Submitted URL: https://aka.ms/ransomware-as-a-service
Effective URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-...
Submission: On February 24 via api from IT — Scanned from IT

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 50 HTTP transactions. The main IP is 2a02:26f0:11a:398::356e, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.microsoft.com. The Cisco Umbrella rank of the primary domain is 225.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 06 on October 4th 2022. Valid for: a year.
This is the only time www.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.79.165.181 16625 (AKAMAI-AS)
1 27 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
3 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
5 2620:1ec:4f:1... 8075 (MICROSOFT...)
2 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 2.23.154.41 20940 (AKAMAI-ASN1)
2 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
5 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
1 40.126.31.72 8075 (MICROSOFT...)
1 192.229.221.185 15133 (EDGECAST)
4 20.189.173.10 8075 (MICROSOFT...)
50 11
Apex Domain
Subdomains
Transfer
32 microsoft.com
www.microsoft.com — Cisco Umbrella Rank: 225
wcpstatic.microsoft.com — Cisco Umbrella Rank: 4868
browser.events.data.microsoft.com — Cisco Umbrella Rank: 238
495 KB
5 s-microsoft.com
c.s-microsoft.com — Cisco Umbrella Rank: 5535
147 KB
4 gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 1950
60 KB
3 akamaized.net
statics-marketingsites-eus-ms-com.akamaized.net — Cisco Umbrella Rank: 12197
img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 1256
9 KB
3 onestore.ms
assets.onestore.ms — Cisco Umbrella Rank: 13874
211 KB
2 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1567
84 KB
1 msftauth.net
logincdn.msftauth.net — Cisco Umbrella Rank: 3653
6 KB
1 live.com
login.live.com — Cisco Umbrella Rank: 78
7 KB
1 aka.ms
aka.ms — Cisco Umbrella Rank: 6108
555 B
50 9
Domain Requested by
27 www.microsoft.com 1 redirects www.microsoft.com
5 c.s-microsoft.com assets.onestore.ms
4 browser.events.data.microsoft.com js.monitor.azure.com
4 mem.gfx.ms www.microsoft.com
mem.gfx.ms
3 assets.onestore.ms www.microsoft.com
2 img-prod-cms-rt-microsoft-com.akamaized.net www.microsoft.com
2 js.monitor.azure.com www.microsoft.com
mem.gfx.ms
1 logincdn.msftauth.net login.live.com
1 login.live.com mem.gfx.ms
1 statics-marketingsites-eus-ms-com.akamaized.net www.microsoft.com
1 wcpstatic.microsoft.com www.microsoft.com
1 aka.ms 1 redirects
50 12
Subject Issuer Validity Valid
www.microsoft.com
Microsoft Azure TLS Issuing CA 06
2022-10-04 -
2023-09-29
a year crt.sh
wildcard.onestore.ms
Microsoft Azure TLS Issuing CA 05
2022-09-22 -
2023-09-17
a year crt.sh
wcpstatic.microsoft.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-06 -
2023-12-06
a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 05
2022-12-23 -
2023-12-18
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2022-06-28 -
2023-06-30
a year crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 05
2023-01-04 -
2023-12-30
a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA
2022-12-30 -
2023-12-30
a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06
2022-12-07 -
2023-12-02
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Frame ID: 27F55D5B8E00A1D97763C9092F09D75E
Requests: 48 HTTP requests in this frame

Frame: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=2dc045ee-89a9-4e3c-ed62-d08437ab5268&partnerId=mssecurity
Frame ID: C5C4343E6147D4A82272A989CC64715B
Requests: 2 HTTP requests in this frame

Frame: https://mem.gfx.ms/me/mecache?partner=mssecurity&wreply=https%3A%2F%2Fwww.microsoft.com
Frame ID: 9D45634F1AE6F1A6F651A964A2AE7ECB
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself - Microsoft Security BlogtwitterCalifornia Consumer Privacy Act (CCPA) Opt-Out Icon

Page URL History Show full URLs

  1. https://aka.ms/ransomware-as-a-service HTTP 301
    https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrim... HTTP 301
    https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cyb... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

12
Subdomains

11
IPs

4
Countries

1018 kB
Transfer

3346 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aka.ms/ransomware-as-a-service HTTP 301
    https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/ HTTP 301
    https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Redirect Chain
  • https://aka.ms/ransomware-as-a-service
  • https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
  • https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
251 KB
54 KB
Document
General
Full URL
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6122f9048ec8032c940e231f10767455bac35098a7a05fefb3191221e82e91da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
max-age=600
content-encoding
gzip
content-length
54420
content-type
text/html; charset=utf-8
date
Fri, 24 Feb 2023 08:06:52 GMT
expires
Fri, 24 Feb 2023 08:16:52 GMT
link
<https://www.microsoft.com/en-us/security/blog/wp-json/>; rel="https://api.w.org/" <https://www.microsoft.com/en-us/security/blog/wp-json/wp/v2/posts/113472>; rel="alternate"; type="application/json" <https://www.microsoft.com/en-us/security/blog/?p=113472>; rel=shortlink
ms-cv
CASMicrosoftCV12b8d71d.0
ms-cv-esi
CASMicrosoftCV12b8d71d.0
strict-transport-security
max-age=31536000
tls_version
tls1.3
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-rtag
RT

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
0
date
Fri, 24 Feb 2023 08:06:51 GMT
expires
Fri, 24 Feb 2023 08:06:51 GMT
location
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
ms-cv
CASMicrosoftCV12b8d3fb.0
ms-cv-esi
CASMicrosoftCV12b8d3fb.0
pragma
no-cache
strict-transport-security
max-age=31536000
tls_version
tls1.3
x-rtag
RT
style.min.css
www.microsoft.com/en-us/security/blog/wp-includes/css/dist/block-library/
93 KB
13 KB
Stylesheet
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 11 Nov 2022 14:56:45 GMT
x-rtag
RT
etag
"172a9-5ed33192c4540-gzip"
vary
Accept-Encoding
content-type
text/css
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8e959.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8e959.0
content-length
12518
expires
Sun, 26 Mar 2023 08:06:53 GMT
classic-themes.min.css
www.microsoft.com/en-us/security/blog/wp-includes/css/
217 B
466 B
Stylesheet
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 25 Oct 2022 13:45:16 GMT
x-rtag
RT
etag
"d9-5ebdc1e39f300-gzip"
vary
Accept-Encoding
content-type
text/css
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8e95a.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8e95a.0
content-length
189
expires
Sun, 26 Mar 2023 08:06:53 GMT
jsgif.css
www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/css/gifplayer/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/css/gifplayer/jsgif.css?ver=1.3.2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
644bc58ea314f0b02f8bef2799ef7068a7ec21531543ac67f130e851480b3bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 15:18:42 GMT
x-rtag
RT
etag
"bde-5f41da9b51880-gzip"
vary
Accept-Encoding
content-type
text/css
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8e95b.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8e95b.0
content-length
898
expires
Sun, 26 Mar 2023 08:06:53 GMT
styles.css
www.microsoft.com/en-us/security/blog/wp-content/plugins/wds-ms-inline-interruption-styles-officeblogs/css/
10 KB
4 KB
Stylesheet
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/plugins/wds-ms-inline-interruption-styles-officeblogs/css/styles.css?ver=1677226012
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b201ab52de2c92539f7a276b6cf170b1bdf0f3705f1b6ab9597517d030afefe4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 15:17:13 GMT
x-rtag
RT
etag
"29a7-5f41da4671040-gzip"
vary
Accept-Encoding
content-type
text/css
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8e95c.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8e95c.0
content-length
3910
expires
Sun, 26 Mar 2023 08:06:53 GMT
mwf-west-european-default.min.css
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/
581 KB
71 KB
Stylesheet
General
Full URL
https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.1.1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f700:4b1::2957 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4919e80f038d2b93f1184d1733ac35009643481735c7bc7aa31d8b56e118fc04
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff, nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff, nosniff
last-modified
Thu, 01 Feb 2018 02:22:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
QshXRY8/Osc4oVEHlL0Pbw==
etag
"0x8D5691A9EA468B4"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=900
accept-ranges
bytes
content-length
71704
x-ms-lease-state
available
style.css
www.microsoft.com/en-us/security/blog/wp-content/themes/ms_s/
342 B
516 B
Stylesheet
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms_s/style.css?ver=1675783134
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f174b3ce00dc0ef25fe0867dae1da92a595c50f730dbe2cd1fd7f29546034e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 15:17:13 GMT
x-rtag
RT
etag
"156-5f41da4671040-gzip"
vary
Accept-Encoding
content-type
text/css
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8e95d.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8e95d.0
content-length
238
expires
Sun, 26 Mar 2023 08:06:53 GMT
style.min.css
www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/
69 KB
14 KB
Stylesheet
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/style.min.css?ver=1675783134
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3f9133661081aceb9b5e1e10aa17a87e4b7db93609497be50b677477fb5a050c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 15:18:54 GMT
x-rtag
RT
etag
"113bd-5f41daa6c3380-gzip"
vary
Accept-Encoding
content-type
text/css
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8e95e.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8e95e.0
content-length
13558
expires
Sun, 26 Mar 2023 08:06:53 GMT
wcp-consent.js
wcpstatic.microsoft.com/mscc/lib/v2/
273 KB
80 KB
Script
General
Full URL
https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 24 Feb 2023 08:06:52 GMT
content-encoding
gzip
content-md5
X1JOIM5h9UISVFS6+GfEew==
age
24426
x-cache
CONFIG_NOCACHE
content-length
81726
x-ms-lease-status
unlocked
last-modified
Wed, 24 Aug 2022 17:34:36 GMT
etag
0x8DA85F6EA62BF74
vary
Accept-Encoding
x-azure-ref
0HHD4YwAAAAA82nteXIdKSJgN16A47gldQU1TMDRFREdFMTkyMQAzOWI0NjE1Ny1jYjllLTQ5YjctYTY1YS04NzIyYTNmODI0ZTQ=
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7375645a-e01e-0021-5cee-478d42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
jquery.min.js
www.microsoft.com/en-us/security/blog/wp-includes/js/jquery/
88 KB
31 KB
Script
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 19 Sep 2022 14:16:24 GMT
x-rtag
RT
etag
"15e54-5e9085b47de00-gzip"
vary
Accept-Encoding
content-type
application/javascript
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8e95f.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8e95f.0
content-length
30995
expires
Sun, 26 Mar 2023 08:06:53 GMT
jquery-migrate.min.js
www.microsoft.com/en-us/security/blog/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
x-rtag
RT
etag
"2bd8-5b45debe27b80-gzip"
vary
Accept-Encoding
content-type
application/javascript
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8e960.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8e960.0
content-length
4169
expires
Sun, 26 Mar 2023 08:06:53 GMT
mwf-main.var.min.js
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/
302 KB
70 KB
Script
General
Full URL
https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/mwf-main.var.min.js?ver=v1.23.2+5182151
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f700:4b1::2957 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b1d83c2d49c49ea38d578afa752aaec44a86d069d6ce2d54460e2612fc31a102
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
last-modified
Thu, 01 Feb 2018 02:22:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
FuF99EJdzMvbQQjP24cb+Q==
etag
"0x8D5691AA4A90431"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=900
accept-ranges
bytes
content-length
71185
x-ms-lease-state
available
ms.analytics-web-3.min.js
js.monitor.azure.com/scripts/c/
136 KB
50 KB
Script
General
Full URL
https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8a13eda4650628c3b24edd6b407cfedf1821188701430545bc17ccf7fe0083ac

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:52 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.9
last-modified
Tue, 21 Feb 2023 18:31:48 GMT
x-ms-meta-jssdksrc
[cdn]/scripts/c/ms.analytics-web-3.2.9.min.js
content-md5
aluZD4aW63pn7P5rWzyrCw==
etag
0x8DB1439E4C632FC
x-azure-ref
0HHD4YwAAAACk0YdoFNo8S7/kNJFhe8Y6QU1TMDRFREdFMTkwOQBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
b027409a-301e-00c5-1225-489bc5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-lastmodified,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
wp-emoji-release.min.js
www.microsoft.com/en-us/security/blog/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 12 Apr 2022 05:56:23 GMT
x-rtag
RT
etag
"48b9-5dc6eb878efc0-gzip"
vary
Accept-Encoding
content-type
application/javascript
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8fc82.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fc82.0
content-length
5009
expires
Sun, 26 Mar 2023 08:06:53 GMT
74-888e54
www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/
167 KB
23 KB
Stylesheet
General
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cf186f15996f1f201512c3576307588ecbf1e4d62daa72aa678b8222d6c652f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ms-operation-id
06ed124f47ca6c4ab07afa4fa02a89cd
date
Fri, 24 Feb 2023 08:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2022-12-13T20:44:15
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
6b15061f-0f26-4de6-8754-b30f69157321
tls_version
tls1.3
ms-cv-esi
CASMicrosoftCV12b8e961.0
ms-cv
CASMicrosoftCV12b8e961.0
content-length
22729
x-xss-protection
1; mode=block
last-modified
Tue, 13 Dec 2022 20:44:15 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-11-11T02:52:14.0000000Z}
x-s1
2022-12-13T20:44:15
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=25274294
vary
Accept-Encoding
timing-allow-origin
*
x-appversion
1.0.8349.33967
expires
Wed, 13 Dec 2023 20:45:06 GMT
override.css
statics-marketingsites-eus-ms-com.akamaized.net/statics/
1 KB
926 B
Stylesheet
General
Full URL
https://statics-marketingsites-eus-ms-com.akamaized.net/statics/override.css
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.23.154.41 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-154-41.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Unused62
8096267
Content-Encoding
gzip
Date
Fri, 24 Feb 2023 08:06:52 GMT
Last-Modified
Tue, 11 Jun 2019 23:22:13 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D6EEC3A2D67C35
Vary
Accept-Encoding
Content-Type
text/css
x-ms-request-id
aa45aa48-101e-0072-1d0d-347b34000000
x-ms-version
2009-09-19
Connection
keep-alive
Content-Length
473
a2-598841
www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23...
134 KB
36 KB
Script
General
Full URL
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/3b-84517a/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=02242021_3231&iife=1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14bc892aff22a1998743df7de326750231ec0592917c70c5a9e5478fea456409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ms-operation-id
7228857332353f429312d50191e727e8
date
Fri, 24 Feb 2023 08:06:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-rtag
RT
x-s2
2023-01-24T17:58:53
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
46f32dcc-9c96-4f06-9ba0-f49c2fdf5d96
tls_version
tls1.3
ms-cv-esi
CASMicrosoftCV12b8e962.0
ms-cv
CASMicrosoftCV12b8e962.0
content-length
35900
x-xss-protection
1; mode=block
last-modified
Tue, 24 Jan 2023 17:58:52 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-01-06T05:19:12.0000000Z}
x-s1
2023-01-24T17:58:52
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=28893081
vary
Accept-Encoding
timing-allow-origin
*
x-appversion
1.0.8405.38376
expires
Wed, 24 Jan 2024 17:58:13 GMT
meversion
mem.gfx.ms/
29 KB
10 KB
Script
General
Full URL
https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e6a4745850773a79c8b5f9101f69147afd055be2f450d34dc1599599b066cca0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ua-compatible
IE=edge
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 24 Feb 2023 08:06:53 GMT
x-azure-ref
0HXD4YwAAAAC5iuxLiEo1QpADrjTFNQufQU1TMDRFREdFMTgwNgBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=43200
expires
Fri, 24 Feb 2023 14:21:06 GMT
RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/
4 KB
4 KB
Image
General
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::217:9a3b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
last-modified
Wed, 25 Jan 2023 14:03:09 GMT
x-resizerversion
1.0
x-datacenter
northeu
x-source-length
4054
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=197079
x-activityid
e9417fc8-23af-4c17-b605-4c4b4d1c1005
content-location
https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
timing-allow-origin
*
content-length
4054
expires
Sun, 26 Feb 2023 14:51:32 GMT
Fig1-RaaS-affiliate-model-3-1024x496.png
www.microsoft.com/en-us/security/blog/wp-content/uploads/2022/05/
96 KB
96 KB
Image
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2022/05/Fig1-RaaS-affiliate-model-3-1024x496.png
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a7da67be429bd1f7895e92d8090dae677407921a7d48f32b6f89d1f63fc323bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 08 Sep 2022 12:00:31 GMT
x-rtag
RT
etag
"17f87-5e8292d15c622"
content-type
image/png
tls_version
tls1.3
cache-control
max-age=31536000
ms-cv-esi
CASMicrosoftCV12b8fc83.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fc83.0
content-length
98183
expires
Sat, 24 Feb 2024 08:06:53 GMT
Featured-image-440x268.jpg
www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/02/
20 KB
21 KB
Image
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/02/Featured-image-440x268.jpg
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
03b0e20639e3092f188a084825f9496383266f030dbe88edb0bda50d79c318ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 16 Feb 2023 16:33:12 GMT
x-rtag
RT
etag
"51ec-5f4d3c0c36baf"
content-type
image/jpeg
tls_version
tls1.3
cache-control
max-age=31536000
ms-cv-esi
CASMicrosoftCV12b8fc84.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fc84.0
content-length
20972
expires
Sat, 24 Feb 2024 08:06:53 GMT
SUR22_COMMR_LaptopGo2_Contextual_0265_RGB-440x268.jpg
www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/02/
18 KB
19 KB
Image
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/02/SUR22_COMMR_LaptopGo2_Contextual_0265_RGB-440x268.jpg
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2c93857215d7969c1ec912da76d69f2b5d06faa104a4597bd97c97277f8b2583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 20:35:06 GMT
x-rtag
RT
etag
"48eb-5f4aee628b28b"
content-type
image/jpeg
tls_version
tls1.3
cache-control
max-age=31536000
ms-cv-esi
CASMicrosoftCV12b8fd06.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fd06.0
content-length
18667
expires
Sat, 24 Feb 2024 08:06:53 GMT
CLO22_Cafe_006-1-440x268.jpg
www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/02/
16 KB
16 KB
Image
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/02/CLO22_Cafe_006-1-440x268.jpg
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f6fbf48c9e9866861a626ebeb3b7eeadb7e418d33c048116ee46343fad851e0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 06 Feb 2023 16:55:22 GMT
x-rtag
RT
etag
"3fa9-5f40ae59b5ba3"
content-type
image/jpeg
tls_version
tls1.3
cache-control
max-age=31536000
ms-cv-esi
CASMicrosoftCV12b8fd07.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fd07.0
content-length
16297
expires
Sat, 24 Feb 2024 08:06:53 GMT
focus-within.js
www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/vendor/
10 KB
4 KB
Script
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/vendor/focus-within.js?ver=1.3.2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c05536c0f0662d15af06f535b7e11931840fa8d5893debb0d69289d3f4b15d6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 15:18:42 GMT
x-rtag
RT
etag
"289e-5f41da9b51880-gzip"
vary
Accept-Encoding
content-type
application/javascript
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8f91b.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8f91b.0
content-length
3288
expires
Sun, 26 Mar 2023 08:06:53 GMT
libgif.js
www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/gifplayer/
34 KB
9 KB
Script
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/gifplayer/libgif.js?ver=1.3.2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a96d53bba65b704f76446a222f42383a6099715b915ef05fff32f5be2634a014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 15:18:42 GMT
x-rtag
RT
etag
"8705-5f41da9b51880-gzip"
vary
Accept-Encoding
content-type
application/javascript
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8fb30.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fb30.0
content-length
9145
expires
Sun, 26 Mar 2023 08:06:53 GMT
index.js
www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/gifplayer/
4 KB
2 KB
Script
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/gifplayer/index.js?ver=1.3.2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b724f99a651bf0de96412e969f2f35af6f88cbe210b0fd1fefb35f9ae2ffa305
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 15:18:42 GMT
x-rtag
RT
etag
"109f-5f41da9b51880-gzip"
vary
Accept-Encoding
content-type
application/javascript
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8fbf9.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fbf9.0
content-length
1507
expires
Sun, 26 Mar 2023 08:06:53 GMT
modernizr.js
www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/bower_components/modernizer/
50 KB
16 KB
Script
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/bower_components/modernizer/modernizr.js?ver=2.8.2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b828b15e9b7836b493a8bd6e832a24ee13aa8b6f8b4a1bf307a7af2912014178
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 15:17:13 GMT
x-rtag
RT
etag
"c897-5f41da4671040-gzip"
vary
Accept-Encoding
content-type
application/javascript
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8fc7c.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fc7c.0
content-length
15769
expires
Sun, 26 Mar 2023 08:06:53 GMT
mwf-auto-init-main.var.min.js
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/
303 KB
71 KB
Script
General
Full URL
https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/mwf-auto-init-main.var.min.js?ver=v1.23.2+5182151
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f700:4b1::2957 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f2a28cd82e7ec00d2d8158f21fb0507722cd8b09fa4a0a16fadc58f30385cc25
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff, nosniff, nosniff, nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff, nosniff, nosniff, nosniff
last-modified
Thu, 01 Feb 2018 02:22:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
12go4t01WZJhAGBag3beKQ==
etag
"0x8D5691AA4A3D407"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
max-age=900
accept-ranges
bytes
content-length
71611
x-ms-lease-state
available
picturefill.min.js
www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/bower_components/picturefill/dist/
12 KB
5 KB
Script
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/bower_components/picturefill/dist/picturefill.min.js?ver=3.0.3
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 15:17:13 GMT
x-rtag
RT
etag
"2e1f-5f41da4671040-gzip"
vary
Accept-Encoding
content-type
application/javascript
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8fc7d.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fc7d.0
content-length
5171
expires
Sun, 26 Mar 2023 08:06:53 GMT
imagesloaded.min.js
www.microsoft.com/en-us/security/blog/wp-includes/js/
5 KB
2 KB
Script
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
x-rtag
RT
etag
"15fd-5a7fbb57c37c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8fc7e.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fc7e.0
content-length
1834
expires
Sun, 26 Mar 2023 08:06:53 GMT
masonry.min.js
www.microsoft.com/en-us/security/blog/wp-includes/js/
24 KB
8 KB
Script
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 13 Jun 2020 18:53:27 GMT
x-rtag
RT
etag
"5e4a-5a7fbb57c37c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8fc7f.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fc7f.0
content-length
7382
expires
Sun, 26 Mar 2023 08:06:53 GMT
project.min.js
www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/scripts/
6 KB
2 KB
Script
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/scripts/project.min.js?ver=1675783033
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
682d50732b7337b57f5d67840f768b93e9a209ad11b6b71e208cca2d4f504b27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 15:17:13 GMT
x-rtag
RT
etag
"19d5-5f41da4671040-gzip"
vary
Accept-Encoding
content-type
application/javascript
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8fc80.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fc80.0
content-length
2006
expires
Sun, 26 Mar 2023 08:06:53 GMT
microsoft-uhf.js
www.microsoft.com/en-us/security/blog/wp-content/plugins/microsoft-uhf/assets/
3 KB
2 KB
Script
General
Full URL
https://www.microsoft.com/en-us/security/blog/wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.4.0
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cffbae450bcad74d65019c0aa2bada046cdcf5f5fa4af699929838f58c7ff8c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 07 Feb 2023 15:18:42 GMT
x-rtag
RT
etag
"d4e-5f41da9b51880-gzip"
vary
Accept-Encoding
content-type
application/javascript
tls_version
tls1.3
cache-control
max-age=2592000
ms-cv-esi
CASMicrosoftCV12b8fc81.0
accept-ranges
bytes
ms-cv
CASMicrosoftCV12b8fc81.0
content-length
1370
expires
Sun, 26 Mar 2023 08:06:53 GMT
mwfmdl2-v3.54.woff
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/
26 KB
26 KB
Font
General
Full URL
https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff
Requested by
Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231
Origin
https://www.microsoft.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ms-operation-id
c8eea73e736cb1439143decad8832bf6
date
Fri, 24 Feb 2023 08:06:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-rtag
RT
p3p
CP="CAO CONi OTR OUR DEM ONL"
x-activity-id
260054d8-9443-4b04-b2dd-082dec25ace4
tls_version
tls1.3
ms-cv-esi
CASMicrosoftCV12b8fd08.0
ms-cv
CASMicrosoftCV12b8fd08.0
content-length
26288
x-xss-protection
1; mode=block
last-modified
Tue, 02 Aug 2022 19:08:30 GMT
x-az
{did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-07-22T05:16:44.0000000Z}
access-control-allow-methods
HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=13777269
x-appversion
1.0.8237.38302
expires
Wed, 02 Aug 2023 19:08:02 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/
29 KB
29 KB
Font
General
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
Requested by
Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:493::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

Referer
https://assets.onestore.ms/
Origin
https://www.microsoft.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"5b68d583e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=520576
accept-ranges
bytes
content-length
29388
expires
Thu, 02 Mar 2023 08:43:09 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/
33 KB
34 KB
Font
General
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by
Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:493::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer
https://assets.onestore.ms/
Origin
https://www.microsoft.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"588d483e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=520281
accept-ranges
bytes
content-length
34052
expires
Thu, 02 Mar 2023 08:38:14 GMT
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2bf73ba8c24162c4cfd51b3b508b2bc0f8ee00cab13bec8f32b6fb6359be7d17

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
223 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
707c5b510b5712a82fd8bdf073a6d9860583931ee85f6ee7e2e735e81ae05d18

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/
29 KB
30 KB
Font
General
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/latest.woff2
Requested by
Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:493::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b

Request headers

Referer
https://assets.onestore.ms/
Origin
https://www.microsoft.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
last-modified
Fri, 10 Jan 2020 19:09:42 GMT
etag
"83cce83e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=520401
accept-ranges
bytes
content-length
30132
expires
Thu, 02 Mar 2023 08:40:14 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Light/
27 KB
27 KB
Font
General
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Light/latest.woff2
Requested by
Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:493::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fe8a1047376498c80a157d13555e42a92ad480fcb0bcc9de51ad1930fbeb7f91

Request headers

Referer
https://assets.onestore.ms/
Origin
https://www.microsoft.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"1282d283e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=519633
accept-ranges
bytes
content-length
27168
expires
Thu, 02 Mar 2023 08:27:26 GMT
latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semilight/
28 KB
28 KB
Font
General
Full URL
https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semilight/latest.woff2
Requested by
Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:493::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6ba0d1a726f1887bd61727b308ed0be0e73edba17d4ad11b91ab19b632e078f6

Request headers

Referer
https://assets.onestore.ms/
Origin
https://www.microsoft.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
last-modified
Fri, 10 Jan 2020 19:09:43 GMT
etag
"95edd883e9c7d51:0"
access-control-allow-methods
GET,POST
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=521476
accept-ranges
bytes
content-length
28908
expires
Thu, 02 Mar 2023 08:58:09 GMT
ms.shared.analytics.mectrl-3.2.6.gbl.min.js
js.monitor.azure.com/scripts/c/
88 KB
34 KB
Script
General
Full URL
https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.6.gbl.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.microsoft.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:53 GMT
content-encoding
br
x-ms-meta-jssdkver
3.2.6
last-modified
Thu, 18 Aug 2022 21:40:45 GMT
content-md5
RlzwH95FOkmm6gksZWAC+w==
etag
0x8DA81624EF9033C
x-azure-ref
0HXD4YwAAAAA7KQ5wOCbATZQxe3VFH/TaQU1TMDRFREdFMTgxNABmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6ba2eb08-301e-006d-5584-4305b2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000, immutable, no-transform
x-ms-version
2009-09-19
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.23038.5/en-US/
177 KB
33 KB
Script
General
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.23038.5/en-US/meBoot.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
246e27bc1de424b2c903bcfc46afac7480e69db8d6f4af914a4e5bfaa22f289d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.microsoft.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 24 Feb 2023 08:06:53 GMT
last-modified
Thu, 16 Feb 2023 20:57:40 GMT
etag
"1d9428c5c9238a3"
x-azure-ref
0HnD4YwAAAAANZk1y8E4vSaoowgVcnrajQU1TMDRFREdFMTkxMgBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ua-compatible
IE=edge
truncated
/
358 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
me.srf
login.live.com/ Frame C5C4
12 KB
7 KB
Document
General
Full URL
https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=2dc045ee-89a9-4e3c-ed62-d08437ab5268&partnerId=mssecurity
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.23038.5/en-US/meBoot.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.126.31.72 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
52a904801a78f2c7e52e31ead862a6f9dfd68ea46c27a2dbd358a0181522b470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.microsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
4882
Content-Type
text/html; charset=utf-8
Date
Fri, 24 Feb 2023 08:06:54 GMT
Expires
Fri, 24 Feb 2023 08:05:54 GMT
Link
<https://logincdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL02PF1A30E2A86 V: 0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
1; mode=block
x-ms-request-id
ebc83ab9-fa6c-4a3a-b477-a54cf033ad06
x-ms-route-info
R3_BL2
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.23038.5/en-US/
98 KB
16 KB
Script
General
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.23038.5/en-US/meCore.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a5268a183f2a091d2d17773997e89a25fc45cbd60e586edf61f544fb85d6f6a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.microsoft.com/
Origin
https://www.microsoft.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 24 Feb 2023 08:06:53 GMT
last-modified
Thu, 16 Feb 2023 20:57:48 GMT
etag
"1d9428c615427a1"
x-azure-ref
0HnD4YwAAAABRCCrMTCdQRrWU0/Z1xQbXQU1TMDRFREdFMTkxMgBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ua-compatible
IE=edge
RE4xdax
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/
3 KB
3 KB
Image
General
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4xdax
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:11a::217:9a3b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2176784dfc7c4beeacaecacbbc6b7a1f2f281f17ff0a3c644909c3b3849ed01e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.microsoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 08:06:54 GMT
last-modified
Mon, 20 Feb 2023 13:45:18 GMT
x-resizerversion
1.0
x-datacenter
northeu
x-source-length
3094
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=106678
x-activityid
efd47b40-ccf5-4663-9e5e-53f5bed2c045
content-location
https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE4xdax
timing-allow-origin
*
content-length
3094
expires
Sat, 25 Feb 2023 13:44:52 GMT
MeControl_C74eVDl9OPpw3SeGi1S0LA2.js
logincdn.msftauth.net/16.000/content/js/ Frame C5C4
17 KB
6 KB
Script
General
Full URL
https://logincdn.msftauth.net/16.000/content/js/MeControl_C74eVDl9OPpw3SeGi1S0LA2.js
Requested by
Host: login.live.com
URL: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=2dc045ee-89a9-4e3c-ed62-d08437ab5268&partnerId=mssecurity
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C07) /
Resource Hash
94b7b25eb9f88a3dfd84e704bdf6b93aa459841568fdb94ba06f1d629610c2ae

Request headers

Referer
https://login.live.com/
Origin
https://login.live.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 24 Feb 2023 08:06:54 GMT
content-encoding
gzip
content-md5
EIFafJzBxopRr+TjzV2Iig==
age
1410578
x-cache
HIT
content-length
6056
x-ms-lease-status
unlocked
last-modified
Thu, 02 Feb 2023 06:25:08 GMT
server
ECAcc (mil/6C07)
etag
0x8DB04E63AE78256
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
49fb1fe5-501e-0024-7b52-3b4b78000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
/
browser.events.data.microsoft.com/OneCollector/1.0/
153 B
1 KB
XHR
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
3bfaec2707f439c73e2f30dfb026c51cc18a771d8aed6c238f920a65a88684f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1677226014719
accept-language
it-IT,it;q=0.9
client-version
1DS-Web-JS-3.2.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
time-delta-to-apply-millis
use-collector-delta
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://www.microsoft.com/
apikey
cb68b8f590184975aa5eb4ed576fb074-e666ac9b-fa31-4339-8b9c-775f4bae31f3-6978
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 24 Feb 2023 08:06:55 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
1460
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
application/json
Access-Control-Allow-Origin
https://www.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame
0
0
Preflight
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://www.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://www.microsoft.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Fri, 24 Feb 2023 08:06:55 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
mecache
mem.gfx.ms/me/ Frame 9D45
3 KB
1 KB
Document
General
Full URL
https://mem.gfx.ms/me/mecache?partner=mssecurity&wreply=https%3A%2F%2Fwww.microsoft.com
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.23038.5/en-US/meBoot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e5e6a51911921473110b82b7b986b0b35be3ae52803de27b0c675206982222f
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://www.microsoft.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.microsoft.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
public, no-transform, max-age=43200
content-encoding
br
content-security-policy
frame-ancestors https://www.microsoft.com;
content-type
text/html; charset=utf-8
date
Fri, 24 Feb 2023 08:06:54 GMT
expires
Fri, 24 Feb 2023 20:06:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-azure-ref
0HnD4YwAAAAD93efjxnmYSbIACJUiXqGBQU1TMDRFREdFMTgwNgBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache
TCP_MISS
x-content-type-options
nosniff
x-ua-compatible
IE=edge
/
browser.events.data.microsoft.com/OneCollector/1.0/ Frame
0
0
Preflight
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method
POST
Origin
https://www.microsoft.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin
https://www.microsoft.com
Access-Control-Max-Age
3600
Cache-Control
public, 3600
Content-Length
0
Date
Fri, 24 Feb 2023 08:06:56 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
browser.events.data.microsoft.com/OneCollector/1.0/
153 B
593 B
XHR
General
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.189.173.10 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
3bfaec2707f439c73e2f30dfb026c51cc18a771d8aed6c238f920a65a88684f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

upload-time
1677226016290
accept-language
it-IT,it;q=0.9
client-version
1DS-Web-JS-3.2.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
time-delta-to-apply-millis
1460
content-type
application/x-json-stream
cache-control
no-cache, no-store
Referer
https://www.microsoft.com/
apikey
cb68b8f590184975aa5eb4ed576fb074-e666ac9b-fa31-4339-8b9c-775f4bae31f3-6978
Client-Id
NO_AUTH

Response headers

Strict-Transport-Security
max-age=31536000
Date
Fri, 24 Feb 2023 08:06:56 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
264
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://www.microsoft.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
153

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| event boolean| credentialless object| _wpemojiSettings function| WcpConsent function| mscc function| $ function| jQuery object| mwf object| html5 object| Modernizr object| picturefillCFG function| picturefill object| e function| t object| oneDS object| __dynProto$Gbl string| _linkedin_data_partner_id function| linkedinTracking function| gdcTracking function| clarityTracking object| ccpaElement string| resolvedTimeZone object| timeZones undefined| showLink function| onConsentChanged function| dropAnalyticsCookies function| dropAdvertisingCookies function| dropSocialMediaCookies object| siteConsent object| addthis_config object| config function| applyFocusVisiblePolyfill function| SuperGif object| msgifs object| mwfAutoInit function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| wdsWrapBrands object| wdsEmDashFix object| wdsPostFilterToggle object| wdsStickyAudioPlayer object| windowReady object| microsoftUhfSettings object| onShellReadyToLoad object| MSA object| MeControl function| MeControlDefine function| MeControlImport object| twemoji object| wp object| msCommonShell object| oneDsMeControl

8 Cookies

Domain/Path Name / Value
www.microsoft.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: b29a54c3-3e1e-4be4-b506-e388030b0140
www.microsoft.com/ Name: ai_session
Value: GQf508H/CCqqkCIdsjcbRA|1677226013716|1677226013716
.login.live.com/ Name: uaid
Value: 2dc045ee89a94e3ced62d08437ab5268
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1677226014&co=1
.login.live.com/ Name: OParams
Value: 11O.DZDAbTJ7z7uw38JJX*Gw3GT9M*fYfCorees33t2rcmckSAOh9Br6HpBjC*bh8r1mHlCB1qYOHXIDO*Gfl*uMp8q6CIzNIP5oOoP5t8jMv!HTweLZtlOP!v9YjrQ6sqLtbotJWH4wxOOkSlF109Z7Efisj9TAbj9XdeOZoXMZrAhB8JndoQYum7IHAaYTPsBpHrZb0JZiWL6ut8k*f18CRhokrs07zHu5Oe*1fHo2qTTDGEbw*b2fGtXfqlHRSrUhovSCNeG76lsc8HAD*ruqBHw$
.microsoft.com/ Name: MC1
Value: GUID=c85c547ea4be4f9c8d7e8b3a9912515e&HASH=c85c&LV=202302&V=4&LU=1677226016179
.microsoft.com/ Name: MS0
Value: ab74724972ad4c61a46d06a7d66f1b24
www.microsoft.com/ Name: MSFPC
Value: GUID=c85c547ea4be4f9c8d7e8b3a9912515e&HASH=c85c&LV=202302&V=4&LU=1677226016179

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aka.ms
assets.onestore.ms
browser.events.data.microsoft.com
c.s-microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
js.monitor.azure.com
login.live.com
logincdn.msftauth.net
mem.gfx.ms
statics-marketingsites-eus-ms-com.akamaized.net
wcpstatic.microsoft.com
www.microsoft.com
192.229.221.185
2.23.154.41
20.189.173.10
23.79.165.181
2620:1ec:4e:1::44
2620:1ec:4f:1::44
2a02:26f0:11a:398::356e
2a02:26f0:11a::217:9a3b
2a02:26f0:f700:493::356e
2a02:26f0:f700:4b1::2957
40.126.31.72
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03b0e20639e3092f188a084825f9496383266f030dbe88edb0bda50d79c318ad
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
0e5e6a51911921473110b82b7b986b0b35be3ae52803de27b0c675206982222f
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
14bc892aff22a1998743df7de326750231ec0592917c70c5a9e5478fea456409
2176784dfc7c4beeacaecacbbc6b7a1f2f281f17ff0a3c644909c3b3849ed01e
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
246e27bc1de424b2c903bcfc46afac7480e69db8d6f4af914a4e5bfaa22f289d
2bf73ba8c24162c4cfd51b3b508b2bc0f8ee00cab13bec8f32b6fb6359be7d17
2c93857215d7969c1ec912da76d69f2b5d06faa104a4597bd97c97277f8b2583
3bfaec2707f439c73e2f30dfb026c51cc18a771d8aed6c238f920a65a88684f1
3f9133661081aceb9b5e1e10aa17a87e4b7db93609497be50b677477fb5a050c
4919e80f038d2b93f1184d1733ac35009643481735c7bc7aa31d8b56e118fc04
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
52a904801a78f2c7e52e31ead862a6f9dfd68ea46c27a2dbd358a0181522b470
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
6122f9048ec8032c940e231f10767455bac35098a7a05fefb3191221e82e91da
644bc58ea314f0b02f8bef2799ef7068a7ec21531543ac67f130e851480b3bda
682d50732b7337b57f5d67840f768b93e9a209ad11b6b71e208cca2d4f504b27
6ba0d1a726f1887bd61727b308ed0be0e73edba17d4ad11b91ab19b632e078f6
707c5b510b5712a82fd8bdf073a6d9860583931ee85f6ee7e2e735e81ae05d18
7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
8a13eda4650628c3b24edd6b407cfedf1821188701430545bc17ccf7fe0083ac
94b7b25eb9f88a3dfd84e704bdf6b93aa459841568fdb94ba06f1d629610c2ae
a5268a183f2a091d2d17773997e89a25fc45cbd60e586edf61f544fb85d6f6a8
a7da67be429bd1f7895e92d8090dae677407921a7d48f32b6f89d1f63fc323bb
a96d53bba65b704f76446a222f42383a6099715b915ef05fff32f5be2634a014
b1d83c2d49c49ea38d578afa752aaec44a86d069d6ce2d54460e2612fc31a102
b201ab52de2c92539f7a276b6cf170b1bdf0f3705f1b6ab9597517d030afefe4
b724f99a651bf0de96412e969f2f35af6f88cbe210b0fd1fefb35f9ae2ffa305
b828b15e9b7836b493a8bd6e832a24ee13aa8b6f8b4a1bf307a7af2912014178
c05536c0f0662d15af06f535b7e11931840fa8d5893debb0d69289d3f4b15d6c
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf186f15996f1f201512c3576307588ecbf1e4d62daa72aa678b8222d6c652f8
cffbae450bcad74d65019c0aa2bada046cdcf5f5fa4af699929838f58c7ff8c2
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e6a4745850773a79c8b5f9101f69147afd055be2f450d34dc1599599b066cca0
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
f174b3ce00dc0ef25fe0867dae1da92a595c50f730dbe2cd1fd7f29546034e81
f2a28cd82e7ec00d2d8158f21fb0507722cd8b09fa4a0a16fadc58f30385cc25
f6fbf48c9e9866861a626ebeb3b7eeadb7e418d33c048116ee46343fad851e0a
fe8a1047376498c80a157d13555e42a92ad480fcb0bcc9de51ad1930fbeb7f91
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869