msft.hsprotect.net - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2a02:26f0:3100::210:6e80, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is msft.hsprotect.net. The Cisco Umbrella rank of the primary domain is 99621.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 27th 2024. Valid for: a year.

This is the only time msft.hsprotect.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a02:26f0:310... 2a02:26f0:3100::210:6e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.107.199.61 34.107.199.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.190.10.96 35.190.10.96	15169 (GOOGLE) (GOOGLE)
7	3

3 2a02:26f0:3100::210:6e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

msft.hsprotect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
client.hsprotect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.199.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.199.107.34.bc.googleusercontent.com

stk.hsprotect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com

collector-pxzc5j78di.hsprotect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	hsprotect.net msft.hsprotect.net — Cisco Umbrella Rank: 99621 client.hsprotect.net — Cisco Umbrella Rank: 100380 stk.hsprotect.net — Cisco Umbrella Rank: 92205 collector-pxzc5j78di.hsprotect.net — Cisco Umbrella Rank: 100866	69 KB
7	1

	Domain	Requested by
3	collector-pxzc5j78di.hsprotect.net	client.hsprotect.net
2	msft.hsprotect.net
1	stk.hsprotect.net	client.hsprotect.net
1	client.hsprotect.net	msft.hsprotect.net
7	4

This site contains no links.

Subject Issuer	Validity	Valid
*.hsprotect.net DigiCert TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-03-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://msft.hsprotect.net/index.html
Frame ID: 320C6A852FA5A7C0A42B0DABD28D025B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Human Sensor Script Iframe

Detected technologies

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

7
Requests

100 %
HTTPS

33 %
IPv6

1
Domains

4
Subdomains

3
IPs

2
Countries

69 kB
Transfer

156 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response msft.hsprotect.net/	1 KB 1 KB	679ms 566ms	Document text/html	2a02:26f0:3100::210:6e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://msft.hsprotect.net/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::210:6e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash `3b8d3c93fd78c24f4c175c8515e4a5df79aee536af4ced58ba078ea591569eac` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Alt-Svc h3=":443"; ma=93600 Cache-Control max-age=0 Connection keep-alive Content-Encoding gzip Content-Length 687 Content-Type text/html Date Wed, 13 Nov 2024 12:42:06 GMT ETag "5dc258f6742f6d22a4cd80f50926ed70" Expires Wed, 13 Nov 2024 12:42:06 GMT Last-Modified Thu, 06 Jun 2024 12:39:48 GMT Server UploadServer Vary Accept-Encoding X-GUploader-UploadID AHxI1nNmuE_CB514pSSu1EOYrivIAiv8l87OW_t0YKnLoZEIm3gveQssaIJORTQbQdBMmCgOYIw x-amz-checksum-crc32c 5beoRw== x-goog-generation 1717677588065406 x-goog-hash crc32c=5beoRw== x-goog-metageneration 1 x-goog-storage-class STANDARD x-goog-stored-content-encoding identity x-goog-stored-content-length 1233
GET H2	200	main.min.js Show response client.hsprotect.net/PXzC5j78di/	152 KB 64 KB	162ms 44ms	Script application/javascript	2a02:26f0:3100::210:6e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://client.hsprotect.net/PXzC5j78di/main.min.js Requested by Host: msft.hsprotect.net URL: https://msft.hsprotect.net/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::210:6e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash `52316f89781b1740a01702a3e1d5fe6e2d44b6caaa0401e9cfd4c446a8a26ae1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://msft.hsprotect.net/ Response headers cache-control max-age=600 access-control-expose-headers active-cdn,x-served-by,Akamai-Request-BC content-encoding gzip etag "5dd2033794578f6014adac831dca5ad4" active-cdn Akamai expires Wed, 13 Nov 2024 12:49:24 GMT accept-ranges bytes access-control-allow-origin * content-length 65088 date Wed, 13 Nov 2024 12:42:06 GMT last-modified Wed, 13 Nov 2024 12:23:52 GMT content-type application/javascript; charset=utf-8 server UploadServer vary Accept-Encoding
GET H/1.1	200 OK	ns Show response stk.hsprotect.net/	350 B 484 B	133ms 35ms	XHR text/html	34.107.199.61 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://stk.hsprotect.net/ns?c=b0c04950-a1bc-11ef-9e5b-33d26f98b9e6 Requested by Host: client.hsprotect.net URL: https://client.hsprotect.net/PXzC5j78di/main.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.107.199.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 61.199.107.34.bc.googleusercontent.com Software / Resource Hash `1355a3542f17b5224028aae8a5b3fbba0edaa10f1a9548d65bade1c69e28d941` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://msft.hsprotect.net/ Response headers Access-Control-Allow-Origin * Content-Length 350 Date Wed, 13 Nov 2024 12:42:05 GMT Content-Type text/html
POST H2	200	msft Show response collector-pxzc5j78di.hsprotect.net/api/v2/	820 B 1 KB	241ms 180ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxzc5j78di.hsprotect.net/api/v2/msft Requested by Host: client.hsprotect.net URL: https://client.hsprotect.net/PXzC5j78di/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash `06e6a945605ff88faa3afd42699f3586468f9a6e82ed9d31368acfea9052d0e9` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://msft.hsprotect.net/ Response headers timing-allow-origin * access-control-allow-credentials true access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE via 1.1 google access-control-allow-origin https://msft.hsprotect.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 820 date Wed, 13 Nov 2024 12:42:05 GMT content-type application/json; charset=utf-8
GET H/1.1	404 Not Found	favicon.ico msft.hsprotect.net/	198 B 548 B	252ms 252ms	Other application/xml	2a02:26f0:3100::210:6e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://msft.hsprotect.net/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::210:6e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash `874800ef3495a0af012aa1eee248a3a2ce891c7837f0864fe4d8883fe5438633` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://msft.hsprotect.net/index.html Response headers Cache-Control private, max-age=0 Connection keep-alive Expires Wed, 13 Nov 2024 12:42:06 GMT Content-Length 198 Date Wed, 13 Nov 2024 12:42:06 GMT Content-Type application/xml; charset=UTF-8 Server UploadServer X-GUploader-UploadID AHmUCY2JCkdAhilpF0CnaApQc6OiwxhM3A35k6Td-29CRQAlwwndqLL9w2iYeeWkBa-p9q407GA
POST H2	200	msft Show response collector-pxzc5j78di.hsprotect.net/api/v2/	932 B 988 B	199ms 194ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxzc5j78di.hsprotect.net/api/v2/msft Requested by Host: client.hsprotect.net URL: https://client.hsprotect.net/PXzC5j78di/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash `cccda035f61580497452b0868f90574f3b65b578585ac82cbf619f5b980c5ef8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://msft.hsprotect.net/ Response headers timing-allow-origin * access-control-allow-credentials true access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE via 1.1 google access-control-allow-origin https://msft.hsprotect.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 932 date Wed, 13 Nov 2024 12:42:07 GMT content-type application/json; charset=utf-8
POST H3	200	msft Show response collector-pxzc5j78di.hsprotect.net/api/v2/	932 B 950 B	180ms 177ms	XHR application/json	35.190.10.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://collector-pxzc5j78di.hsprotect.net/api/v2/msft Requested by Host: client.hsprotect.net URL: https://client.hsprotect.net/PXzC5j78di/main.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.10.190.35.bc.googleusercontent.com Software / Resource Hash `9f77e6582f8916ee6dd80d91c121ef21d475810a5d2578686b4a7d7d5bd3e1a3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://msft.hsprotect.net/ Response headers timing-allow-origin * access-control-allow-credentials true access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE via 1.1 google access-control-allow-origin https://msft.hsprotect.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 932 date Wed, 13 Nov 2024 12:42:09 GMT content-type application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hsprotect.net/	1969-12-31 23:59:59	Name: pxcts Value: b0d9c85f-a1bc-11ef-96b1-466ddd5523e4
.hsprotect.net/	1970-01-21 09:43:57	Name: _pxvid Value: b0d9b762-a1bc-11ef-96b1-d20d81e1b3af
.hsprotect.net/	1970-01-21 00:58:22	Name: _px3 Value: 37a60eae6057ef1dc60bc9d005c54ea4fbd79d657cc554d99ab1841061f23fd0:KUtLkvgrRg3Imuh7eXYsdRMJyivic5CJIERSpn622r4aItbPBNf4vPKTZ08pBx8gq3EAD64nkR6H3OlA+UPtWg==:1000:h6lEe/lcBNZ+0jxhhpCj2tkOZV0JcZ/vz9VcGemY/Sg39HCtHuA2/DmnWMHFj4I3uwfUGuc9xEdkzguWpEpbQysFjccxcZRUaGHG1dx6+fDlAX6BO86IP28rC9kFyUICAriAJMpYetgrPaZFVoU/0eButj3K0oU+PUteUuecsZbanALic5Uv3frrlQseEikw+RYzH6MeHOsHL+MNt8bXRZt7s0FgalApDOmx1n+TfEM=
.hsprotect.net/	1970-01-21 00:58:22	Name: _pxde Value: 60f62a3c9144ad8d815a49f180111ade783a3c6b8e896e5a400bae4c13717cb3:eyJ0aW1lc3RhbXAiOjE3MzE1MDE3Mjc0NDMsImZfa2IiOjAsImlwY19pZCI6W10sImluY19pZCI6WyJjNjU4YzQ3YzlmNTUyZGVmNmYwZDc5ZTRmNWFkMzg3OCJdfQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://msft.hsprotect.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
rendering	warning	URL: https://msft.hsprotect.net/index.html Message: [GroupMarkerNotSet(crbug.com/242999)!:A0C002023C290000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.hsprotect.net
collector-pxzc5j78di.hsprotect.net
msft.hsprotect.net
stk.hsprotect.net
2a02:26f0:3100::210:6e80
34.107.199.61
35.190.10.96
06e6a945605ff88faa3afd42699f3586468f9a6e82ed9d31368acfea9052d0e9
1355a3542f17b5224028aae8a5b3fbba0edaa10f1a9548d65bade1c69e28d941
3b8d3c93fd78c24f4c175c8515e4a5df79aee536af4ced58ba078ea591569eac
52316f89781b1740a01702a3e1d5fe6e2d44b6caaa0401e9cfd4c446a8a26ae1
874800ef3495a0af012aa1eee248a3a2ce891c7837f0864fe4d8883fe5438633
9f77e6582f8916ee6dd80d91c121ef21d475810a5d2578686b4a7d7d5bd3e1a3
cccda035f61580497452b0868f90574f3b65b578585ac82cbf619f5b980c5ef8

msft.hsprotect.net Open in urlscan Pro 2a02:26f0:3100::210:6e80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

33 %IPv6

1 Domains

4 Subdomains

3 IPs

2 Countries

69 kBTransfer

156 kBSize

4 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

4 Cookies

2 Console Messages

Indicators

msft.hsprotect.net Open in urlscan Pro
2a02:26f0:3100::210:6e80 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

33 %
IPv6

1
Domains

4
Subdomains

3
IPs

2
Countries

69 kB
Transfer

156 kB
Size

4
Cookies

7 HTTP transactions
0 data transactions