www.microsoft.com Open in urlscan Pro
2a02:26f0:11a:398::356e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aka.ms/ransomware-as-a-service
Effective URL:
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-...
Submission: On February 27 via api (February 27th 2023, 8:27:39 am UTC) from IT — Scanned from IT

Summary HTTP 50 Redirects Links 115 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 50 HTTP transactions. The main IP is 2a02:26f0:11a:398::356e, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.microsoft.com. The Cisco Umbrella rank of the primary domain is 225.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 06 on October 4th 2022. Valid for: a year.

This is the only time www.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.108.184.217 104.108.184.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1 27	2a02:26f0:11a... 2a02:26f0:11a:398::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:f70... 2a02:26f0:f700:480::2957	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:4f:1... 2620:1ec:4f:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2.18.79.144 2.18.79.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2620:1ec:4e:1... 2620:1ec:4e:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:11a... 2a02:26f0:11a::217:9a60	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:f70... 2a02:26f0:f700:4b1::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	20.190.159.22 20.190.159.22	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	192.229.221.185 192.229.221.185	15133 (EDGECAST) (EDGECAST)
4	20.189.173.6 20.189.173.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
50	11

1 104.108.184.217 (Düsseldorf, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-184-217.deploy.static.akamaitechnologies.com

aka.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a02:26f0:11a:398::356e (Vienna, Austria) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:f700:480::2957 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.onestore.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:4f:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wcpstatic.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.79.144 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-144.deploy.static.akamaitechnologies.com

statics-marketingsites-eus-ms-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mem.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::217:9a60 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

img-prod-cms-rt-microsoft-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:f700:4b1::356e (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.159.22 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.185 (United States)

ASN15133 (EDGECAST, US)

logincdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.189.173.6 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	microsoft.com 1 redirects www.microsoft.com — Cisco Umbrella Rank: 225 wcpstatic.microsoft.com — Cisco Umbrella Rank: 4868 browser.events.data.microsoft.com — Cisco Umbrella Rank: 238	495 KB
5	s-microsoft.com c.s-microsoft.com — Cisco Umbrella Rank: 5535	147 KB
4	gfx.ms mem.gfx.ms — Cisco Umbrella Rank: 1950	60 KB
3	akamaized.net statics-marketingsites-eus-ms-com.akamaized.net — Cisco Umbrella Rank: 12197 img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 1256	9 KB
3	onestore.ms assets.onestore.ms — Cisco Umbrella Rank: 13874	211 KB
2	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 1567	84 KB
1	msftauth.net logincdn.msftauth.net — Cisco Umbrella Rank: 3653	6 KB
1	live.com login.live.com — Cisco Umbrella Rank: 78	7 KB
1	aka.ms 1 redirects aka.ms — Cisco Umbrella Rank: 6108	555 B
50	9

	Domain	Requested by
27	www.microsoft.com	1 redirects www.microsoft.com
5	c.s-microsoft.com	assets.onestore.ms
4	browser.events.data.microsoft.com	js.monitor.azure.com
4	mem.gfx.ms	www.microsoft.com mem.gfx.ms
3	assets.onestore.ms	www.microsoft.com
2	img-prod-cms-rt-microsoft-com.akamaized.net	www.microsoft.com
2	js.monitor.azure.com	www.microsoft.com mem.gfx.ms
1	logincdn.msftauth.net	login.live.com
1	login.live.com	mem.gfx.ms
1	statics-marketingsites-eus-ms-com.akamaized.net	www.microsoft.com
1	wcpstatic.microsoft.com	www.microsoft.com
1	aka.ms	1 redirects
50	12

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
aka.ms
azure.microsoft.com
github.com
customers.microsoft.com
events.microsoft.com
techcommunity.microsoft.com
docs.microsoft.com
servicetrust.microsoft.com
dynamics.microsoft.com
partner.microsoft.com
about.ads.microsoft.com
azuremarketplace.microsoft.com
appsource.microsoft.com
blogs.microsoft.com
developer.microsoft.com
learn.microsoft.com
twitter.com
www.linkedin.com
facebook.com
www.justice.gov
www.securityweek.com
msrc-blog.microsoft.com
symantec-enterprise-blogs.security.com
www.elastic.co
digital.nhs.uk
www.riskiq.com
cve.mitre.org
us-cert.cisa.gov
kb.pulsesecure.net
msrc.microsoft.com
nvd.nist.gov
mssecuritysummit.eventcore.com
account.microsoft.com
education.microsoft.com
powerplatform.microsoft.com
visualstudio.microsoft.com
careers.microsoft.com
news.microsoft.com
privacy.microsoft.com
support.microsoft.com
choice.microsoft.com

Subject Issuer	Validity	Valid
www.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-10-04` - `2023-09-29`	a year	crt.sh
wildcard.onestore.ms Microsoft Azure TLS Issuing CA 05	`2022-09-22` - `2023-09-17`	a year	crt.sh
wcpstatic.microsoft.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-06` - `2023-12-06`	a year	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 05	`2022-12-23` - `2023-12-18`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 05	`2023-01-04` - `2023-12-30`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-12-07` - `2023-12-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Frame ID: F9837E48EEECC730880C2C431B922295
Requests: 48 HTTP requests in this frame

Frame: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=2ae6c2e0-48e4-4171-c71b-90803e10ebec&partnerId=mssecurity
Frame ID: 9025B20B97230E9E780322D420ACBF7C
Requests: 2 HTTP requests in this frame

Frame: https://mem.gfx.ms/me/mecache?partner=mssecurity&wreply=https%3A%2F%2Fwww.microsoft.com
Frame ID: 51DD2264E45A86DFB8F4C2457FA72FF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself - Microsoft Security BlogtwitterCalifornia Consumer Privacy Act (CCPA) Opt-Out Icon

Page URL History Show full URLs

https://aka.ms/ransomware-as-a-service HTTP 301
https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrim... HTTP 301
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cyb... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

12
Subdomains

11
IPs

4
Countries

1018 kB
Transfer

3346 kB
Size

8
Cookies

115 Outgoing links

These are links going to different origins than the main page.

URL: https://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://aka.ms/3rdpartycookies
Title: Third-Party Cookies

Search URL Search Domain Scan URL

URL: https://aka.ms/edgeperformanceuhf
Title: Switch now

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/services/key-vault/
Title: Azure Key Vault

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/services/azure-firewall/
Title: Azure Firewall

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/services/web-application-firewall/
Title: Azure Web App Firewall

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/services/ddos-protection/
Title: Azure DDoS Protection

Search URL Search Domain Scan URL

URL: https://github.com/features/security
Title: GitHub Advanced Security

Search URL Search Domain Scan URL

URL: https://customers.microsoft.com/en-us/search?sq=Microsoft%20Security&ff=&p=0&so=story_publish_date%20desc
Title: Customer stories

Search URL Search Domain Scan URL

URL: https://events.microsoft.com/en-us/allevents/?language=English&clientTimeZone=1&search=security
Title: Microsoft Security Events

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/security-compliance-and-identity/ct-p/MicrosoftSecurityandCompliance
Title: Microsoft Tech Community

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/security/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/learn/topics/sci?wt.mc_id=techcom_header-webpage-m365
Title: Training & certifications

Search URL Search Domain Scan URL

URL: https://aka.ms/underattack
Title: Under attack?

Search URL Search Domain Scan URL

URL: https://servicetrust.microsoft.com/
Title: Service Trust Portal

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/
Title: Azure

Search URL Search Domain Scan URL

URL: https://dynamics.microsoft.com/en-us/
Title: Dynamics 365

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/solutions/space/
Title: Azure Space

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/solutions/quantum-computing/
Title: Quantum computing

Search URL Search Domain Scan URL

URL: https://partner.microsoft.com/en-US/
Title: Find a partner

Search URL Search Domain Scan URL

URL: https://partner.microsoft.com/en-US/membership/cloud-solution-provider
Title: Become a partner

Search URL Search Domain Scan URL

URL: https://partner.microsoft.com/en-us/membership
Title: Partner Network

Search URL Search Domain Scan URL

URL: https://about.ads.microsoft.com/en-us/resources/microsoft-advertising-partner-program/microsoft-advertising-partner-program
Title: Find an advertising partner

Search URL Search Domain Scan URL

URL: https://about.ads.microsoft.com/en-us/partners/welcome?s_cid=en-us-gct-web-src_ext-sub_0-flx_uhfcombepartner
Title: Become an advertising partner

Search URL Search Domain Scan URL

URL: https://azuremarketplace.microsoft.com/en-us/
Title: Azure Marketplace

Search URL Search Domain Scan URL

URL: https://appsource.microsoft.com/en-us/
Title: AppSource

Search URL Search Domain Scan URL

URL: https://blogs.microsoft.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://about.ads.microsoft.com/en-us?s_cid=dig-src_uhfcomm
Title: Microsoft Advertising

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/en-us/
Title: Developer Center

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/docs/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/
Title: Microsoft Learn

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet/?text=Ransomware%20as%20a%20service%3A%20Understanding%20the%20cybercrime%20gig%20economy%20and%20how%20to%20protect%20yourself&url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fblog%2F2022%2F05%2F09%2Fransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself%2F
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fblog%2F2022%2F05%2F09%2Fransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself%2F&title=Ransomware%20as%20a%20service%3A%20Understanding%20the%20cybercrime%20gig%20economy%20and%20how%20to%20protect%20yourself&source=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fblog%2F2022%2F05%2F09%2Fransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself%2F
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fblog%2F2022%2F05%2F09%2Fransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/three-members-notorious-international-cybercrime-group-fin7-custody-role-attacking-over-100
Title: three of its members were arrested

Search URL Search Domain Scan URL

URL: https://www.securityweek.com/researchers-devise-method-decrypt-hive-ransomware-encrypted-data
Title: public discourse

Search URL Search Domain Scan URL

URL: https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/
Title: CVE-2022-30190

Search URL Search Domain Scan URL

URL: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/wastedlocker-ransomware-us
Title: SocGholish

Search URL Search Domain Scan URL

URL: https://www.elastic.co/blog/elastic-security-uncovers-blister-malware-campaign
Title: Blister

Search URL Search Domain Scan URL

URL: https://twitter.com/MsftSecIntel/status/1480730559739359233
Title: is confirmed to be a China-based activity group.

Search URL Search Domain Scan URL

URL: https://digital.nhs.uk/cyber-alerts/2022/cc-4002
Title: Log4j 2

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/windows-blog-archive/lua-buglight-2-3-with-support-for-windows-8-1-and-windows-10/ba-p/701459
Title: LUA Buglight

Search URL Search Domain Scan URL

URL: https://twitter.com/jepayneMSFT/status/1012815189345857536
Title: the logon type

Search URL Search Domain Scan URL

URL: https://aka.ms/laps
Title: Local Administrator Password S

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/defender-for-identity/what-is
Title: cloud-based identity security solution

Search URL Search Domain Scan URL

URL: https://github.com/BloodHoundAD/BloodHound
Title: BloodHound

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/hunting-for-reconnaissance-activities-using-ldap-search-filters/ba-p/824726
Title: this detection guidance

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/security/benchmark/azure/
Title: Azure Security Benchmark

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/azure/security/fundamentals/identity-management-best-practices
Title: best practices for securing identity infrastructure

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/azure/active-directory/conditional-access/plan-conditional-access
Title: Conditional Access policies

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/azure/active-directory/authentication/tutorial-risk-based-sspr-mfa
Title: risk-based user sign-in protection

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/azure/active-directory/fundamentals/concept-fundamentals-block-legacy-authentication#step-1-enable-modern-authentication-in-your-directory
Title: modern authentication methods

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policy
Title: equire MFA

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/azure/active-directory/authentication/concept-authentication-methods
Title: this article

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/azure/active-directory/identity-protection/concept-workload-identity-risk
Title: Identify and secure workload identities

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/azure/active-directory/authentication/how-to-mfa-number-match
Title: computers

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/azure/active-directory/fundamentals/concept-fundamentals-block-legacy-authentication#moving-away-from-legacy-authentication
Title: legacy authentication

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/azure/active-directory/roles/best-practices
Title: the same level of security and credential hygiene

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/azure/active-directory/authentication/how-to-authentication-find-coverage-gaps
Title: gaps in authentication coverage

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus?view=o365-worldwide
Title: cloud-delivered protection

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-worldwide
Title: tamper protection

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/edr-in-block-mode?view=o365-worldwide
Title: EDR in block mode

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/enable-network-protection?view=o365-worldwide
Title: network protection

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/automated-investigations?view=o365-worldwide
Title: investigation and remediation

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/device-discovery?view=o365-worldwide
Title: device discovery

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/attack-surface-reduction?view=o365-worldwide
Title: attack surface reduction rules

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/attack-surface-reduction#block-all-office-applications-from-creating-child-processes
Title: Block all Office applications from creating child processes

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/attack-surface-reduction#block-office-communication-application-from-creating-child-processes
Title: Block Office communication application from creating child processes

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/attack-surface-reduction#block-office-applications-from-creating-executable-content
Title: Block Office applications from creating executable content

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/attack-surface-reduction#block-office-applications-from-injecting-code-into-other-processes
Title: Block Office applications from injecting code into other processes

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/attack-surface-reduction#block-execution-of-potentially-obfuscated-scripts
Title: Block execution of potentially obfuscated scripts

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/attack-surface-reduction#block-javascript-or-vbscript-from-launching-downloaded-executable-content
Title: Block JavaScript or VBScript from launching downloaded executable content

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/attack-surface-reduction#block-executable-files-from-running-unless-they-meet-a-prevalence-age-or-trusted-list-criterion
Title: Block executable files from running unless they meet a prevalence, age, or trusted list criterion

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/attack-surface-reduction#block-credential-stealing-from-the-windows-local-security-authority-subsystem
Title: Block credential stealing from the Windows local security authority subsystem (lsass.exe)

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/attack-surface-reduction#block-process-creations-originating-from-psexec-and-wmi-commands
Title: Block process creations originating from PsExec and WMI commands

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/attack-surface-reduction#use-advanced-protection-against-ransomware
Title: Use advanced protection against ransomware

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/DeployOffice/security/internet-macros-blocked
Title: default behavior of Office applications to block macros

Search URL Search Domain Scan URL

URL: https://www.riskiq.com/what-is-attack-surface-management/
Title: RiskIQ

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19781
Title: CVE-2019-19781

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/alerts/aa21-110a
Title: Pulse Secure VPN systems

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11510
Title: CVE-2019-11510

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8260
Title: CVE-2020-8260

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8243
Title: CVE-2020-8243

Search URL Search Domain Scan URL

URL: https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44784/
Title: CVE-2021-22893

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22894
Title: CVE-2021-22894

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22899
Title: CVE-2021-22899

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22900
Title: CVE-2021-22900

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20016
Title: CVE-2021-20016

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2019-0604
Title: CVE-2019-0604

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/exchange-team-blog/released-may-2021-exchange-server-security-updates/ba-p/2335209
Title: Microsoft Exchange servers

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10189
Title: CVE-2020-10189

Search URL Search Domain Scan URL

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13379
Title: CVE-2018-13379

Search URL Search Domain Scan URL

URL: https://nvd.nist.gov/vuln/detail/CVE-2021-44228
Title: CVE-2021-44228

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/microsoft-365/security/defender-endpoint/next-gen-threat-and-vuln-mgt
Title: threat and vulnerability management

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/microsoft-365/security/defender/defenderexpertsforhuntingprev
Title: Microsoft Defender Experts for Hunting

Search URL Search Domain Scan URL

URL: https://mssecuritysummit.eventcore.com/?ocid=AID3046765_QSG_584073
Title: Register today.

Search URL Search Domain Scan URL

URL: https://twitter.com/@MSFTSecurity
Title: @MSFTSecurity

Search URL Search Domain Scan URL

URL: https://account.microsoft.com/
Title: Account profile

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2139749
Title: Microsoft Store support

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/p/?LinkID=824764&clcid=0x409
Title: Returns

Search URL Search Domain Scan URL

URL: https://account.microsoft.com/orders
Title: Order tracking

Search URL Search Domain Scan URL

URL: https://education.microsoft.com/
Title: Educator training and development

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/free/students/
Title: Azure for students

Search URL Search Domain Scan URL

URL: https://powerplatform.microsoft.com/en-us/
Title: Microsoft Power Platform

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/
Title: Microsoft Tech Community

Search URL Search Domain Scan URL

URL: https://visualstudio.microsoft.com/
Title: Visual Studio

Search URL Search Domain Scan URL

URL: https://careers.microsoft.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://news.microsoft.com/
Title: Company news

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-us
Title: Privacy at Microsoft

Search URL Search Domain Scan URL

URL: https://aka.ms/yourcaliforniaprivacychoices
Title: California Consumer Privacy Act (CCPA) Opt-Out Icon Your California Privacy Choices

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/contactus
Title: Contact Microsoft

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=206977
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2196228
Title: Trademarks

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2196227
Title: Safety & eco

Search URL Search Domain Scan URL

URL: https://choice.microsoft.com/
Title: About our ads

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aka.ms/ransomware-as-a-service HTTP 301
https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/ HTTP 301
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Redirect Chain

https://aka.ms/ransomware-as-a-service
https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

251 KB
54 KB

893ms
893ms

Document
text/html

2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

92d0e23d0357d3f819948bb7f1b03ac4fee2bb0177dd4dfb5bf5d590a0366cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: max-age=600
content-encoding: gzip
content-length: 54420
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 08:27:32 GMT
expires: Mon, 27 Feb 2023 08:37:32 GMT
link: <https://www.microsoft.com/en-us/security/blog/wp-json/>; rel="https://api.w.org/" <https://www.microsoft.com/en-us/security/blog/wp-json/wp/v2/posts/113472>; rel="alternate"; type="application/json" <https://www.microsoft.com/en-us/security/blog/?p=113472>; rel=shortlink
ms-cv: CASMicrosoftCVaa0619dc.0
ms-cv-esi: CASMicrosoftCVaa0619dc.0
strict-transport-security: max-age=31536000
tls_version: tls1.3
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-rtag: RT

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Mon, 27 Feb 2023 08:27:32 GMT
expires: Mon, 27 Feb 2023 08:27:32 GMT
location: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
ms-cv: CASMicrosoftCVaa0614b9.0
ms-cv-esi: CASMicrosoftCVaa0614b9.0
pragma: no-cache
strict-transport-security: max-age=31536000
tls_version: tls1.3
x-rtag: RT

GET
H2 200 style.min.css
www.microsoft.com/en-us/security/blog/wp-includes/css/dist/block-library/ 93 KB
13 KB 778ms
775ms Stylesheet
text/css 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
x-rtag: RT
etag: "172a9-5ed33192c4540-gzip"
vary: Accept-Encoding
content-type: text/css
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa063b62.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa063b62.0
content-length: 12518
expires: Wed, 29 Mar 2023 08:27:33 GMT

GET
H2 200 classic-themes.min.css
www.microsoft.com/en-us/security/blog/wp-includes/css/ 217 B
466 B 823ms
820ms Stylesheet
text/css 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
x-rtag: RT
etag: "d9-5ebdc1e39f300-gzip"
vary: Accept-Encoding
content-type: text/css
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa063b63.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa063b63.0
content-length: 189
expires: Wed, 29 Mar 2023 08:27:33 GMT

GET
H2 200 jsgif.css
www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/css/gifplayer/ 3 KB
1 KB 830ms
827ms Stylesheet
text/css 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/css/gifplayer/jsgif.css?ver=1.3.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

644bc58ea314f0b02f8bef2799ef7068a7ec21531543ac67f130e851480b3bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 15:18:42 GMT
x-rtag: RT
etag: "bde-5f41da9b51880-gzip"
vary: Accept-Encoding
content-type: text/css
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa063b64.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa063b64.0
content-length: 898
expires: Wed, 29 Mar 2023 08:27:33 GMT

GET
H2 200 styles.css
www.microsoft.com/en-us/security/blog/wp-content/plugins/wds-ms-inline-interruption-styles-officeblogs/css/ 10 KB
4 KB 864ms
861ms Stylesheet
text/css 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/plugins/wds-ms-inline-interruption-styles-officeblogs/css/styles.css?ver=1677486452

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b201ab52de2c92539f7a276b6cf170b1bdf0f3705f1b6ab9597517d030afefe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 15:17:13 GMT
x-rtag: RT
etag: "29a7-5f41da4671040-gzip"
vary: Accept-Encoding
content-type: text/css
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa063b66.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa063b66.0
content-length: 3910
expires: Wed, 29 Mar 2023 08:27:33 GMT

GET
H2 200 mwf-west-european-default.min.css
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/ 581 KB
71 KB 342ms
219ms Stylesheet
text/css 2a02:26f0:f700:480::2957
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.1.1

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f700:480::2957 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

4919e80f038d2b93f1184d1733ac35009643481735c7bc7aa31d8b56e118fc04

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Thu, 01 Feb 2018 02:22:19 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: QshXRY8/Osc4oVEHlL0Pbw==
etag: "0x8D5691A9EA468B4"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=900
accept-ranges: bytes
content-length: 71704
x-ms-lease-state: available

GET
H2 200 style.css
www.microsoft.com/en-us/security/blog/wp-content/themes/ms_s/ 342 B
516 B 823ms
821ms Stylesheet
text/css 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms_s/style.css?ver=1675783134

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f174b3ce00dc0ef25fe0867dae1da92a595c50f730dbe2cd1fd7f29546034e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 15:17:13 GMT
x-rtag: RT
etag: "156-5f41da4671040-gzip"
vary: Accept-Encoding
content-type: text/css
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa063b67.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa063b67.0
content-length: 238
expires: Wed, 29 Mar 2023 08:27:33 GMT

GET
H2 200 style.min.css
www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/ 69 KB
14 KB 825ms
822ms Stylesheet
text/css 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/style.min.css?ver=1675783134

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3f9133661081aceb9b5e1e10aa17a87e4b7db93609497be50b677477fb5a050c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 15:18:54 GMT
x-rtag: RT
etag: "113bd-5f41daa6c3380-gzip"
vary: Accept-Encoding
content-type: text/css
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa063b68.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa063b68.0
content-length: 13558
expires: Wed, 29 Mar 2023 08:27:33 GMT

GET
H2 200 wcp-consent.js Show response
wcpstatic.microsoft.com/mscc/lib/v2/ 273 KB
80 KB 196ms
47ms Script
application/javascript 2620:1ec:4f:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Feb 2023 08:27:32 GMT
content-encoding: gzip
content-md5: X1JOIM5h9UISVFS6+GfEew==
age: 25661
x-cache: CONFIG_NOCACHE
content-length: 81726
x-ms-lease-status: unlocked
last-modified: Wed, 24 Aug 2022 17:34:36 GMT
etag: 0x8DA85F6EA62BF74
vary: Accept-Encoding
x-azure-ref: 0dWn8YwAAAADhZKemeKumTI2lZgsdgiybQU1TMDRFREdFMTkyMgAzOWI0NjE1Ny1jYjllLTQ5YjctYTY1YS04NzIyYTNmODI0ZTQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6bf721df-701e-000c-5f49-4ac36a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 jquery.min.js Show response
www.microsoft.com/en-us/security/blog/wp-includes/js/jquery/ 88 KB
31 KB 825ms
823ms Script
application/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
x-rtag: RT
etag: "15e54-5e9085b47de00-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa063b6a.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa063b6a.0
content-length: 30995
expires: Wed, 29 Mar 2023 08:27:33 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.microsoft.com/en-us/security/blog/wp-includes/js/jquery/ 11 KB
4 KB 374ms
372ms Script
application/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
x-rtag: RT
etag: "2bd8-5b45debe27b80-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa063b6c.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa063b6c.0
content-length: 4169
expires: Wed, 29 Mar 2023 08:27:33 GMT

GET
H2 200 mwf-main.var.min.js Show response
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/ 302 KB
70 KB 213ms
91ms Script
application/x-javascript 2a02:26f0:f700:480::2957
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/mwf-main.var.min.js?ver=v1.23.2+5182151

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f700:480::2957 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

b1d83c2d49c49ea38d578afa752aaec44a86d069d6ce2d54460e2612fc31a102

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Thu, 01 Feb 2018 02:22:29 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: FuF99EJdzMvbQQjP24cb+Q==
etag: "0x8D5691AA4A90431"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=900
accept-ranges: bytes
content-length: 71185
x-ms-lease-state: available

GET
H2 200 ms.analytics-web-3.min.js Show response
js.monitor.azure.com/scripts/c/ 136 KB
50 KB 208ms
88ms Script
text/javascript 2620:1ec:4f:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8a13eda4650628c3b24edd6b407cfedf1821188701430545bc17ccf7fe0083ac

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:32 GMT
content-encoding: br
x-ms-meta-jssdkver: 3.2.9
last-modified: Tue, 21 Feb 2023 18:31:48 GMT
x-ms-meta-jssdksrc: [cdn]/scripts/c/ms.analytics-web-3.2.9.min.js
content-md5: aluZD4aW63pn7P5rWzyrCw==
etag: 0x8DB1439E4C632FC
x-azure-ref: 0dWn8YwAAAACnL55zPRReRZ20PXc6s9TTQU1TMDRFREdFMTkxNwBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 82576a5a-e01e-00b8-3e85-4ab6de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-lastmodified,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19

GET
H2 200 74-888e54
www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/ 167 KB
23 KB 295ms
294ms Stylesheet
text/css 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cf186f15996f1f201512c3576307588ecbf1e4d62daa72aa678b8222d6c652f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ms-operation-id: 06ed124f47ca6c4ab07afa4fa02a89cd
date: Mon, 27 Feb 2023 08:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-rtag: RT
x-s2: 2022-12-13T20:44:15
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 6b15061f-0f26-4de6-8754-b30f69157321
tls_version: tls1.3
ms-cv-esi: CASMicrosoftCVaa063b69.0
ms-cv: CASMicrosoftCVaa063b69.0
content-length: 22729
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Dec 2022 20:44:15 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-11-11T02:52:14.0000000Z}
x-s1: 2022-12-13T20:44:15
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=25013801
timing-allow-origin: *
x-appversion: 1.0.8349.33967
expires: Wed, 13 Dec 2023 20:44:14 GMT

GET
H/1.1 200
OK override.css
statics-marketingsites-eus-ms-com.akamaized.net/statics/ 1 KB
907 B 147ms
38ms Stylesheet
text/css 2.18.79.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://statics-marketingsites-eus-ms-com.akamaized.net/statics/override.css
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-144.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 27 Feb 2023 08:27:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jun 2019 23:22:13 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D6EEC3A2D67C35
Vary: Accept-Encoding
Content-Type: text/css
x-ms-request-id: 290398cb-f01e-005a-1239-420c8b000000
x-ms-version: 2009-09-19
Connection: keep-alive
Content-Length: 473

GET
H2 200 a2-598841 Show response
www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23... 134 KB
36 KB 309ms
308ms Script
text/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/3b-84517a/b0-07f293/1e-9d9d16/52-f0367f/1f-b57352/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=02242021_3231&iife=1

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

14bc892aff22a1998743df7de326750231ec0592917c70c5a9e5478fea456409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ms-operation-id: 7228857332353f429312d50191e727e8
date: Mon, 27 Feb 2023 08:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-rtag: RT
x-s2: 2023-01-24T17:58:53
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 46f32dcc-9c96-4f06-9ba0-f49c2fdf5d96
tls_version: tls1.3
ms-cv-esi: CASMicrosoftCVaa063b6d.0
ms-cv: CASMicrosoftCVaa063b6d.0
content-length: 35900
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jan 2023 17:58:52 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-01-06T05:19:12.0000000Z}
x-s1: 2023-01-24T17:58:52
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=28632679
timing-allow-origin: *
x-appversion: 1.0.8405.38376
expires: Wed, 24 Jan 2024 17:58:52 GMT

GET
H2 200 meversion Show response
mem.gfx.ms/ 29 KB
10 KB 219ms
56ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e6a4745850773a79c8b5f9101f69147afd055be2f450d34dc1599599b066cca0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 08:27:34 GMT
x-azure-ref: 0dmn8YwAAAABT5nxiQoElQ5okGactvg/iQU1TMDRFREdFMTkyMABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
expires: Mon, 27 Feb 2023 16:09:13 GMT

GET
H2 200 RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 4 KB
4 KB 183ms
48ms Image
image/png 2a02:26f0:11a::217:9a60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:11a::217:9a60 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
last-modified: Wed, 25 Jan 2023 14:03:09 GMT
x-resizerversion: 1.0
x-datacenter: northeu
x-source-length: 4054
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=326368
x-activityid: e9417fc8-23af-4c17-b605-4c4b4d1c1005
content-location: https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
timing-allow-origin: *
content-length: 4054
expires: Fri, 03 Mar 2023 03:07:02 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.microsoft.com/en-us/security/blog/wp-includes/js/ 18 KB
5 KB 196ms
194ms Script
application/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
x-rtag: RT
etag: "48b9-5dc6eb878efc0-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa06595a.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa06595a.0
content-length: 5009
expires: Wed, 29 Mar 2023 08:27:34 GMT

GET
H2 200 Fig1-RaaS-affiliate-model-3-1024x496.png
www.microsoft.com/en-us/security/blog/wp-content/uploads/2022/05/ 96 KB
96 KB 82ms
80ms Image
image/png 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2022/05/Fig1-RaaS-affiliate-model-3-1024x496.png

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a7da67be429bd1f7895e92d8090dae677407921a7d48f32b6f89d1f63fc323bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 08 Sep 2022 12:00:31 GMT
x-rtag: RT
etag: "17f87-5e8292d15c622"
content-type: image/png
tls_version: tls1.3
cache-control: max-age=31536000
ms-cv-esi: CASMicrosoftCVaa06595b.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa06595b.0
content-length: 98183
expires: Tue, 27 Feb 2024 08:27:33 GMT

GET
H2 200 Featured-image-440x268.jpg
www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/02/ 20 KB
21 KB 130ms
128ms Image
image/jpeg 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/02/Featured-image-440x268.jpg

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

03b0e20639e3092f188a084825f9496383266f030dbe88edb0bda50d79c318ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16 Feb 2023 16:33:12 GMT
x-rtag: RT
etag: "51ec-5f4d3c0c36baf"
content-type: image/jpeg
tls_version: tls1.3
cache-control: max-age=31536000
ms-cv-esi: CASMicrosoftCVaa06595c.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa06595c.0
content-length: 20972
expires: Tue, 27 Feb 2024 08:27:34 GMT

GET
H2 200 SUR22_COMMR_LaptopGo2_Contextual_0265_RGB-440x268.jpg
www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/02/ 18 KB
19 KB 133ms
132ms Image
image/jpeg 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/02/SUR22_COMMR_LaptopGo2_Contextual_0265_RGB-440x268.jpg

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2c93857215d7969c1ec912da76d69f2b5d06faa104a4597bd97c97277f8b2583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 14 Feb 2023 20:35:06 GMT
x-rtag: RT
etag: "48eb-5f4aee628b28b"
content-type: image/jpeg
tls_version: tls1.3
cache-control: max-age=31536000
ms-cv-esi: CASMicrosoftCVaa065a24.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa065a24.0
content-length: 18667
expires: Tue, 27 Feb 2024 08:27:34 GMT

GET
H2 200 CLO22_Cafe_006-1-440x268.jpg
www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/02/ 16 KB
16 KB 150ms
149ms Image
image/jpeg 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/02/CLO22_Cafe_006-1-440x268.jpg

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f6fbf48c9e9866861a626ebeb3b7eeadb7e418d33c048116ee46343fad851e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 06 Feb 2023 16:55:22 GMT
x-rtag: RT
etag: "3fa9-5f40ae59b5ba3"
content-type: image/jpeg
tls_version: tls1.3
cache-control: max-age=31536000
ms-cv-esi: CASMicrosoftCVaa065a26.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa065a26.0
content-length: 16297
expires: Tue, 27 Feb 2024 08:27:34 GMT

GET
H2 200 focus-within.js Show response
www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/vendor/ 10 KB
4 KB 245ms
245ms Script
application/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/vendor/focus-within.js?ver=1.3.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c05536c0f0662d15af06f535b7e11931840fa8d5893debb0d69289d3f4b15d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 15:18:42 GMT
x-rtag: RT
etag: "289e-5f41da9b51880-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa0654d9.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa0654d9.0
content-length: 3288
expires: Wed, 29 Mar 2023 08:27:34 GMT

GET
H2 200 libgif.js Show response
www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/gifplayer/ 34 KB
9 KB 182ms
182ms Script
application/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/gifplayer/libgif.js?ver=1.3.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a96d53bba65b704f76446a222f42383a6099715b915ef05fff32f5be2634a014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 15:18:42 GMT
x-rtag: RT
etag: "8705-5f41da9b51880-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa065758.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa065758.0
content-length: 9145
expires: Wed, 29 Mar 2023 08:27:34 GMT

GET
H2 200 index.js Show response
www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/gifplayer/ 4 KB
2 KB 149ms
146ms Script
application/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/gifplayer/index.js?ver=1.3.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b724f99a651bf0de96412e969f2f35af6f88cbe210b0fd1fefb35f9ae2ffa305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 15:18:42 GMT
x-rtag: RT
etag: "109f-5f41da9b51880-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa065880.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa065880.0
content-length: 1507
expires: Wed, 29 Mar 2023 08:27:34 GMT

GET
H2 200 modernizr.js Show response
www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/bower_components/modernizer/ 50 KB
16 KB 149ms
146ms Script
application/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/bower_components/modernizer/modernizr.js?ver=2.8.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b828b15e9b7836b493a8bd6e832a24ee13aa8b6f8b4a1bf307a7af2912014178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 15:17:13 GMT
x-rtag: RT
etag: "c897-5f41da4671040-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa065954.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa065954.0
content-length: 15769
expires: Wed, 29 Mar 2023 08:27:34 GMT

GET
H2 200 mwf-auto-init-main.var.min.js Show response
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/ 303 KB
71 KB 342ms
340ms Script
application/x-javascript 2a02:26f0:f700:480::2957
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/mwf-auto-init-main.var.min.js?ver=v1.23.2+5182151

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:f700:480::2957 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

f2a28cd82e7ec00d2d8158f21fb0507722cd8b09fa4a0a16fadc58f30385cc25

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff, nosniff, nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff, nosniff, nosniff, nosniff
last-modified: Thu, 01 Feb 2018 02:22:29 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 12go4t01WZJhAGBag3beKQ==
etag: "0x8D5691AA4A3D407"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=900
accept-ranges: bytes
content-length: 71611
x-ms-lease-state: available

GET
H2 200 picturefill.min.js Show response
www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/bower_components/picturefill/dist/ 12 KB
5 KB 187ms
185ms Script
application/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/bower_components/picturefill/dist/picturefill.min.js?ver=3.0.3

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 15:17:13 GMT
x-rtag: RT
etag: "2e1f-5f41da4671040-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa065955.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa065955.0
content-length: 5171
expires: Wed, 29 Mar 2023 08:27:34 GMT

GET
H2 200 imagesloaded.min.js Show response
www.microsoft.com/en-us/security/blog/wp-includes/js/ 5 KB
2 KB 82ms
80ms Script
application/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
x-rtag: RT
etag: "15fd-5a7fbb57c37c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa065956.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa065956.0
content-length: 1834
expires: Wed, 29 Mar 2023 08:27:33 GMT

GET
H2 200 masonry.min.js Show response
www.microsoft.com/en-us/security/blog/wp-includes/js/ 24 KB
8 KB 189ms
187ms Script
application/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/js/masonry.min.js?ver=4.2.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
x-rtag: RT
etag: "5e4a-5a7fbb57c37c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa065957.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa065957.0
content-length: 7382
expires: Wed, 29 Mar 2023 08:27:34 GMT

GET
H2 200 project.min.js Show response
www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/scripts/ 6 KB
2 KB 222ms
220ms Script
application/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/scripts/project.min.js?ver=1675783033

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

682d50732b7337b57f5d67840f768b93e9a209ad11b6b71e208cca2d4f504b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 15:17:13 GMT
x-rtag: RT
etag: "19d5-5f41da4671040-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa065958.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa065958.0
content-length: 2006
expires: Wed, 29 Mar 2023 08:27:34 GMT

GET
H2 200 microsoft-uhf.js Show response
www.microsoft.com/en-us/security/blog/wp-content/plugins/microsoft-uhf/assets/ 3 KB
2 KB 222ms
220ms Script
application/javascript 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.4.0

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cffbae450bcad74d65019c0aa2bada046cdcf5f5fa4af699929838f58c7ff8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Feb 2023 15:18:42 GMT
x-rtag: RT
etag: "d4e-5f41da9b51880-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCVaa065959.0
accept-ranges: bytes
ms-cv: CASMicrosoftCVaa065959.0
content-length: 1370
expires: Wed, 29 Mar 2023 08:27:34 GMT

GET
H2 200 mwfmdl2-v3.54.woff
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ 26 KB
26 KB 110ms
110ms Font
application/font-woff 2a02:26f0:11a:398::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a:398::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/32-1b8b7c/74-888e54?ver=2.0&_cf=02242021_3231
Origin: https://www.microsoft.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

ms-operation-id: c8eea73e736cb1439143decad8832bf6
date: Mon, 27 Feb 2023 08:27:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 260054d8-9443-4b04-b2dd-082dec25ace4
tls_version: tls1.3
ms-cv-esi: CASMicrosoftCVaa065a27.0
ms-cv: CASMicrosoftCVaa065a27.0
content-length: 26288
x-xss-protection: 1; mode=block
last-modified: Tue, 02 Aug 2022 19:08:30 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-07-22T05:16:44.0000000Z}
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=17811769
x-appversion: 1.0.8237.38302
expires: Thu, 21 Sep 2023 12:10:23 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/ 29 KB
29 KB 198ms
36ms Font
font/woff2 2a02:26f0:f700:4b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
Requested by: Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

Referer: https://assets.onestore.ms/
Origin: https://www.microsoft.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "5b68d583e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=260135
accept-ranges: bytes
content-length: 29388
expires: Thu, 02 Mar 2023 08:43:09 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 293ms
133ms Font
font/woff2 2a02:26f0:f700:4b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by: Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer: https://assets.onestore.ms/
Origin: https://www.microsoft.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "588d483e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=259862
accept-ranges: bytes
content-length: 34052
expires: Thu, 02 Mar 2023 08:38:36 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf73ba8c24162c4cfd51b3b508b2bc0f8ee00cab13bec8f32b6fb6359be7d17

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 223 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 707c5b510b5712a82fd8bdf073a6d9860583931ee85f6ee7e2e735e81ae05d18

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/ 29 KB
30 KB 216ms
78ms Font
font/woff2 2a02:26f0:f700:4b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/latest.woff2
Requested by: Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b

Request headers

Referer: https://assets.onestore.ms/
Origin: https://www.microsoft.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
last-modified: Fri, 10 Jan 2020 19:09:42 GMT
etag: "83cce83e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=260040
accept-ranges: bytes
content-length: 30132
expires: Thu, 02 Mar 2023 08:41:34 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Light/ 27 KB
27 KB 244ms
118ms Font
font/woff2 2a02:26f0:f700:4b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Light/latest.woff2
Requested by: Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fe8a1047376498c80a157d13555e42a92ad480fcb0bcc9de51ad1930fbeb7f91

Request headers

Referer: https://assets.onestore.ms/
Origin: https://www.microsoft.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "1282d283e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=259178
accept-ranges: bytes
content-length: 27168
expires: Thu, 02 Mar 2023 08:27:12 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semilight/ 28 KB
28 KB 149ms
104ms Font
font/woff2 2a02:26f0:f700:4b1::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semilight/latest.woff2
Requested by: Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.1.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b1::356e Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6ba0d1a726f1887bd61727b308ed0be0e73edba17d4ad11b91ab19b632e078f6

Request headers

Referer: https://assets.onestore.ms/
Origin: https://www.microsoft.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "95edd883e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=261074
accept-ranges: bytes
content-length: 28908
expires: Thu, 02 Mar 2023 08:58:48 GMT

GET
H2 200 ms.shared.analytics.mectrl-3.2.6.gbl.min.js Show response
js.monitor.azure.com/scripts/c/ 88 KB
34 KB 156ms
54ms Script
text/javascript 2620:1ec:4f:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.6.gbl.min.js
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55

Request headers

Referer: https://www.microsoft.com/
Origin: https://www.microsoft.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
content-encoding: br
x-ms-meta-jssdkver: 3.2.6
last-modified: Thu, 18 Aug 2022 21:40:45 GMT
content-md5: RlzwH95FOkmm6gksZWAC+w==
etag: 0x8DA81624EF9033C
x-azure-ref: 0dmn8YwAAAACAwQqOaguiTYnSv9SZ36pZQU1TMDRFREdFMTgxNgBmMWNhNzNkNC04ODgzLTRjYWYtYWJkYy1mZTJkNTY3YWZiOTY=
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6ba2eb08-301e-006d-5584-4305b2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000, immutable, no-transform
x-ms-version: 2009-09-19

GET
H2 200 meBoot.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.23038.5/en-US/ 177 KB
33 KB 179ms
52ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.23038.5/en-US/meBoot.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

246e27bc1de424b2c903bcfc46afac7480e69db8d6f4af914a4e5bfaa22f289d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.microsoft.com/
Origin: https://www.microsoft.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 08:27:34 GMT
last-modified: Thu, 16 Feb 2023 20:57:40 GMT
etag: "1d9428c5c9238a3"
x-azure-ref: 0dmn8YwAAAADkTnvBsmEZQIssFWC8fdGwQU1TMDRFREdFMTgxNgBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ua-compatible: IE=edge

GET
DATA 200
OK truncated
/ 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK me.srf Show response
login.live.com/ Frame 9025 12 KB
7 KB 362ms
123ms Document
text/html 20.190.159.22
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=2ae6c2e0-48e4-4171-c71b-90803e10ebec&partnerId=mssecurity

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.23038.5/en-US/meBoot.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.159.22 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1f137d4ad1beff18239773ebe4afb4add52dc59af0b056e999314b158e306719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 4850
Content-Type: text/html; charset=utf-8
Date: Mon, 27 Feb 2023 08:27:34 GMT
Expires: Mon, 27 Feb 2023 08:26:35 GMT
Link: <https://logincdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer: PPV: 30 H: BL02PF2516DBB91 V: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-XSS-Protection: 1; mode=block
x-ms-request-id: 20316be4-67f0-4a77-8053-8fd060bd3c7d
x-ms-route-info: R3_BL2

GET
H2 200 meCore.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.23038.5/en-US/ 98 KB
16 KB 68ms
67ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.23038.5/en-US/meCore.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a5268a183f2a091d2d17773997e89a25fc45cbd60e586edf61f544fb85d6f6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.microsoft.com/
Origin: https://www.microsoft.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 27 Feb 2023 08:27:34 GMT
last-modified: Thu, 16 Feb 2023 20:57:48 GMT
etag: "1d9428c615427a1"
x-azure-ref: 0dmn8YwAAAAB+R6t/1gvmSbg+4h6Sxo/XQU1TMDRFREdFMTgxNgBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ua-compatible: IE=edge

GET
H2 200 RE4xdax
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 3 KB
3 KB 48ms
48ms Image
image/png 2a02:26f0:11a::217:9a60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4xdax

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:11a::217:9a60 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2176784dfc7c4beeacaecacbbc6b7a1f2f281f17ff0a3c644909c3b3849ed01e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 08:27:34 GMT
last-modified: Mon, 20 Feb 2023 13:45:18 GMT
x-resizerversion: 1.0
x-datacenter: northeu
x-source-length: 3094
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=235010
x-activityid: efd47b40-ccf5-4663-9e5e-53f5bed2c045
content-location: https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE4xdax
timing-allow-origin: *
content-length: 3094
expires: Thu, 02 Mar 2023 01:44:24 GMT

GET
H2 200 MeControl_C74eVDl9OPpw3SeGi1S0LA2.js Show response
logincdn.msftauth.net/16.000/content/js/ Frame 9025 17 KB
6 KB 110ms
16ms Script
application/x-javascript 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msftauth.net/16.000/content/js/MeControl_C74eVDl9OPpw3SeGi1S0LA2.js
Requested by: Host: login.live.com
URL: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=2ae6c2e0-48e4-4171-c71b-90803e10ebec&partnerId=mssecurity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C07) /
Resource Hash: 94b7b25eb9f88a3dfd84e704bdf6b93aa459841568fdb94ba06f1d629610c2ae

Request headers

Referer: https://login.live.com/
Origin: https://login.live.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 27 Feb 2023 08:27:35 GMT
content-encoding: gzip
content-md5: EIFafJzBxopRr+TjzV2Iig==
age: 1671019
x-cache: HIT
content-length: 6056
x-ms-lease-status: unlocked
last-modified: Thu, 02 Feb 2023 06:25:08 GMT
server: ECAcc (mil/6C07)
etag: 0x8DB04E63AE78256
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 49fb1fe5-501e-0024-7b52-3b4b78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 153 B
1 KB 707ms
176ms XHR
application/json 20.189.173.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.6 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

afc84031e2d24c232d2aa7ae60c0b360def6b372546c1884ee5dbb277e6872fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1677486455131
accept-language: it-IT,it;q=0.9
client-version: 1DS-Web-JS-3.2.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://www.microsoft.com/
apikey: cb68b8f590184975aa5eb4ed576fb074-e666ac9b-fa31-4339-8b9c-775f4bae31f3-6978
Client-Id: NO_AUTH

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 27 Feb 2023 08:27:35 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 1368
Access-Control-Allow-Methods: POST
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: application/json
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Content-Length: 153

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 764ms
177ms Preflight 20.189.173.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.6 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://www.microsoft.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Mon, 27 Feb 2023 08:27:35 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

GET
H2 200 mecache Show response
mem.gfx.ms/me/ Frame 51DD 3 KB
1 KB 143ms
143ms Document
text/html 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/me/mecache?partner=mssecurity&wreply=https%3A%2F%2Fwww.microsoft.com

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.23038.5/en-US/meBoot.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0e5e6a51911921473110b82b7b986b0b35be3ae52803de27b0c675206982222f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.microsoft.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: public, no-transform, max-age=43200
content-encoding: br
content-security-policy: frame-ancestors https://www.microsoft.com;
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 08:27:35 GMT
expires: Mon, 27 Feb 2023 20:27:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 0d2n8YwAAAADq1/XyHZCbTpQ2Ly3wvy+XQU1TMDRFREdFMTkyMABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_MISS
x-content-type-options: nosniff
x-ua-compatible: IE=edge

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 183ms
183ms Preflight 20.189.173.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.6 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://www.microsoft.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Mon, 27 Feb 2023 08:27:36 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 153 B
593 B 177ms
177ms XHR
application/json 20.189.173.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.6 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

f1f75609cf077ea73249203dd428e962f973790f4933b4c6bc1e4e3650548ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1677486456606
accept-language: it-IT,it;q=0.9
client-version: 1DS-Web-JS-3.2.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
time-delta-to-apply-millis: 1368
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://www.microsoft.com/
apikey: cb68b8f590184975aa5eb4ed576fb074-e666ac9b-fa31-4339-8b9c-775f4bae31f3-6978
Client-Id: NO_AUTH

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 27 Feb 2023 08:27:35 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 268
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 153

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.microsoft.com/	1970-01-20 18:43:42	Name: MicrosoftApplicationsTelemetryDeviceId Value: 203844fc-d557-4702-9912-523657e9c666
www.microsoft.com/	1970-01-20 09:58:08	Name: ai_session Value: 904oUSeZy3eM9R8c2YA6ig\|1677486454128\|1677486454128
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 2ae6c2e048e44171c71b90803e10ebec
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1677486455&co=1
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DSYZcIKUR3O6IVdTSlJpDnibUivh2PXb!Yu4mMONxJL3WvZLUOyn11VoWkoNzjDO57zIf1d7uktGHyS3SGu4pXKBNDtCpVL6jFkjTOKREAIMUGrjKZOQ3KtaJYm6jTo5Sa5Mp8MY7eBsofAOu2pdtej8sKuqWZ3tRO!URjznfNtMsn6gIfo7qMmt8bbo!k1TCWbvQNjiFMhVDsxSuboBkC7v2ynwjrY1Ju4cA5!y7*i80sNP6Sl3S0e2PNRmrqkii13SKHVDw328eqUj0OADU$
.microsoft.com/	1970-01-20 18:43:42	Name: MC1 Value: GUID=287a77639de74711a1c3b30aff5eebcc&HASH=287a&LV=202302&V=4&LU=1677486456499
.microsoft.com/	1970-01-20 09:58:08	Name: MS0 Value: a42c402c44414055b2138f06deca7675
www.microsoft.com/	1970-01-20 18:43:42	Name: MSFPC Value: GUID=287a77639de74711a1c3b30aff5eebcc&HASH=287a&LV=202302&V=4&LU=1677486456499

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aka.ms
assets.onestore.ms
browser.events.data.microsoft.com
c.s-microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
js.monitor.azure.com
login.live.com
logincdn.msftauth.net
mem.gfx.ms
statics-marketingsites-eus-ms-com.akamaized.net
wcpstatic.microsoft.com
www.microsoft.com
104.108.184.217
192.229.221.185
2.18.79.144
20.189.173.6
20.190.159.22
2620:1ec:4e:1::44
2620:1ec:4f:1::44
2a02:26f0:11a:398::356e
2a02:26f0:11a::217:9a60
2a02:26f0:f700:480::2957
2a02:26f0:f700:4b1::356e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03b0e20639e3092f188a084825f9496383266f030dbe88edb0bda50d79c318ad
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
0e5e6a51911921473110b82b7b986b0b35be3ae52803de27b0c675206982222f
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
14bc892aff22a1998743df7de326750231ec0592917c70c5a9e5478fea456409
1f137d4ad1beff18239773ebe4afb4add52dc59af0b056e999314b158e306719
2176784dfc7c4beeacaecacbbc6b7a1f2f281f17ff0a3c644909c3b3849ed01e
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
246e27bc1de424b2c903bcfc46afac7480e69db8d6f4af914a4e5bfaa22f289d
2bf73ba8c24162c4cfd51b3b508b2bc0f8ee00cab13bec8f32b6fb6359be7d17
2c93857215d7969c1ec912da76d69f2b5d06faa104a4597bd97c97277f8b2583
3f9133661081aceb9b5e1e10aa17a87e4b7db93609497be50b677477fb5a050c
4919e80f038d2b93f1184d1733ac35009643481735c7bc7aa31d8b56e118fc04
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
644bc58ea314f0b02f8bef2799ef7068a7ec21531543ac67f130e851480b3bda
682d50732b7337b57f5d67840f768b93e9a209ad11b6b71e208cca2d4f504b27
6ba0d1a726f1887bd61727b308ed0be0e73edba17d4ad11b91ab19b632e078f6
707c5b510b5712a82fd8bdf073a6d9860583931ee85f6ee7e2e735e81ae05d18
7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
8a13eda4650628c3b24edd6b407cfedf1821188701430545bc17ccf7fe0083ac
92d0e23d0357d3f819948bb7f1b03ac4fee2bb0177dd4dfb5bf5d590a0366cb1
94b7b25eb9f88a3dfd84e704bdf6b93aa459841568fdb94ba06f1d629610c2ae
a5268a183f2a091d2d17773997e89a25fc45cbd60e586edf61f544fb85d6f6a8
a7da67be429bd1f7895e92d8090dae677407921a7d48f32b6f89d1f63fc323bb
a96d53bba65b704f76446a222f42383a6099715b915ef05fff32f5be2634a014
afc84031e2d24c232d2aa7ae60c0b360def6b372546c1884ee5dbb277e6872fe
b1d83c2d49c49ea38d578afa752aaec44a86d069d6ce2d54460e2612fc31a102
b201ab52de2c92539f7a276b6cf170b1bdf0f3705f1b6ab9597517d030afefe4
b724f99a651bf0de96412e969f2f35af6f88cbe210b0fd1fefb35f9ae2ffa305
b828b15e9b7836b493a8bd6e832a24ee13aa8b6f8b4a1bf307a7af2912014178
c05536c0f0662d15af06f535b7e11931840fa8d5893debb0d69289d3f4b15d6c
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cf186f15996f1f201512c3576307588ecbf1e4d62daa72aa678b8222d6c652f8
cffbae450bcad74d65019c0aa2bada046cdcf5f5fa4af699929838f58c7ff8c2
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e6a4745850773a79c8b5f9101f69147afd055be2f450d34dc1599599b066cca0
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
f174b3ce00dc0ef25fe0867dae1da92a595c50f730dbe2cd1fd7f29546034e81
f1f75609cf077ea73249203dd428e962f973790f4933b4c6bc1e4e3650548ee8
f2a28cd82e7ec00d2d8158f21fb0507722cd8b09fa4a0a16fadc58f30385cc25
f6fbf48c9e9866861a626ebeb3b7eeadb7e418d33c048116ee46343fad851e0a
fe8a1047376498c80a157d13555e42a92ad480fcb0bcc9de51ad1930fbeb7f91
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.microsoft.com Open in urlscan Pro 2a02:26f0:11a:398::356e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

55 %IPv6

9 Domains

12 Subdomains

11 IPs

4 Countries

1018 kBTransfer

3346 kBSize

8 Cookies

115 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.microsoft.com Open in urlscan Pro
2a02:26f0:11a:398::356e Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

12
Subdomains

11
IPs

4
Countries

1018 kB
Transfer

3346 kB
Size

8
Cookies

50 HTTP transactions
3 data transactions