spmtreleasescus.blob.core.windows.net Open in urlscan Pro
52.239.158.138  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request default.htm Show response spmtreleasescus.blob.core.windows.net/install/	4 KB 5 KB	440ms 172ms	Document text/html	52.239.158.138 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://spmtreleasescus.blob.core.windows.net/install/default.htm Protocol HTTP/1.1 Server 52.239.158.138 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 49d38835e5f1fce3c982f3aeb247189f9d9f47288f1fd87e71c7b526f677b7f2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Content-Length 4546 Content-MD5 wxkV2MbhNnYQkMTRz3c+JQ== Content-Type text/html; Date Mon, 09 May 2022 13:51:13 GMT ETag 0x8D8DA1C86314A20 Last-Modified Fri, 26 Feb 2021 06:05:31 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-blob-type BlockBlob x-ms-lease-status unlocked x-ms-request-id bb4ffed2-b01e-0125-29ab-63f07d000000 x-ms-version 2009-09-19
GET H2	200	fabric.min.css static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/css/	66 KB 11 KB	236ms 53ms	Stylesheet text/css	96.16.146.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/css/fabric.min.css Requested by Host: spmtreleasescus.blob.core.windows.net URL: http://spmtreleasescus.blob.core.windows.net/install/default.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.146.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-146-233.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 6d578eb55e7fb3fc677c63e6ab840053a5773ca0b667d6fe6dc27edbd1a59e73 Request headers accept-language en-GB,en;q=0.9 Referer http://spmtreleasescus.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 09 May 2022 13:51:14 GMT content-encoding gzip content-md5 XUjxWbxfkV3LFSJbRQCH2A== content-length 11130 x-ms-lease-status unlocked last-modified Fri, 22 Sep 2017 23:42:39 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D502139C45D439 vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 67394b88-201e-005b-33e5-78bf16000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=5483332 x-ms-version 2009-09-19
GET H2	200	fabric.components.min.css static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/css/	102 KB 15 KB	239ms 57ms	Stylesheet text/css	96.16.146.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/css/fabric.components.min.css Requested by Host: spmtreleasescus.blob.core.windows.net URL: http://spmtreleasescus.blob.core.windows.net/install/default.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.146.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-146-233.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 6b701dbe9b7aeba38782e2f6726e2a928ec2abef62f43866c88f44fd1a282b2a Request headers accept-language en-GB,en;q=0.9 Referer http://spmtreleasescus.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 09 May 2022 13:51:14 GMT content-encoding gzip content-md5 lkkPz7twH/cowVWndqClEw== content-length 14744 x-ms-lease-status unlocked last-modified Thu, 02 Nov 2017 17:22:03 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D522163BD7D3C1 vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 819deff4-201e-0074-2ee5-78b2dd000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=5483269 x-ms-version 2009-09-19
GET H/1.1	200 OK	style.css spmtreleasescus.blob.core.windows.net/install/	2 KB 2 KB	167ms 166ms	Stylesheet text/css	52.239.158.138 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://spmtreleasescus.blob.core.windows.net/install/style.css Requested by Host: spmtreleasescus.blob.core.windows.net URL: http://spmtreleasescus.blob.core.windows.net/install/default.htm Protocol HTTP/1.1 Server 52.239.158.138 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 578c9229ce27eb5d1940c13b97d28f792f927e122051c07fdecb0beb50218695 Request headers accept-language en-GB,en;q=0.9 Referer http://spmtreleasescus.blob.core.windows.net/install/default.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 09 May 2022 13:51:14 GMT Last-Modified Fri, 24 May 2019 03:24:18 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 FpskAWX06tVSn8Nu3c9fOg== ETag 0x8D6DFF74EA003E5 Content-Type text/css x-ms-request-id bb4fff20-b01e-0125-6dab-63f07d000000 x-ms-version 2009-09-19 Content-Length 1687
GET H2	200	fabric.min.js Show response static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/js/	70 KB 15 KB	295ms 113ms	Script application/javascript	96.16.146.233 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/js/fabric.min.js Requested by Host: spmtreleasescus.blob.core.windows.net URL: http://spmtreleasescus.blob.core.windows.net/install/default.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.146.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-146-233.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 36b147da61d542a557a9b3d490e9ea174874c8d0d8fcdf35a841734bb5604ed5 Request headers accept-language en-GB,en;q=0.9 Referer http://spmtreleasescus.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 09 May 2022 13:51:14 GMT content-encoding gzip content-md5 /u5CUDtPQ05Xetj+EAzm8g== content-length 15069 x-ms-lease-status unlocked last-modified Wed, 16 Aug 2017 00:33:35 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D4E43E6E7A7355 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 5ec0a240-d01e-00ab-6ce5-78f9e7000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=5483245 x-ms-version 2009-09-19
GET H/1.1	200 OK	config.js Show response spmtreleasescus.blob.core.windows.net/install/	482 B 898 B	165ms 164ms	Script application/javascript	52.239.158.138 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://spmtreleasescus.blob.core.windows.net/install/config.js Requested by Host: spmtreleasescus.blob.core.windows.net URL: http://spmtreleasescus.blob.core.windows.net/install/default.htm Protocol HTTP/1.1 Server 52.239.158.138 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash cd1b4c845e5339acfde7b5f570a46f5ef8e83387548c1bcee1a69dec0d74fab6 Request headers accept-language en-GB,en;q=0.9 Referer http://spmtreleasescus.blob.core.windows.net/install/default.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 09 May 2022 13:51:13 GMT Last-Modified Fri, 24 May 2019 03:24:18 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 UKbSiwCs5o/s+JJzcKGJ6w== ETag 0x8D6DFF74E236A44 Content-Type application/javascript x-ms-request-id 19800173-e01e-00f5-3bab-630a8a000000 x-ms-version 2009-09-19 Content-Length 482
GET H/1.1	200 OK	scripts-header.js Show response spmtreleasescus.blob.core.windows.net/install/	1 KB 2 KB	321ms 164ms	Script application/javascript	52.239.158.138 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://spmtreleasescus.blob.core.windows.net/install/scripts-header.js?version=108 Requested by Host: spmtreleasescus.blob.core.windows.net URL: http://spmtreleasescus.blob.core.windows.net/install/default.htm Protocol HTTP/1.1 Server 52.239.158.138 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 7c112a66006332221a1c49b14b8d334f6eddf978af0e3dd0cff6fc2d800d4ab6 Request headers accept-language en-GB,en;q=0.9 Referer http://spmtreleasescus.blob.core.windows.net/install/default.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 09 May 2022 13:51:14 GMT Last-Modified Fri, 26 Feb 2021 06:05:31 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 f93gid0oMF1bUAhZO/Rz4Q== ETag 0x8D8DA1C86312309 Content-Type application/javascript x-ms-request-id a89ce48f-001e-013c-78ab-63dc15000000 x-ms-version 2009-09-19 Content-Length 1221
GET H/1.1	200 OK	/ Show response api.ipify.org/	30 B 214 B	434ms 148ms	Script application/javascript	3.232.242.170 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=jsonp&callback=getIP Requested by Host: spmtreleasescus.blob.core.windows.net URL: http://spmtreleasescus.blob.core.windows.net/install/default.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.232.242.170 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-242-170.compute-1.amazonaws.com Software Cowboy / Resource Hash 428bad69ba78c63bf42a06146f07983e77b26465c7f259a550d5c50a3a76d3d4 Request headers accept-language en-GB,en;q=0.9 Referer http://spmtreleasescus.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 09 May 2022 13:51:14 GMT Via 1.1 vegur Server Cowboy Connection keep-alive Content-Length 30 Vary Origin Content-Type application/javascript
GET H/1.1	200 OK	migration-tool.png spmtreleasescus.blob.core.windows.net/install/	3 KB 3 KB	165ms 165ms	Image image/png	52.239.158.138 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL http://spmtreleasescus.blob.core.windows.net/install/migration-tool.png Requested by Host: spmtreleasescus.blob.core.windows.net URL: http://spmtreleasescus.blob.core.windows.net/install/default.htm Protocol HTTP/1.1 Server 52.239.158.138 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash cc2b49ad861838c18754f78266690a2db941d97506b9bfcb61a41e9b32a2c9b1 Request headers accept-language en-GB,en;q=0.9 Referer http://spmtreleasescus.blob.core.windows.net/install/default.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 09 May 2022 13:51:14 GMT Last-Modified Fri, 24 May 2019 03:24:18 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 hXCDGyYbdZ/mI2fO1H15Uw== ETag 0x8D6DFF74E2E8FDE Content-Type image/png x-ms-request-id bb4fff7e-b01e-0125-44ab-63f07d000000 x-ms-version 2009-09-19 Content-Length 2562
GET H2	200	microsoft-gray.png assets.onestore.ms/cdnfiles/external/uhf/long/9a49a7e9d8e881327e81b9eb43dabc01de70a9bb/images/	4 KB 4 KB	401ms 65ms	Image image/png	2a02:26f0:df:3b2::2957 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://assets.onestore.ms/cdnfiles/external/uhf/long/9a49a7e9d8e881327e81b9eb43dabc01de70a9bb/images/microsoft-gray.png Requested by Host: spmtreleasescus.blob.core.windows.net URL: http://spmtreleasescus.blob.core.windows.net/install/default.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:df:3b2::2957 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960 Security Headers Name Value X-Content-Type-Options nosniff, nosniff, nosniff, nosniff, nosniff, nosniff Request headers accept-language en-GB,en;q=0.9 Referer http://spmtreleasescus.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 09 May 2022 13:51:15 GMT x-content-type-options nosniff, nosniff, nosniff, nosniff, nosniff, nosniff last-modified Tue, 27 Sep 2016 01:06:21 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 content-md5 nxTCAVCgA9fOTeV8KY8Pug== etag "0x8D3E6727EF2A7BF" content-type image/png access-control-allow-origin * access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 accept-ranges bytes content-length 4054 x-ms-lease-state available
GET H/1.1	200 OK	scripts-footer.js Show response spmtreleasescus.blob.core.windows.net/install/	2 KB 3 KB	160ms 160ms	Script application/javascript	52.239.158.138 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://spmtreleasescus.blob.core.windows.net/install/scripts-footer.js Requested by Host: spmtreleasescus.blob.core.windows.net URL: http://spmtreleasescus.blob.core.windows.net/install/default.htm Protocol HTTP/1.1 Server 52.239.158.138 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e7976b7276a44e4d1a7cda367ee573bffecae43a596d153e79968b23b35737e3 Request headers accept-language en-GB,en;q=0.9 Referer http://spmtreleasescus.blob.core.windows.net/install/default.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob Date Mon, 09 May 2022 13:51:14 GMT Last-Modified Fri, 24 May 2019 03:24:18 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 Content-MD5 70lg7FuD+F0JSbQwoPebMQ== ETag 0x8D6DFF74E2EB6F0 Content-Type application/javascript x-ms-request-id a89ce4c1-001e-013c-24ab-63dc15000000 x-ms-version 2009-09-19 Content-Length 2515
GET H/1.1	200 OK	SegoeUI-Semilight.woff2 appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/	21 KB 21 KB	242ms 62ms	Font application/font-woff2	104.92.71.235 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/SegoeUI-Semilight.woff2 Requested by Host: static2.sharepointonline.com URL: https://static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/css/fabric.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.92.71.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-71-235.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash da74c3a3173dc92a61ce9f98bf1cf5ef53d56324fa8dd118a737dbf8b15e8ce1 Request headers Referer https://static2.sharepointonline.com/ Origin http://spmtreleasescus.blob.core.windows.net accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 09 May 2022 13:51:14 GMT Last-Modified Fri, 15 Apr 2022 12:57:14 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "0f1f953c850d81:0" Content-Type application/font-woff2 Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 21612
GET H/1.1	200 OK	SegoeUI-Regular.woff2 appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/	26 KB 26 KB	243ms 63ms	Font application/font-woff2	104.92.71.235 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/SegoeUI-Regular.woff2 Requested by Host: static2.sharepointonline.com URL: https://static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/css/fabric.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.92.71.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-71-235.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 6d8d12fef5ab03af2f66ad38f3aee09a1c016119396c551191f84e93dc73dbeb Request headers Referer https://static2.sharepointonline.com/ Origin http://spmtreleasescus.blob.core.windows.net accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 09 May 2022 13:51:14 GMT Last-Modified Fri, 15 Apr 2022 12:57:14 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "0f1f953c850d81:0" Content-Type application/font-woff2 Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 26516
GET H/1.1	200 OK	SegoeUI-Semibold.woff2 appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/	23 KB 23 KB	266ms 86ms	Font application/font-woff2	104.92.71.235 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/fabric/fonts/SegoeUI-WestEuropean/SegoeUI-Semibold.woff2 Requested by Host: static2.sharepointonline.com URL: https://static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/css/fabric.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.92.71.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-71-235.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash fefbd982a5701889b166a1fbaf1570c13e89be5ad860fab8a24a70614ab8ae68 Request headers Referer https://static2.sharepointonline.com/ Origin http://spmtreleasescus.blob.core.windows.net accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 09 May 2022 13:51:14 GMT Last-Modified Fri, 15 Apr 2022 12:57:14 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "0f1f953c850d81:0" Content-Type application/font-woff2 Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 23084
GET H/1.1	200 OK	FabricMDL2Icons.woff appsforoffice.microsoft.com/fabric/fonts/icons/	67 KB 67 KB	242ms 63ms	Font font/x-woff	104.92.71.235 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appsforoffice.microsoft.com/fabric/fonts/icons/FabricMDL2Icons.woff Requested by Host: static2.sharepointonline.com URL: https://static2.sharepointonline.com/files/fabric/office-ui-fabric-js/1.2.0/css/fabric.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.92.71.235 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-92-71-235.deploy.static.akamaitechnologies.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 16e86c343895335a523a1351f52b77836b7dfd914ae59491a8648667ade9fb42 Request headers Referer https://static2.sharepointonline.com/ Origin http://spmtreleasescus.blob.core.windows.net accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 09 May 2022 13:51:14 GMT Last-Modified Fri, 15 Apr 2022 12:57:14 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "0f1f953c850d81:0" Content-Type font/x-woff Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 68776
GET H/1.1	200 OK	ai.0.js Show response az416426.vo.msecnd.net/scripts/a/	94 KB 23 KB	107ms 54ms	Script application/x-javascript	2606:2800:133:206e:1315:22a5:2006:24fd EDGECAST
General Check archive.org Show headers Download Go to Full URL http://az416426.vo.msecnd.net/scripts/a/ai.0.js Requested by Host: spmtreleasescus.blob.core.windows.net URL: http://spmtreleasescus.blob.core.windows.net/install/scripts-footer.js Protocol HTTP/1.1 Server 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FA5) / Resource Hash 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e Request headers accept-language en-GB,en;q=0.9 Referer http://spmtreleasescus.blob.core.windows.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-ms-blob-type BlockBlob Date Mon, 09 May 2022 13:51:14 GMT Content-Encoding gzip x-ms-meta-lastmodified 2020-10-01 19:31:04 Content-MD5 HdY95yzx9wIyQkVEGES+Ew== Age 1178 X-Cache HIT Content-Length 22495 x-ms-lease-status unlocked Last-Modified Thu, 11 Mar 2021 07:46:59 GMT Server ECAcc (frc/8FA5) Etag 0x8D8E461DA1A5889 Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * x-ms-request-id cde32346-d01e-009d-45a9-631acf000000 Access-Control-Expose-Headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding Cache-Control public, max-age=1800 x-ms-version 2009-09-19 Expires Mon, 09 May 2022 14:21:14 GMT
OPTIONS H2	200	track dc.services.visualstudio.com/v2/	0 0	311ms 73ms	Preflight	13.69.106.208 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type,sdk-context Access-Control-Request-Method POST Origin http://spmtreleasescus.blob.core.windows.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context access-control-allow-methods POST access-control-allow-origin * access-control-max-age 3600 content-length 0 date Mon, 09 May 2022 13:51:15 GMT x-content-type-options nosniff
POST H2	400	track Show response dc.services.visualstudio.com/v2/	186 B 372 B	87ms 87ms	XHR application/json	13.69.106.208 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: az416426.vo.msecnd.net URL: http://az416426.vo.msecnd.net/scripts/a/ai.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.69.106.208 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 43f9cea186c6a97cf28dc6183d6f81e945bc8aada8bb2a77042d9c9e4423d067 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer http://spmtreleasescus.blob.core.windows.net/ accept-language en-GB,en;q=0.9 Sdk-Context appId User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-type application/json Response headers x-ms-session-id 3A61B989-633C-4A8C-9435-F15848B8B2BE strict-transport-security max-age=31536000 x-content-type-options nosniff date Mon, 09 May 2022 13:51:15 GMT access-control-max-age 3600 content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context content-length 186

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| fabric string| STATE_HIDDEN string| CLOSE_BUTTON_CLASS string| MODIFIER_OOBE_CLASS string| DownloadPageVersion number| URL2Ratio string| versionString1 string| versionString2 string| downloadURL1 string| downloadURL2 string| downloadURL string| versionString function| getIP function| setDownloadEnabled function| setElementEnabled object| CheckBoxElements string| deployManifestUrl string| queryString undefined| frElement undefined| frElementSub undefined| a object| ButtonElements object| firstReleaseLinks object| appInsights object| AI object| Microsoft function| __extends function| _endsWith

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			spmtreleasescus.blob.core.windows.net/	1970-01-20 11:40:40	Name: ai_user Value: Yx+G9|2022-05-09T13:51:14.880Z
			spmtreleasescus.blob.core.windows.net/	1970-01-20 02:55:06	Name: ai_session Value: fdBEX|1652104275182.2|1652104275182.2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
appsforoffice.microsoft.com
assets.onestore.ms
az416426.vo.msecnd.net
dc.services.visualstudio.com
spmtreleasescus.blob.core.windows.net
static2.sharepointonline.com
104.92.71.235
13.69.106.208
2606:2800:133:206e:1315:22a5:2006:24fd
2a02:26f0:df:3b2::2957
3.232.242.170
52.239.158.138
96.16.146.233
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
16e86c343895335a523a1351f52b77836b7dfd914ae59491a8648667ade9fb42
36b147da61d542a557a9b3d490e9ea174874c8d0d8fcdf35a841734bb5604ed5
428bad69ba78c63bf42a06146f07983e77b26465c7f259a550d5c50a3a76d3d4
43f9cea186c6a97cf28dc6183d6f81e945bc8aada8bb2a77042d9c9e4423d067
49d38835e5f1fce3c982f3aeb247189f9d9f47288f1fd87e71c7b526f677b7f2
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
578c9229ce27eb5d1940c13b97d28f792f927e122051c07fdecb0beb50218695
6b701dbe9b7aeba38782e2f6726e2a928ec2abef62f43866c88f44fd1a282b2a
6d578eb55e7fb3fc677c63e6ab840053a5773ca0b667d6fe6dc27edbd1a59e73
6d8d12fef5ab03af2f66ad38f3aee09a1c016119396c551191f84e93dc73dbeb
7c112a66006332221a1c49b14b8d334f6eddf978af0e3dd0cff6fc2d800d4ab6
cc2b49ad861838c18754f78266690a2db941d97506b9bfcb61a41e9b32a2c9b1
cd1b4c845e5339acfde7b5f570a46f5ef8e83387548c1bcee1a69dec0d74fab6
da74c3a3173dc92a61ce9f98bf1cf5ef53d56324fa8dd118a737dbf8b15e8ce1
e7976b7276a44e4d1a7cda367ee573bffecae43a596d153e79968b23b35737e3
fefbd982a5701889b166a1fbaf1570c13e89be5ad860fab8a24a70614ab8ae68