techcommunity.microsoft.com Open in urlscan Pro
2600:141b:1c00:2587::207e  Public Scan

URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Submission: On September 10 via api from IN — Scanned from US

Summary

This website contacted 9 IPs in 1 countries across 8 domains to perform 70 HTTP transactions. The main IP is 2600:141b:1c00:2587::207e, located in Secaucus, United States and belongs to AKAMAI-ASN1, NL. The main domain is techcommunity.microsoft.com. The Cisco Umbrella rank of the primary domain is 69899.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 04 on March 2nd 2024. Valid for: a year.
This is the only time techcommunity.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
49 2600:141b:1c0... 20940 (AKAMAI-ASN1)
4 2620:1ec:bdf::40 8075 (MICROSOFT...)
6 2600:141b:e80... 20940 (AKAMAI-ASN1)
1 2600:141b:e80... 20940 (AKAMAI-ASN1)
3 2a04:4e42:200... 54113 (FASTLY)
2 152.199.4.33 15133 (EDGECAST)
1 2600:141b:e80... 20940 (AKAMAI-ASN1)
2 52.152.143.207 8075 (MICROSOFT...)
70 9
Apex Domain
Subdomains
Transfer
50 microsoft.com
techcommunity.microsoft.com — Cisco Umbrella Rank: 69899
wcpstatic.microsoft.com — Cisco Umbrella Rank: 9013
browser.events.data.microsoft.com Failed
2 MB
6 sharepointonline.com
static2.sharepointonline.com — Cisco Umbrella Rank: 4344
193 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
o.clarity.ms — Cisco Umbrella Rank: 12757
28 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
17 KB
2 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 5661
68 KB
1 s-microsoft.com
c.s-microsoft.com — Cisco Umbrella Rank: 12541
1 KB
1 onestore.ms
assets.onestore.ms — Cisco Umbrella Rank: 16605
11 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1932
62 KB
70 8
Domain Requested by
49 techcommunity.microsoft.com techcommunity.microsoft.com
ajax.aspnetcdn.com
6 static2.sharepointonline.com techcommunity.microsoft.com
3 cdn.jsdelivr.net techcommunity.microsoft.com
2 o.clarity.ms www.clarity.ms
2 www.clarity.ms techcommunity.microsoft.com
www.clarity.ms
2 ajax.aspnetcdn.com techcommunity.microsoft.com
1 c.s-microsoft.com
1 assets.onestore.ms techcommunity.microsoft.com
1 wcpstatic.microsoft.com techcommunity.microsoft.com
1 js.monitor.azure.com techcommunity.microsoft.com
0 browser.events.data.microsoft.com Failed js.monitor.azure.com
70 11
Subject Issuer Validity Valid
ak-secure01.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04
2024-03-02 -
2025-02-25
a year crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04
2024-08-20 -
2025-08-15
a year crt.sh
wcpstatic.microsoft.com
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
privatecdn.sharepointonline.com
DigiCert SHA2 Secure Server CA
2024-07-01 -
2025-07-01
a year crt.sh
wildcard.onestore.ms
Microsoft Azure RSA TLS Issuing CA 07
2024-06-13 -
2025-06-08
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2024-06-06 -
2025-06-06
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
www.microsoft.com
Microsoft Azure RSA TLS Issuing CA 04
2024-08-26 -
2025-08-21
a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh

This page contains 1 frames:

Primary Page: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Frame ID: 96A161DA1E2088414A1D4C2953F2F30B
Requests: 70 HTTP requests in this frame

Screenshot

Page Title

A BlackByte Ransomware intrusion case study - Microsoft Community Hub

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

70
Requests

97 %
HTTPS

75 %
IPv6

8
Domains

11
Subdomains

9
IPs

1
Countries

2124 kB
Transfer

10622 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 3841810
techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/
706 KB
75 KB
Document
General
Full URL
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
57ec7f5bbc8842e5ce74e9590bc0db23c2525cc3f4df167fbc4d8d37c0ffa0dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 10 Sep 2024 08:58:06 GMT
expires
Tue, 10 Sep 2024 08:58:06 GMT
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
my_new_skin.css
techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/
6 MB
591 KB
Stylesheet
General
Full URL
https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
8cafa619c869973d94d823638f484ff744a4d06d63c8250fa28dad46a7fadecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 27 Aug 2024 14:00:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
cache-control
max-age=30545935, s-maxage=40277
content-length
604457
expires
Fri, 29 Aug 2025 21:57:01 GMT
ms.analytics-web-3.min.js
js.monitor.azure.com/scripts/c/
137 KB
62 KB
Script
General
Full URL
https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1569dd95c870f769b2bc3909c52c08303956bef7dfc288402d3b8bb13148bc10

Request headers

Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 08:58:06 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.18
last-modified
Mon, 01 Jul 2024 17:02:57 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.analytics-web-3.2.18.min.js
vary
Accept-Encoding
x-azure-ref
20240910T085806Z-185fd9c9b468zg42qxghvsdwen00000009zg000000007f73
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7c10115c-c01e-00e0-250f-f5aed8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
no-transform, public, max-age=1800, immutable
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
wcp-consent.js
wcpstatic.microsoft.com/mscc/lib/v2/
273 KB
80 KB
Script
General
Full URL
https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9

Request headers

Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 08:58:06 GMT
content-encoding
gzip
content-md5
X1JOIM5h9UISVFS6+GfEew==
age
2128
x-cache
CONFIG_NOCACHE
content-length
81726
x-ms-lease-status
unlocked
last-modified
Wed, 24 Aug 2022 17:34:36 GMT
etag
0x8DA85F6EA62BF74
vary
Accept-Encoding
x-azure-ref
20240910T085806Z-169998b7bb5vkd7kkk5h6a1n680000000ghg0000000079xq
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eb81678f-301e-0010-625a-03e829000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
accept-ranges
bytes
segoeui-regular.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/
35 KB
36 KB
Font
General
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff2
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1183::33e7 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49

Request headers

Referer
https://techcommunity.microsoft.com/
Origin
https://techcommunity.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Wed, 22 Nov 2017 20:18:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
hl8dtlRfyUovRETdYOe7xg==
etag
0x8D531E6235E7909
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
04ee533e-c01e-0051-6b06-f0ada4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=29189085
x-ms-version
2009-09-19
content-length
36344
segoeui-regular.woff
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/
41 KB
42 KB
Font
General
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-regular.woff
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1183::33e7 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d79ad533adf61e76cd74ab32d3d2f53ae11f50360f2f7c95613e4d23787502a0

Request headers

Referer
https://techcommunity.microsoft.com/
Origin
https://techcommunity.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Mon, 22 Jun 2020 16:25:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D816C8D0210F43
content-type
font/woff
access-control-allow-origin
*
x-ms-request-id
6ad267cf-201e-0175-6906-f0275d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=29189451
x-ms-version
2009-09-19
content-length
42236
MWFMDL2.1.63.woff
techcommunity.microsoft.com/html/assets/
9 KB
9 KB
Font
General
Full URL
https://techcommunity.microsoft.com/html/assets/MWFMDL2.1.63.woff
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
de51e05cbd531d783aecb2f294c019734e761fe51ccdc793cb5fb40e44d38e67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Origin
https://techcommunity.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 26 Mar 2024 17:39:25 GMT
server
Apache
etag
W/"9008-1711474765000"
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=2712
accept-ranges
bytes
content-length
9008
segmdl2.ttf
techcommunity.microsoft.com/html/assets/
198 KB
102 KB
Font
General
Full URL
https://techcommunity.microsoft.com/html/assets/segmdl2.ttf
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
5745f901ac56aac4134b476dff12a1f9e30901eceac66dc5940f2b02219579b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Origin
https://techcommunity.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 26 Mar 2024 17:39:25 GMT
server
Apache
etag
W/"202428-1711474765000"
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=3955
accept-ranges
bytes
content-length
104631
fabric-mdl2-external.woff
techcommunity.microsoft.com/html/assets/fonts/
177 KB
177 KB
Font
General
Full URL
https://techcommunity.microsoft.com/html/assets/fonts/fabric-mdl2-external.woff
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
53950181d6cdf80591d1d3b6346782adfc798a92cffda72585ff0e6beaecfe0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Origin
https://techcommunity.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 26 Mar 2024 17:39:25 GMT
server
Apache
etag
W/"180940-1711474765000"
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=5995
accept-ranges
bytes
content-length
180940
fontawesome-webfont.woff2
techcommunity.microsoft.com/html/assets/fonts/
55 KB
56 KB
Font
General
Full URL
https://techcommunity.microsoft.com/html/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Origin
https://techcommunity.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 03 Sep 2024 09:36:49 GMT
server
Apache
etag
W/"56780-1725356209000"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2923
accept-ranges
bytes
content-length
56780
mscom-grid.css
techcommunity.microsoft.com/html/@D2A495CB0E67F517F30ADDD482406EA7/assets/Content/
221 KB
13 KB
Stylesheet
General
Full URL
https://techcommunity.microsoft.com/html/@D2A495CB0E67F517F30ADDD482406EA7/assets/Content/mscom-grid.css
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
43d47e27fa62c834e3bbdb41d3acb6e47669679df10eb582f4f6b743296461cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"226712-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=30348482
accept-ranges
bytes
content-length
13123
jstree-theme-default.css
techcommunity.microsoft.com/html/@3EF77E4E81B2742A21B2B15C1B68733A/assets/Scripts/
27 KB
4 KB
Stylesheet
General
Full URL
https://techcommunity.microsoft.com/html/@3EF77E4E81B2742A21B2B15C1B68733A/assets/Scripts/jstree-theme-default.css
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
a0e940031a2893b30c999476073c0ccb774fdb08614171b7f2b721f4ce0a7a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 26 Mar 2024 17:39:25 GMT
server
Apache
etag
W/"27363-1711474765000-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=17723847
accept-ranges
bytes
content-length
3948
PaddingMarginUtilityClass.min.css
techcommunity.microsoft.com/html/@5E11C6D76A09FA126891877CCA452682/assets/Content/
302 KB
42 KB
Stylesheet
General
Full URL
https://techcommunity.microsoft.com/html/@5E11C6D76A09FA126891877CCA452682/assets/Content/PaddingMarginUtilityClass.min.css
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e0d064ac7112ab410b3eddc4fca5a6eab8dfa45e44880d02c2a9a99a5faac8db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 26 Mar 2024 17:39:25 GMT
server
Apache
etag
W/"309427-1711474765000-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=17723881
accept-ranges
bytes
content-length
42674
UtilityClasses.min.css
techcommunity.microsoft.com/html/@D79B1BCD408B405DDA203483B51E6AB9/assets/Content/
1 KB
601 B
Stylesheet
General
Full URL
https://techcommunity.microsoft.com/html/@D79B1BCD408B405DDA203483B51E6AB9/assets/Content/UtilityClasses.min.css
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
fbf4a2fd363b88924186ceae6aacb305631937cf2aade58a2fff52cf36e6616a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 26 Mar 2024 17:39:25 GMT
server
Apache
etag
W/"1043-1711474765000-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=17723906
accept-ranges
bytes
content-length
412
GlobalHeader.min.css
techcommunity.microsoft.com/html/@3AD124F73503A051B7468B0BE862E4EC/assets/Content/
2 KB
841 B
Stylesheet
General
Full URL
https://techcommunity.microsoft.com/html/@3AD124F73503A051B7468B0BE862E4EC/assets/Content/GlobalHeader.min.css
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e1b4f45df45003ac66d3fffc908044ec842648ecf20b1c24547c0b93e99a421d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 26 Mar 2024 17:39:25 GMT
server
Apache
etag
W/"2416-1711474765000-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=17723847
accept-ranges
bytes
content-length
651
pikaday.css
techcommunity.microsoft.com/html/@AB0D87DAFDC0FDF84B0819A890842AF9/assets/Content/
5 KB
2 KB
Stylesheet
General
Full URL
https://techcommunity.microsoft.com/html/@AB0D87DAFDC0FDF84B0819A890842AF9/assets/Content/pikaday.css
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
5984613b368f747e821967eb38fdec976099df8f07be6154fa863ac23aafa8cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"4646-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=30348470
accept-ranges
bytes
content-length
1603
shell.min.css
assets.onestore.ms/cdnfiles/onestorerolling-1608-23000/shell/v3/scss/
94 KB
11 KB
Stylesheet
General
Full URL
https://assets.onestore.ms/cdnfiles/onestorerolling-1608-23000/shell/v3/scss/shell.min.css
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:e800:1196::2957 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd4b92df331276f62acc5eb89c31e190b12a65a7db9ad7b8240129996e048a4f
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 08:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Thu, 13 Oct 2016 22:42:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
xx9Uxa40DD5ecz5a3/OmaA==
etag
"0x8D3F3BA402B86EE"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-Signature_dnetKey0,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11241
x-ms-lease-state
available
slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
2 KB
2 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Sep 2024 08:58:06 GMT
x-content-type-options
nosniff
age
1406832
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1776
x-served-by
cache-fra-eddf8230085-FRA, cache-mia-kmia1760095-MIA
x-jsd-version-type
version
etag
W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
slick-theme.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
3 KB
3 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Sep 2024 08:58:06 GMT
x-content-type-options
nosniff
age
641633
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3145
x-served-by
cache-fra-eddf8230023-FRA, cache-mia-kmia1760095-MIA
x-jsd-version-type
version
etag
W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
prism-kh.css
techcommunity.microsoft.com/html/@42D4E37A065002F1BDD8B580321BFC4E/assets/
12 KB
2 KB
Stylesheet
General
Full URL
https://techcommunity.microsoft.com/html/@42D4E37A065002F1BDD8B580321BFC4E/assets/prism-kh.css
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
532588e7da1a2a1cbd4962156452834cfa2980aab7fadecdb8faa91d9338de57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"12128-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=30348439
accept-ranges
bytes
content-length
1921
prism-kh.js
techcommunity.microsoft.com/html/@2C17AFD22579A4F5331F21659813527B/assets/
75 KB
28 KB
Script
General
Full URL
https://techcommunity.microsoft.com/html/@2C17AFD22579A4F5331F21659813527B/assets/prism-kh.js
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
c13413b114db369fcbd79a8e1bf234574447f0568ffd322f5fe63b1a4f910267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"76920-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=30348429
accept-ranges
bytes
content-length
28360
jquery-3.7.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/
85 KB
38 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.7.1.min.js
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.33 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8730) /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 08:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13617680
x-cache
HIT
content-length
38982
x-xss-protection
1; mode=block
last-modified
Wed, 30 Aug 2023 17:30:02 GMT
server
ECAcc (mid/8730)
etag
"096f9b67dbd91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
PMGBootstrapWinJs.js
techcommunity.microsoft.com/html/assets/Scripts/
3 KB
960 B
Script
General
Full URL
https://techcommunity.microsoft.com/html/assets/Scripts/PMGBootstrapWinJs.js?v=6532683
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
4312879714fabdd686c922189bf269559e486ecf9e987308824e3bf5a5559e90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"2608-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=593
accept-ranges
bytes
content-length
769
moment.min.js
techcommunity.microsoft.com/html/assets/Scripts/
57 KB
18 KB
Script
General
Full URL
https://techcommunity.microsoft.com/html/assets/Scripts/moment.min.js?v=6532683
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f6c078c32b958e434d9688ab210f255b6724faeea56d910a7b9bd1b28af071da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"58244-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=5373
accept-ranges
bytes
content-length
18651
moment-timezone-with-data-1970-2030.min.js
techcommunity.microsoft.com/html/assets/Scripts/
133 KB
20 KB
Script
General
Full URL
https://techcommunity.microsoft.com/html/assets/Scripts/moment-timezone-with-data-1970-2030.min.js?v=6532683
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
d92825b456bb1537593c4c3e68eb08bad49cbd352846faf660afcf17cfe7e98b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 26 Mar 2024 17:39:25 GMT
server
Apache
etag
W/"135760-1711474765000-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=6273
accept-ranges
bytes
content-length
20119
purify.js
techcommunity.microsoft.com/html/assets/Scripts/
38 KB
11 KB
Script
General
Full URL
https://techcommunity.microsoft.com/html/assets/Scripts/purify.js?v=6532683
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
3287bf7e4beab3f52fab7534772c7d460b1a231f731f416e83bfe410fa6339b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"38419-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=169
accept-ranges
bytes
content-length
11203
pagination.min.js
techcommunity.microsoft.com/html/assets/Scripts/
15 KB
5 KB
Script
General
Full URL
https://techcommunity.microsoft.com/html/assets/Scripts/pagination.min.js?v=6532683
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
40836cc9bdd9894ec136ae95c8fc9bfb0b677195f8fd8764d20d81d1cc62ec8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"15140-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=6366
accept-ranges
bytes
content-length
4911
pikaday.js
techcommunity.microsoft.com/html/assets/Scripts/
40 KB
9 KB
Script
General
Full URL
https://techcommunity.microsoft.com/html/assets/Scripts/pikaday.js?v=6532683
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
55b7469011cbdbc46e128266f4536bee8d10e0f852138e7635ad300401d8b8db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"41133-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=37
accept-ranges
bytes
content-length
9123
utilities.js
techcommunity.microsoft.com/html/assets/Scripts/
234 KB
37 KB
Script
General
Full URL
https://techcommunity.microsoft.com/html/assets/Scripts/utilities.js?v=6532683
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
ca8d3a1a3bb5bfcef15d30044e06d6efefa81129c143a33384a9b7d566d7fb6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"239799-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=6362
accept-ranges
bytes
content-length
37245
utilities2.js
techcommunity.microsoft.com/html/assets/Scripts/
4 KB
1 KB
Script
General
Full URL
https://techcommunity.microsoft.com/html/assets/Scripts/utilities2.js?v=6532683
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
90df0f7586a35c0c7bfc6a96316a01ebc9fe849feaa5fe92dd21bfedd3348e38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"3718-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=6237
accept-ranges
bytes
content-length
982
lia-scripts-head-min.js
techcommunity.microsoft.com/t5/scripts/EF7B13D9B64EB8BBD9C87DD3095E9284/
12 KB
4 KB
Script
General
Full URL
https://techcommunity.microsoft.com/t5/scripts/EF7B13D9B64EB8BBD9C87DD3095E9284/lia-scripts-head-min.js
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
01eb8f5a91c70faa5681a3048eab75e78f30b4c4e0c04f8afbb46bfa98371ec0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Wed, 20 Sep 2023 09:48:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
max-age=1573435, s-maxage=158565
content-length
4316
expires
Sat, 28 Sep 2024 14:02:01 GMT
lia-scripts-head-min.js
techcommunity.microsoft.com/t5/scripts/D60EB96AE5FF670ED274F16ABB044ABD/
4 KB
2 KB
Script
General
Full URL
https://techcommunity.microsoft.com/t5/scripts/D60EB96AE5FF670ED274F16ABB044ABD/lia-scripts-head-min.js
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
dd160737ff99d0b3796fc177f5b10d9121a67ba4865abfcff00294fc5538def0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Wed, 20 Sep 2023 09:46:42 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
max-age=1573435, s-maxage=158583
content-length
1494
expires
Sat, 28 Sep 2024 14:02:01 GMT
MicrosoftLogo.png
techcommunity.microsoft.com/html/@583B3F561C4171F565A5431E573FCDA4/assets/Content/Images/GlobalHeader/
2 KB
2 KB
Image
General
Full URL
https://techcommunity.microsoft.com/html/@583B3F561C4171F565A5431E573FCDA4/assets/Content/Images/GlobalHeader/MicrosoftLogo.png
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
ca1f5290ce26ed1abcf67341d2f69758814c62b47485ccf2c3b7f8e82850b206
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 26 Mar 2024 17:39:25 GMT
server
Apache
etag
W/"2102-1711474765000"
content-type
image/png
cache-control
max-age=17723860
accept-ranges
bytes
content-length
2102
46%2C0%2C916%2C870
techcommunity.microsoft.com/t5/image/serverpage/image-id/477710i61B59E15C3C266D0/image-dimensions/150x150/image-coordinates/
10 KB
11 KB
Image
General
Full URL
https://techcommunity.microsoft.com/t5/image/serverpage/image-id/477710i61B59E15C3C266D0/image-dimensions/150x150/image-coordinates/46%2C0%2C916%2C870?v=v2
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
d14d160cc0cda363325e6f729922ee07f4794f4712aec63d079e2a385919d8dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Wed, 07 Jun 2023 15:41:45 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/jpeg;charset=UTF-8
cache-control
max-age=847
content-disposition
inline; filename="fotocredencial2.jpg"; filename*=UTF-8''fotocredencial2.jpg
content-length
10631
expires
Tue, 10 Sep 2024 09:12:13 GMT
tts-player.js
techcommunity.microsoft.com/html/assets/TTS_reader_azure/libs/js/
23 KB
4 KB
Script
General
Full URL
https://techcommunity.microsoft.com/html/assets/TTS_reader_azure/libs/js/tts-player.js?v=6532683
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
cfc5a7740f4e23e5ac9670d21fd76bbd5b1b0c4a9ef60f7763575a1a60b8aa65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"23344-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1301
accept-ranges
bytes
content-length
4024
tts-player.css
techcommunity.microsoft.com/html/assets/TTS_reader_azure/styles/
3 KB
1 KB
Stylesheet
General
Full URL
https://techcommunity.microsoft.com/html/assets/TTS_reader_azure/styles/tts-player.css?v=6532683
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
505b300aea9510af7045c11b16c51917bd8ed3cd92b715356f5114e721c082ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"3067-1724765884000-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=965
accept-ranges
bytes
content-length
903
40x40
techcommunity.microsoft.com/t5/image/serverpage/image-id/477710i61B59E15C3C266D0/image-dimensions/
8 KB
8 KB
Image
General
Full URL
https://techcommunity.microsoft.com/t5/image/serverpage/image-id/477710i61B59E15C3C266D0/image-dimensions/40x40?v=v2
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
366a8c119dc7b707ce7c8d06deee6f82b89a913893b77661fac906db25792f0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Wed, 07 Jun 2023 15:41:45 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/jpeg;charset=UTF-8
cache-control
max-age=885
content-disposition
inline; filename="fotocredencial2.jpg"; filename*=UTF-8''fotocredencial2.jpg
content-length
7878
expires
Tue, 10 Sep 2024 09:12:52 GMT
medium
techcommunity.microsoft.com/t5/image/serverpage/image-id/477697iD2F565F124DAD73F/image-size/
29 KB
29 KB
Image
General
Full URL
https://techcommunity.microsoft.com/t5/image/serverpage/image-id/477697iD2F565F124DAD73F/image-size/medium?v=v2&px=400
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
875c75d4c8822615badc2747e7efad4307caadbd5ffe7a14cd95b838cc9aec2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Sun, 19 May 2024 03:03:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png;charset=UTF-8
cache-control
max-age=869
content-disposition
inline; filename="PabloMejias_0-1686149350770.png"; filename*=UTF-8''PabloMejias_0-1686149350770.png
content-length
29443
expires
Tue, 10 Sep 2024 09:12:36 GMT
medium
techcommunity.microsoft.com/t5/image/serverpage/image-id/477698i90D227D1125E3D5A/image-size/
103 KB
104 KB
Image
General
Full URL
https://techcommunity.microsoft.com/t5/image/serverpage/image-id/477698i90D227D1125E3D5A/image-size/medium?v=v2&px=400
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
8f9d8f53964dd5b0eb2a70a5af8a8791170d0f90b1b851669a34d4a9f654130a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Sun, 19 May 2024 03:03:15 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png;charset=UTF-8
cache-control
max-age=900
content-disposition
inline; filename="PabloMejias_1-1686149350771.png"; filename*=UTF-8''PabloMejias_1-1686149350771.png
content-length
105654
expires
Tue, 10 Sep 2024 09:13:07 GMT
bootstrap.bundle.min.js
ajax.aspnetcdn.com/ajax/bootstrap/4.5.2/
79 KB
29 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/4.5.2/bootstrap.bundle.min.js
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.33 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mid/8718) /
Resource Hash
f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 08:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13809710
x-cache
HIT
content-length
29852
x-xss-protection
1; mode=block
last-modified
Thu, 13 Aug 2020 19:18:14 GMT
server
ECAcc (mid/8718)
etag
"3a60ec7da671d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
42 KB
11 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 10 Sep 2024 08:58:06 GMT
x-content-type-options
nosniff
content-encoding
br
age
3711789
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
11325
x-served-by
cache-fra-eddf8230096-FRA, cache-mia-kmia1760095-MIA
x-jsd-version-type
version
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
lia-scripts-angularjs-min.js
techcommunity.microsoft.com/t5/scripts/D1ADE0576DD5396F7FE224FF664AC505/
173 KB
60 KB
Script
General
Full URL
https://techcommunity.microsoft.com/t5/scripts/D1ADE0576DD5396F7FE224FF664AC505/lia-scripts-angularjs-min.js
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
f7d80c69dbd2fbc66b658a2e726ae73dba6dcd52dd7bc80798f8a2cd0f416473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Wed, 10 Jul 2024 08:14:47 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
max-age=26176666, s-maxage=13
content-length
61609
expires
Thu, 10 Jul 2025 08:15:52 GMT
lia-scripts-angularjsModules-min.js
techcommunity.microsoft.com/t5/scripts/E055439785E972C1065C3168842F3442/
420 KB
112 KB
Script
General
Full URL
https://techcommunity.microsoft.com/t5/scripts/E055439785E972C1065C3168842F3442/lia-scripts-angularjsModules-min.js
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
c926cfe965c57c8022043129de1fcbd1aa49038e7ca5f707ae38918a54a60bbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Wed, 10 Jul 2024 08:17:03 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
max-age=26177400, s-maxage=132
content-length
114176
expires
Thu, 10 Jul 2025 08:28:06 GMT
lia-scripts-common-min.js
techcommunity.microsoft.com/t5/scripts/C1D0FDEB5D557CE5FA1EFA105E95A13F/
348 KB
96 KB
Script
General
Full URL
https://techcommunity.microsoft.com/t5/scripts/C1D0FDEB5D557CE5FA1EFA105E95A13F/lia-scripts-common-min.js
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
78ca963227596dcd37dbd8299f224c9c5713c622b472d5789fa45dcc771c8bd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Wed, 28 Aug 2024 08:39:56 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
max-age=30411801, s-maxage=18
content-length
98277
expires
Thu, 28 Aug 2025 08:41:27 GMT
lia-scripts-body-min.js
techcommunity.microsoft.com/t5/scripts/1E19BA523AF1839CE357F96F5B3F9FCF/
59 KB
15 KB
Script
General
Full URL
https://techcommunity.microsoft.com/t5/scripts/1E19BA523AF1839CE357F96F5B3F9FCF/lia-scripts-body-min.js
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
91f9c386c856b32076855bd435705a9b3a7bc2f052a063a5737dd89780181736
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:06 GMT
last-modified
Fri, 05 Jan 2024 08:14:41 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
cache-control
max-age=10020036, s-maxage=48
content-length
15466
expires
Sat, 04 Jan 2025 08:18:42 GMT
icon-header-search.svg
techcommunity.microsoft.com/html/assets/
3 KB
2 KB
Image
General
Full URL
https://techcommunity.microsoft.com/html/assets/icon-header-search.svg
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
cf9b4dca001386ab059964e95a05e8f7984ad6050de4970d74a6659d49a120e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"3279-1724765884000-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=4772
accept-ranges
bytes
content-length
1342
segoeui-semibold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/
31 KB
31 KB
Font
General
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold.woff2
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1183::33e7 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d

Request headers

Referer
https://techcommunity.microsoft.com/
Origin
https://techcommunity.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Mon, 22 Jun 2020 16:25:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D816C8D021D2B4
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
d7ff470b-f01e-00ed-7933-f02fdc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=29189084
x-ms-version
2009-09-19
content-length
31824
segoeui-semibold-italic.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/
24 KB
24 KB
Font
General
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-semibold-italic.woff2
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1183::33e7 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
32d17818b2c20a8ca14a600d39cc12245a9618e13063b7becceb71756aa5ada2

Request headers

Referer
https://techcommunity.microsoft.com/
Origin
https://techcommunity.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Mon, 22 Jun 2020 16:25:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D816C8D5A68B36
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
34d29c47-201e-002b-1108-f0b0e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=29201128
x-ms-version
2009-09-19
content-length
24232
segoeui-bold.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/
32 KB
33 KB
Font
General
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-bold.woff2
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1183::33e7 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c599144a6ee494d56d4622e7cc57873a3ba7b3413e525f3e3b4aa7d8298aa2ec

Request headers

Referer
https://techcommunity.microsoft.com/
Origin
https://techcommunity.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Mon, 22 Jun 2020 16:25:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D816C8D56FDD6D
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
0bdf159e-601e-0083-3306-f02e4a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=16623152
x-ms-version
2009-09-19
content-length
32964
segoeui-italic.woff2
static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/
27 KB
27 KB
Font
General
Full URL
https://static2.sharepointonline.com/files/fabric/assets/fonts/segoeui-westeuropean/segoeui-italic.woff2
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1183::33e7 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e172a02b68f977a57a1690507df809db1e43130f0161961709a36dbd70b4d25f

Request headers

Referer
https://techcommunity.microsoft.com/
Origin
https://techcommunity.microsoft.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Mon, 22 Jun 2020 16:25:10 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D816C8D5700487
content-type
font/woff2
access-control-allow-origin
*
x-ms-request-id
7f3ed27c-601e-0077-2437-f0e5bc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=29190716
x-ms-version
2009-09-19
content-length
27624
social-share-linkedin.svg
techcommunity.microsoft.com/html/assets/
446 B
512 B
Image
General
Full URL
https://techcommunity.microsoft.com/html/assets/social-share-linkedin.svg
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
ca97c5dbd81119bc49675bd0e4ac3f99b065b78a551ed83d2cc1c580eb662e99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"446-1724765884000-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=151
accept-ranges
bytes
content-length
318
social-share-facebook.svg
techcommunity.microsoft.com/html/assets/
335 B
461 B
Image
General
Full URL
https://techcommunity.microsoft.com/html/assets/social-share-facebook.svg
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
c5fc5793acbea876e66b5a0356dfb02bba6c88de5f96129050da57ed7ab099f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"335-1724765884000-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=6252
accept-ranges
bytes
content-length
266
social-share-twitter.svg
techcommunity.microsoft.com/html/assets/
666 B
586 B
Image
General
Full URL
https://techcommunity.microsoft.com/html/assets/social-share-twitter.svg
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
ac83b175551faec7002d40b7bf180713a941da698332b7a4d3b0033d0046b63e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"666-1724765884000-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1801
accept-ranges
bytes
content-length
391
reddit1.png
techcommunity.microsoft.com/html/assets/
1 KB
1 KB
Image
General
Full URL
https://techcommunity.microsoft.com/html/assets/reddit1.png
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
dfd50a6c936a83fb022c860e416f08bf7d779576f47cc193d0b2956a4327e4c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 26 Mar 2024 17:39:25 GMT
server
Apache
etag
W/"1037-1711474765000"
content-type
image/png
cache-control
max-age=638
accept-ranges
bytes
content-length
1037
social-share-email.svg
techcommunity.microsoft.com/html/assets/
566 B
549 B
Image
General
Full URL
https://techcommunity.microsoft.com/html/assets/social-share-email.svg
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
ff9a171ca30e90e5f92ec92a8742ad972742f2e1d6646b33961c6be0bf4b8884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/skins/6532683/d6015b4fe5379c6cd49975634c74404a/my_new_skin.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"566-1724765884000-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=623
accept-ranges
bytes
content-length
355
800020260725_1725958686090.gif
techcommunity.microsoft.com/beacon/
0
334 B
Image
General
Full URL
https://techcommunity.microsoft.com/beacon/800020260725_1725958686090.gif
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Fri, 02 Nov 2007 00:36:01 GMT
server
Apache
x-frame-options
SAMEORIGIN
cache-control
max-age=0, no-cache, no-store
expires
Tue, 10 Sep 2024 08:58:07 GMT
5g62gvf1i3
www.clarity.ms/tag/
513 B
769 B
Script
General
Full URL
https://www.clarity.ms/tag/5g62gvf1i3
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04be0d7a9640d7f9e197297e13cf2b967a86e6cb3725e98abe8a93da3ca8569a

Request headers

Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
date
Tue, 10 Sep 2024 08:58:07 GMT
x-azure-ref
20240910T085807Z-185fd9c9b469p58mchzqq257as00000005r00000000030e6
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
513
expires
-1
custom.blog-article-label-widget
techcommunity.microsoft.com/plugins/custom/microsoft/o365/
380 B
661 B
XHR
General
Full URL
https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom.blog-article-label-widget?tid=-6464522310050554823
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/scripts/C1D0FDEB5D557CE5FA1EFA105E95A13F/lia-scripts-common-min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
c8c407db1b0172400c255ee0f09977420ce4d8bad85eef88ed2a94ae3688cda3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
text/html, */*; q=0.01
Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
en-US
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
226
expires
Tue, 10 Sep 2024 08:58:07 GMT
truncated
/
667 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edd8db5c29b96b7a290a5e266d426dca85541b7cd7a62b180e5ec89dc635f05f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
listen-icon.svg
techcommunity.microsoft.com/html/assets/TTS_reader_azure/images/
1 KB
731 B
Image
General
Full URL
https://techcommunity.microsoft.com/html/assets/TTS_reader_azure/images/listen-icon.svg
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
b3c47b85c52c02c90f45bb9d4a97a45d0f81462c23c151e489149f3d785c436f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"1175-1724765884000-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2784
accept-ranges
bytes
content-length
535
play.svg
techcommunity.microsoft.com/html/assets/TTS_reader_azure/images/
568 B
501 B
Image
General
Full URL
https://techcommunity.microsoft.com/html/assets/TTS_reader_azure/images/play.svg
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
09939aed09294c0568b95fd11e728cafdeb7b470d4dcedb0f2265c0b28ab48cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"568-1724765884000-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=668
accept-ranges
bytes
content-length
307
azure-icon.svg
techcommunity.microsoft.com/html/assets/TTS_reader_azure/images/
2 KB
1022 B
Image
General
Full URL
https://techcommunity.microsoft.com/html/assets/TTS_reader_azure/images/azure-icon.svg
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
6dd654e67cc3c1dbd14c2780c4c88d5eac3e67fe23899ccc5335a303f78f1403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"1874-1724765884000-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1919
accept-ranges
bytes
content-length
826
azure-text-icon.svg
techcommunity.microsoft.com/html/assets/TTS_reader_azure/images/
2 KB
1 KB
Image
General
Full URL
https://techcommunity.microsoft.com/html/assets/TTS_reader_azure/images/azure-text-icon.svg
Requested by
Host: techcommunity.microsoft.com
URL: https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
8baa652849b157e93aa09f91cf775e8c4305b45953a9f95c76d1deae9b034b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"1862-1724765884000-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=635
accept-ranges
bytes
content-length
959
custom.message-pronouns
techcommunity.microsoft.com/plugins/custom/microsoft/o365/
400 B
595 B
XHR
General
Full URL
https://techcommunity.microsoft.com/plugins/custom/microsoft/o365/custom.message-pronouns?tid=-6464522310050554823&messagesIds=3841810
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
727227a69e50b8198f2f6ff4a201e885def93c5cb16bd81cebd4bad50b42ab2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:07 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-language
en-US
content-type
application/json;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
221
expires
Tue, 10 Sep 2024 08:58:07 GMT
clarity.js
www.clarity.ms/s/0.7.45/
64 KB
27 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.45/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/5g62gvf1i3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15

Request headers

Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 08:58:07 GMT
content-encoding
br
last-modified
Wed, 04 Sep 2024 20:13:15 GMT
etag
W/"0x8DCCD1E024BB9EF"
vary
Accept-Encoding
x-azure-ref
20240910T085807Z-185fd9c9b469p58mchzqq257as00000005r00000000030ed
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
3be94dea-d01e-006a-1825-fff6f3000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
favicon.ico
c.s-microsoft.com/
17 KB
1 KB
Other
General
Full URL
https://c.s-microsoft.com/favicon.ico?v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:1184::356e Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 08:58:08 GMT
content-encoding
gzip
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-length
540
last-modified
Fri, 30 Aug 2024 17:14:44 GMT
etag
"1DAFB001B73DA00"
x-sitemuse-origin
Azure
x-frame-options
SAMEORIGIN
x-azure-ref
20240831T072750Z-17c78cd668btvsndz332nsqvc400000001hg000000004xv9
content-type
image/x-icon
vary
Accept-Encoding
access-control-allow-methods
GET,POST
cache-control
public, max-age=465573
access-control-allow-credentials
true
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Sun, 15 Sep 2024 18:17:41 GMT
collect
o.clarity.ms/
0
291 B
XHR
General
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://techcommunity.microsoft.com
Date
Tue, 10 Sep 2024 08:58:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
cookie-list.json
techcommunity.microsoft.com/html/assets/Scripts/
4 KB
695 B
XHR
General
Full URL
https://techcommunity.microsoft.com/html/assets/Scripts/cookie-list.json?v=6532683
Requested by
Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2587::207e Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
c2aaeb59a32c15fbbcd366019580def93aa782c5cae966cfc762c2c4b7536abf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/a-blackbyte-ransomware-intrusion-case-study/ba-p/3841810
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 10 Sep 2024 08:58:10 GMT
last-modified
Tue, 27 Aug 2024 13:38:04 GMT
server
Apache
etag
W/"3692-1724765884000-gzip"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=6494
accept-ranges
bytes
content-length
503
/
browser.events.data.microsoft.com/OneCollector/1.0/
0
0

/
browser.events.data.microsoft.com/OneCollector/1.0/
0
0

collect
o.clarity.ms/
0
291 B
XHR
General
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.45/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://techcommunity.microsoft.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://techcommunity.microsoft.com
Date
Tue, 10 Sep 2024 08:58:11 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Domain
browser.events.data.microsoft.com
URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _self object| PrsmK function| $ function| jQuery object| blogStore function| replaceBrokenAvatars function| delete_cookie function| getCookie object| UTILITIES object| globalSearchContent object| UTILITIES2 function| WcpConsent function| mscc object| LITHIUM object| FileAPI function| ttsPlayer object| floatPlayer object| oneDS3 object| oneDS object| __dynProto$Gbl object| angular object| ngFileUpload function| MessageFormat function| EXIF object| screenfull number| ng339 object| Prism function| ResizeSensor function| ElementQueries object| jQuery18305127379526782503 function| stickyScroll string| addFollwerEndpoint string| removeFollwerEndpoint function| addFollowUser function| addFollowUserBy function| addFollowUserProfile function| removeFollowUser function| removeFollowUserBy function| removeFollowUserProfile boolean| analyticsInitialized function| getCookieValue function| getConsent function| manageConsent function| logConsentValues function| getDomain function| resetCookieCategories function| resetNonEssentialCookies function| initializeAnalytics function| consentChangedCallback function| storageAvailable function| profileUserCardMe function| clarity object| pmgUtils object| pmgTools object| pmgControls function| moment function| DOMPurify function| Pikaday object| bootstrap object| siteConsent string| sourceLocation string| voice object| currentPmgPage

6 Cookies

Domain/Path Name / Value
techcommunity.microsoft.com/ Name: ApplicationGatewayAffinityCORS
Value: 1b5606d7ca708220c4118322f30636fa
techcommunity.microsoft.com/ Name: ApplicationGatewayAffinity
Value: 1b5606d7ca708220c4118322f30636fa
techcommunity.microsoft.com/ Name: LiSESSIONID
Value: 0483A0851A8F759F44D885621F1AE94A
techcommunity.microsoft.com/ Name: VISITOR_BEACON
Value: ~2HdOAsGnIZFEunsOM~p5phoIt1zTGM64il_jhnFFSQ08MaaoMThfRriftQ0uFCGr2kln7tK7EkqeN01ASC3lSTRji9IHLSZzytDn-91w..
techcommunity.microsoft.com/ Name: LithiumVisitor
Value: ~2U8Om4mCqZfbLomcH~XlzwCmOUANp6SrPrwikzE6v1uanGqgZAv6zycDPetE7MF2zn4OC-YzSuXI-nn-ekkNM4FLfwpiUXcXoROc-VBQ..
techcommunity.microsoft.com/ Name: ai_session
Value: Qq26NfExYUWrV5LsmMAj8N|1725958690378|1725958690378

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
assets.onestore.ms
browser.events.data.microsoft.com
c.s-microsoft.com
cdn.jsdelivr.net
js.monitor.azure.com
o.clarity.ms
static2.sharepointonline.com
techcommunity.microsoft.com
wcpstatic.microsoft.com
www.clarity.ms
browser.events.data.microsoft.com
152.199.4.33
2600:141b:1c00:2587::207e
2600:141b:e800:1183::33e7
2600:141b:e800:1184::356e
2600:141b:e800:1196::2957
2620:1ec:bdf::40
2a04:4e42:200::485
52.152.143.207
01eb8f5a91c70faa5681a3048eab75e78f30b4c4e0c04f8afbb46bfa98371ec0
04be0d7a9640d7f9e197297e13cf2b967a86e6cb3725e98abe8a93da3ca8569a
09939aed09294c0568b95fd11e728cafdeb7b470d4dcedb0f2265c0b28ab48cb
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1569dd95c870f769b2bc3909c52c08303956bef7dfc288402d3b8bb13148bc10
22e7ac6e00b3f7463f2c89c577877ed717686d6f219614c890317d86560c413d
264532af47b2cfb6620970592478c442a0cd429beccead9d062ff5a91284dc15
3287bf7e4beab3f52fab7534772c7d460b1a231f731f416e83bfe410fa6339b9
32d17818b2c20a8ca14a600d39cc12245a9618e13063b7becceb71756aa5ada2
366a8c119dc7b707ce7c8d06deee6f82b89a913893b77661fac906db25792f0e
40836cc9bdd9894ec136ae95c8fc9bfb0b677195f8fd8764d20d81d1cc62ec8b
4312879714fabdd686c922189bf269559e486ecf9e987308824e3bf5a5559e90
43d47e27fa62c834e3bbdb41d3acb6e47669679df10eb582f4f6b743296461cc
505b300aea9510af7045c11b16c51917bd8ed3cd92b715356f5114e721c082ac
532588e7da1a2a1cbd4962156452834cfa2980aab7fadecdb8faa91d9338de57
53950181d6cdf80591d1d3b6346782adfc798a92cffda72585ff0e6beaecfe0d
55b7469011cbdbc46e128266f4536bee8d10e0f852138e7635ad300401d8b8db
5745f901ac56aac4134b476dff12a1f9e30901eceac66dc5940f2b02219579b1
57ec7f5bbc8842e5ce74e9590bc0db23c2525cc3f4df167fbc4d8d37c0ffa0dc
5984613b368f747e821967eb38fdec976099df8f07be6154fa863ac23aafa8cc
6dd654e67cc3c1dbd14c2780c4c88d5eac3e67fe23899ccc5335a303f78f1403
727227a69e50b8198f2f6ff4a201e885def93c5cb16bd81cebd4bad50b42ab2e
78ca963227596dcd37dbd8299f224c9c5713c622b472d5789fa45dcc771c8bd2
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
875c75d4c8822615badc2747e7efad4307caadbd5ffe7a14cd95b838cc9aec2c
8baa652849b157e93aa09f91cf775e8c4305b45953a9f95c76d1deae9b034b08
8cafa619c869973d94d823638f484ff744a4d06d63c8250fa28dad46a7fadecd
8f9d8f53964dd5b0eb2a70a5af8a8791170d0f90b1b851669a34d4a9f654130a
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
90df0f7586a35c0c7bfc6a96316a01ebc9fe849feaa5fe92dd21bfedd3348e38
91f9c386c856b32076855bd435705a9b3a7bc2f052a063a5737dd89780181736
94ef87ee295c67526205d67124f404e246226105e939e14c435a20c29a956f49
a0e940031a2893b30c999476073c0ccb774fdb08614171b7f2b721f4ce0a7a10
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac83b175551faec7002d40b7bf180713a941da698332b7a4d3b0033d0046b63e
b3c47b85c52c02c90f45bb9d4a97a45d0f81462c23c151e489149f3d785c436f
bd4b92df331276f62acc5eb89c31e190b12a65a7db9ad7b8240129996e048a4f
c13413b114db369fcbd79a8e1bf234574447f0568ffd322f5fe63b1a4f910267
c2aaeb59a32c15fbbcd366019580def93aa782c5cae966cfc762c2c4b7536abf
c599144a6ee494d56d4622e7cc57873a3ba7b3413e525f3e3b4aa7d8298aa2ec
c5fc5793acbea876e66b5a0356dfb02bba6c88de5f96129050da57ed7ab099f8
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9
c8c407db1b0172400c255ee0f09977420ce4d8bad85eef88ed2a94ae3688cda3
c926cfe965c57c8022043129de1fcbd1aa49038e7ca5f707ae38918a54a60bbc
ca1f5290ce26ed1abcf67341d2f69758814c62b47485ccf2c3b7f8e82850b206
ca8d3a1a3bb5bfcef15d30044e06d6efefa81129c143a33384a9b7d566d7fb6f
ca97c5dbd81119bc49675bd0e4ac3f99b065b78a551ed83d2cc1c580eb662e99
cf9b4dca001386ab059964e95a05e8f7984ad6050de4970d74a6659d49a120e3
cfc5a7740f4e23e5ac9670d21fd76bbd5b1b0c4a9ef60f7763575a1a60b8aa65
d14d160cc0cda363325e6f729922ee07f4794f4712aec63d079e2a385919d8dc
d79ad533adf61e76cd74ab32d3d2f53ae11f50360f2f7c95613e4d23787502a0
d92825b456bb1537593c4c3e68eb08bad49cbd352846faf660afcf17cfe7e98b
dd160737ff99d0b3796fc177f5b10d9121a67ba4865abfcff00294fc5538def0
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de51e05cbd531d783aecb2f294c019734e761fe51ccdc793cb5fb40e44d38e67
dfd50a6c936a83fb022c860e416f08bf7d779576f47cc193d0b2956a4327e4c9
e0d064ac7112ab410b3eddc4fca5a6eab8dfa45e44880d02c2a9a99a5faac8db
e172a02b68f977a57a1690507df809db1e43130f0161961709a36dbd70b4d25f
e1b4f45df45003ac66d3fffc908044ec842648ecf20b1c24547c0b93e99a421d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd8db5c29b96b7a290a5e266d426dca85541b7cd7a62b180e5ec89dc635f05f
f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f
f6c078c32b958e434d9688ab210f255b6724faeea56d910a7b9bd1b28af071da
f7d80c69dbd2fbc66b658a2e726ae73dba6dcd52dd7bc80798f8a2cd0f416473
fbf4a2fd363b88924186ceae6aacb305631937cf2aade58a2fff52cf36e6616a
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
ff9a171ca30e90e5f92ec92a8742ad972742f2e1d6646b33961c6be0bf4b8884