01-19 20:49:37	Name: fpc Value: AgEicA09xv1KsNcNNhphz9U
support.microsoft.com/	1970-01-20 04:52:01	Name: MSFPC Value: GUID=dca5adb42a004d238560b0a53041a010&HASH=dca5&LV=202107&V=4&LU=1627585388415
.microsoft.com/	1970-01-19 20:06:27	Name: MS0 Value: 18437cf26bdc46c1b4c04cc0368e0171
.microsoft.com/	1970-01-20 04:52:01	Name: MC1 Value: GUID=dca5adb42a004d238560b0a53041a010&HASH=dca5&LV=202107&V=4&LU=1627585388415
support.microsoft.com/	1970-01-19 20:06:27	Name: ai_session Value: 9snhJmTW3I+nPvUYXtSqlD\|1627585388297\|1627585388297
support.microsoft.com/	1970-01-20 04:52:01	Name: MicrosoftApplicationsTelemetryDeviceId Value: 2356145c-0fff-4b29-8462-2968b9e457df
support.microsoft.com/	1970-01-20 04:52:01	Name: EXPID Value: 90cb54c6-a621-4fd2-85d6-acface661217

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'toLowerCase' of undefined TypeError: Cannot read property 'toLowerCase' of undefined at Object.t [as initializeFloodgate] (https://support.microsoft.com/socbundles/floodgate:1:271678) at HTMLDocument.<anonymous> (https://support.microsoft.com/socbundles/floodgate:1:278014) at e (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js:2:30005) at t (https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js:2:30307) undefined
console-api	info	URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=ee272b19-4411-433f-8f28-5c13cb6fd407&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsignin-oidc&response_type=code%20id_token&scope=openid%20profile%20offline_access&response_mode=form_post&nonce=637631821883223633.MTJmNzI5OTMtNDk2ZC00ZTYwLTljNWMtMWE3ZDk1ODQxMTdkMWQzMGE2MjgtZWEzZi00ZDljLWFiNDMtMGUxOGI3MjJmOTcx&prompt=none&state=CfDJ8GCh8YXpXDVDoVtoijOgOA1PWlRpwAVYZxUlkQPZ40sJ3YJKh8TxeGVRvZ-Lm79kiKThFMEUOOUoTb2P2KLF0i29qBnyuZK5XZLCSTIpa-YY3YP_FOlsa_jOr_ZSB64LTbJTdIM7-AHlzPrcuDL_kaJzeYqMcfoJtaEaAqGawH_ISmHsEOtNGse_BBGYTDOO49iVqrhED_sbdLhCRCGaXdElnAJLkoDyxNT3iFo7NhA-if_ZwhlJFgfr2bpqjRlyvtcuFDT6cQONkJ1fMIaNQYIlpq1Zl2-z96CpD3Yft_tbvzSb-1MrCdp74Fxm30VFXzu8hu71fYQn6stPiB0dVAKGVaA70dSZvC0wGSFLIPvU&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=6.7.1.0(Line 73) Message: BSSO Telemetry: {"result":"Error","error":"NoExtension","type":"ChromeSsoTelemetry","data":{},"traces":["BrowserSSO Initialized","Creating ChromeBrowserCore provider","Sending message for method CreateProviderAsync","Received message for method CreateProviderAsync","Error: ChromeBrowserCore error NoExtension: Extension is not installed."]}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az725175.vo.msecnd.net
browser.events.data.microsoft.com
c.s-microsoft.com
cdnjs.cloudflare.com
img-prod-cms-rt-microsoft-com.akamaized.net
js.monitor.azure.com
login.live.com
login.microsoftonline.com
mem.gfx.ms
statics-marketingsites-neu-ms-com.akamaized.net
support.content.office.net
support.microsoft.com
videoplayercdn.osi.office.net
wcpstatic.microsoft.com
web.vortex.data.microsoft.com
www.microsoft.com
104.103.85.62
152.199.19.160
2.16.186.27
2.18.232.50
2.18.233.31
20.190.160.69
20.190.160.75
2606:4700::6810:125e
2620:1ec:29::42
2a02:26f0:6c00:281::37
2a02:26f0:6c00:290::356e
2a02:26f0:6c00:2ae::356e
2a02:26f0:6c00::210:ba28
40.77.226.250
52.114.20.18
06c2c12c14438126adf4197fa1141078e648359aeae21e67eb5cc911eae10374
07b7bc8b351ef78bae473b4f90efecba6a688046920862c11fd80a376d8f92b2
08cf23efd5690dca494b8d97bef56e71649050e630650726b1ea9e15ba1a92ff
0b0010d3c5a0feffec902bdbf690d68e97e533a2b2007b2a8a314e847f8c2c4e
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
12d95d8d400eeafa0258e9d29d6ea5ef0ec9cfc1410b75e47976fcb3f92082b0
1b1ae3ca17078357cfb2eb897a6f580617b7a200abc597aca45032cfc7dcf8f1
1e6a1db4e61efca3846b5a27f5abb9ed776b935e90424cd55ae1f2ce92d73e15
208edbed32b2adac9446df83caa4a093a261492ba6b8b3bcfe6a75efb8b70294
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
24cc6cfce7544bd99d0c0015d00ab967675f6b9df32e95d6ed49afd4b90fcbb5
26b43d3908c0aaf89b202118553f4ff662022331ff5fd41c1f380a0b64435989
292c4cabd66c25753ce8bbfa1e8a32b47703ab1f809670b056d5b59cfcaf5fb8
2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb
3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458
3a9548eb083d31a4ddaca69535ce9472c7d187acf105c1ed773f04a2f7cd0636
3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1
3cf4f7c27a62452c548b659e89a672e65a29419940134ec869df0398f8b135cf
4232b86ca235a28e70bf5c131d52df76d0d234cf2e1dbe069428321e49d66c6d
4b458dd17c25332dc7a2e49b900ecbbcf9dd1b2b6d077a22e81865cc647f4638
4d107266a2f0295908b3ac8287197103c63d32ea4b9a324d3e7b90554d2ce09d
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
51eb16447d65a8e85488cc5b300daa11092e03134afc7e587392a1563640ca8d
681b20b4832ca1db48b0584ecd697d34f5c6c9b2aa68c885892de3e32ad30532
68482ef69cdd7730e9d9b587f0f8ffde1bcf1a0652993371f9fff077ff7c9ab3
6a7700fa8ac6af48ff692cc7963bbe157cdf3039737b9b0bc2d6678085fbde0c
7f8bc8b4e7d9e574828c4671d6d80468bcacaf587b966b0e19a05aa4f35d1d2a
83e0f8ff93936f0f970441c89c7e061d25747954e8ebb67b1126c6159c7b88ba
891b2cfdd6d2a9221d6b63d651e958608f19a5c688e32e541079881feaf4bede
8ecab5125b120685f2f4fa3c663d67676a3e7f51cdc3d54d0547d2afe0de4089
8ef6e4f16ae501ad18088960b404af57871be54ea8a0c7088872b88eb5dc2b02
94fb96e589402e48dab1020a039dea0354e2362803aec419279d5c6bfd10a0fd
9739202e8f66169614cfb11203c4fc5c94161ceb2a03ddb058f7f30ae68d4f57
9e20c155b22a3ff7249186d0a76296160e38f53337be466077a760698280bc2e
ae64095e7eb4319ced015e51f9ba3ec370c715825c7d7002ab54085e096cd35c
b2ed2aa80725c090bd644c984d0123bca2b288d25c06da025cc9dd54976f57e9
b5ab984fa5f286a9b25bccb92c625b7f584e629c759ae75fa858f19718619493
b846f82239a1e1e0dcf2b52cbebe5da690c623d1fcf92288c077e4d335a09564
c136857d2449fb47e6c43792d4b296dff96f4ba5aab06f899bf525b17dd4d4bc
c3cd9d10ac83cfd7ee6a2924228e1dd9c111d3f003d090cffef0816acfda444a
c998be5c27da5a60c9f02acb293e2e86bc763a37ff9bc69b2baef158aa89eace
cbfd55e6d467d488ed3a456e0ca01639b945aa656f0824626ef28eeeecd2d4f0
d0c3e6c8d25e655f19d3788bbf4982f52cba3498833d7d44ccf64e7e3f3de5a2
d1b3407b26ca9323476f5dd9acd37ccf533fdf269e468277c8850165715f36e7
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
dfe0d2875943e0cc7edc28a8e393cb644163150b1f4b685ca03b2ed8d2883f8b
e1a3184bd0814f1bbe55d855c8626e4c1cb9e5640017d6ecf36fb58fbc086640
e246eff2f6ae3e255a06eb561e6fc93ae3bef2cce22c5e0124d713c15f80567c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

support.microsoft.com Open in urlscan Pro 2.18.233.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

40 %IPv6

10 Domains

16 Subdomains

15 IPs

6 Countries

2299 kBTransfer

4039 kBSize

9 Cookies

117 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

support.microsoft.com Open in urlscan Pro
2.18.233.31 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

40 %
IPv6

10
Domains

16
Subdomains

15
IPs

6
Countries

2299 kB
Transfer

4039 kB
Size

9
Cookies

57 HTTP transactions
1 data transactions