www.microsoft.com Open in urlscan Pro
2a02:26f0:6c00:187::356e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Emali.A!cl&threatid=2147728322&enterprise=1
Effective URL:
https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
Submission: On October 02 via manual (October 2nd 2018, 4:51:57 pm UTC) from US

Summary HTTP 61 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 8 domains to perform 61 HTTP transactions. The main IP is 2a02:26f0:6c00:187::356e, located in European Union and belongs to AKAMAI-ASN1, US. The main domain is www.microsoft.com.
TLS certificate: Issued by Microsoft IT TLS CA 4 on January 16th 2018. Valid for: 2 years.

This is the only time www.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:6c0... 2a02:26f0:6c00:29c::2c1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00:183::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 6	2a02:26f0:6c0... 2a02:26f0:6c00:187::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
14	2a02:26f0:6c0... 2a02:26f0:6c00:28b::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:6c0... 2a02:26f0:6c00:2bd::2957	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a02:26f0:6c0... 2a02:26f0:6c00:19b::37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a02:26f0:6c0... 2a02:26f0:6c00:292::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4998:58:... 2001:4998:58:4904::4000	26101 (YAHOO-3) (YAHOO-3 - Yahoo!)
3	2a02:26f0:6c0... 2a02:26f0:6c00:299::2b57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:9::1 2620:1ec:9::1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba21	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
61	14

1 2a02:26f0:6c00:29c::2c1a (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)

go.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:183::356e (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:187::356e (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 152.199.19.160 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:26f0:6c00:28b::356e (European Union)

ASN20940 (AKAMAI-ASN1, US)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:2bd::2957 (European Union)

ASN20940 (AKAMAI-ASN1, US)

assets.onestore.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba10 (European Union)

ASN20940 (AKAMAI-ASN1, US)

statics-uhf-eas.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:19b::37 (European Union)

ASN20940 (AKAMAI-ASN1, US)

mem.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba1b (European Union)

ASN20940 (AKAMAI-ASN1, US)

img-prod-cms-rt-microsoft-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:6c00:292::356e (European Union)

ASN20940 (AKAMAI-ASN1, US)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4998:58:4904::4000 (United States)

ASN26101 (YAHOO-3 - Yahoo!, US)

query.yahooapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:299::2b57 (European Union)

ASN20940 (AKAMAI-ASN1, US)

uhf.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:9::1 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba21 (European Union)

ASN20940 (AKAMAI-ASN1, US)

statics-uhf-eus.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	s-microsoft.com c.s-microsoft.com	462 KB
13	microsoft.com 3 redirects go.microsoft.com www.microsoft.com uhf.microsoft.com web.vortex.data.microsoft.com	80 KB
11	akamaized.net statics-uhf-eas.akamaized.net img-prod-cms-rt-microsoft-com.akamaized.net statics-uhf-eus.akamaized.net	117 KB
6	gfx.ms mem.gfx.ms	51 KB
4	onestore.ms assets.onestore.ms	220 KB
4	aspnetcdn.com ajax.aspnetcdn.com	220 KB
2	live.com login.live.com
1	yahooapis.com query.yahooapis.com	3 KB
61	8

	Domain	Requested by
22	c.s-microsoft.com	www.microsoft.com c.s-microsoft.com
7	www.microsoft.com	2 redirects www.microsoft.com c.s-microsoft.com statics-uhf-eus.akamaized.net
6	mem.gfx.ms	www.microsoft.com mem.gfx.ms
5	img-prod-cms-rt-microsoft-com.akamaized.net	www.microsoft.com
4	assets.onestore.ms	www.microsoft.com
4	ajax.aspnetcdn.com	www.microsoft.com
3	statics-uhf-eus.akamaized.net	www.microsoft.com
3	uhf.microsoft.com	www.microsoft.com
3	statics-uhf-eas.akamaized.net	www.microsoft.com
2	web.vortex.data.microsoft.com	mem.gfx.ms
2	login.live.com	ajax.aspnetcdn.com
1	query.yahooapis.com	c.s-microsoft.com
1	go.microsoft.com	1 redirects
61	13

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
cloudblogs.microsoft.com
support.microsoft.com
azure.microsoft.com
products.office.com
dynamics.microsoft.com
powerbi.microsoft.com
visualstudio.microsoft.com
docs.microsoft.com
technet.microsoft.com
msdn.microsoft.com
developer.microsoft.com
fasttrack.microsoft.com
partner.microsoft.com
partnercenter.microsoft.com
enterprise.microsoft.com
appsource.microsoft.com
azuremarketplace.microsoft.com
events.microsoft.com
www.xbox.com
store.office.com
account.microsoft.com
channel9.msdn.com
careers.microsoft.com
news.microsoft.com
privacy.microsoft.com
choice.microsoft.com

Subject Issuer	Validity	Valid
www.microsoft.com Microsoft IT TLS CA 4	`2018-01-16` - `2020-01-16`	2 years	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
wildcard.onestore.ms Microsoft IT TLS CA 5	`2018-01-23` - `2020-01-23`	2 years	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-01-23` - `2019-01-19`	a year	crt.sh
mem.gfx.ms Microsoft IT TLS CA 2	`2018-02-05` - `2020-02-05`	2 years	crt.sh
*.ue.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-08-28` - `2019-02-28`	6 months	crt.sh
unistore.www.microsoft.com Microsoft IT TLS CA 5	`2018-01-25` - `2020-01-25`	2 years	crt.sh
*.login.live.com Microsoft IT TLS CA 2	`2018-06-29` - `2020-06-29`	2 years	crt.sh
*.vortex.data.microsoft.com Microsoft IT TLS CA 5	`2018-01-30` - `2020-01-30`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
Frame ID: B8697CE4B7047C40A570815CB462042B
Requests: 58 HTTP requests in this frame

Frame: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=7ab201ff-9229-4562-0cdc-93d0dbb121eb&partnerId=mssecurityportal
Frame ID: D3173D32C25D1D96335A0E39A8A94159
Requests: 1 HTTP requests in this frame

Frame: https://www.microsoft.com/store/buy/cartcount
Frame ID: ED1106890CC69DBF4365B28AC7844FCB
Requests: 1 HTTP requests in this frame

Frame: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=7ab201ff-9229-4562-0cdc-93d0dbb121eb&partnerId=mssecurityportal
Frame ID: 3BF0B4B718FCB7A4B7984544BE7BD5A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Emali.A!cl&threatid=214772832... HTTP 302
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?amp;name=Trojan%3aWin32%2fEma... HTTP 301
https://www.microsoft.com/en-us/security/portal/Threat/Encyclopedia/Entry.aspx?amp;name=Trojan%3aWin32... HTTP 301
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%... Page URL
https://www.microsoft.com/en-us/wdsi/threats/threat-search?query= Page URL

Detected technologies

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Modernizr$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

61
Requests

98 %
HTTPS

87 %
IPv6

8
Domains

13
Subdomains

14
IPs

3
Countries

1152 kB
Transfer

4010 kB
Size

3
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: https://go.microsoft.com/fwlink/?linkid=845480
Title: Learn more

Search URL Search Domain Scan URL

URL: https://cloudblogs.microsoft.com/microsoftsecure/?product=windows,windows-defender-advanced-threat-protection
Title: Blogs

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/help/17466/windows-defender-offline-help-protect-my-pc
Title: Windows Defender Offline

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/
Title: Azure

Search URL Search Domain Scan URL

URL: https://products.office.com/en-us/business/office
Title: Office 365

Search URL Search Domain Scan URL

URL: https://dynamics.microsoft.com/en-us/
Title: Dynamics 365

Search URL Search Domain Scan URL

URL: https://powerbi.microsoft.com/en-us/
Title: Power BI

Search URL Search Domain Scan URL

URL: https://products.office.com/en-us/microsoft-teams/group-chat-software
Title: Teams

Search URL Search Domain Scan URL

URL: https://visualstudio.microsoft.com/
Title: Visual Studio

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/services/cognitive-services/
Title: Azure Cognitive Services

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/
Title: Docs

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us/ms376608.aspx
Title: TechNet

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us
Title: Developer Network

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/en-us/windows
Title: Windows Dev Center

Search URL Search Domain Scan URL

URL: https://fasttrack.microsoft.com/office
Title: FastTrack

Search URL Search Domain Scan URL

URL: https://partner.microsoft.com/
Title: Partner Network

Search URL Search Domain Scan URL

URL: https://partnercenter.microsoft.com/partner/home
Title: Partner Center

Search URL Search Domain Scan URL

URL: https://enterprise.microsoft.com/en-us
Title: Financial services

Search URL Search Domain Scan URL

URL: https://enterprise.microsoft.com/en-us/industries/government/
Title: Government

Search URL Search Domain Scan URL

URL: https://enterprise.microsoft.com/en-us/industries/health/
Title: Health

Search URL Search Domain Scan URL

URL: https://enterprise.microsoft.com/en-us/industries/discrete-manufacturing/
Title: Manufacturing & resources

Search URL Search Domain Scan URL

URL: https://enterprise.microsoft.com/en-us/industries/retail-and-consumer-goods/
Title: Retail

Search URL Search Domain Scan URL

URL: https://appsource.microsoft.com/
Title: AppSource

Search URL Search Domain Scan URL

URL: https://azuremarketplace.microsoft.com/marketplace/
Title: Azure Marketplace

Search URL Search Domain Scan URL

URL: https://events.microsoft.com/
Title: Events

Search URL Search Domain Scan URL

URL: https://cloudblogs.microsoft.com/microsoftsecure/2018/09/27/out-of-sight-but-not-invisible-defeating-fileless-malware-with-behavior-monitoring-amsi-and-next-gen-av/
Title: Read the blog post

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/help/4021566/windows-10-send-feedback-to-microsoft-with-feedback-hub-app
Title: use the Feedback Hub app

Search URL Search Domain Scan URL

URL: https://www.xbox.com/en-us/xbox-one-x
Title: Xbox One X

Search URL Search Domain Scan URL

URL: https://www.xbox.com/en-us/xbox-one-s?xr=shellnav
Title: Xbox One S

Search URL Search Domain Scan URL

URL: https://store.office.com/en-us/appshome.aspx
Title: Office apps

Search URL Search Domain Scan URL

URL: https://account.microsoft.com/
Title: Account profile

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/p/?LinkID=824761&clcid=0x409
Title: Sales & support

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/p/?LinkID=824764&clcid=0x409
Title: Returns

Search URL Search Domain Scan URL

URL: https://account.microsoft.com/orders
Title: Order tracking

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://products.office.com/en-us/academic/compare-office-365-education-plans
Title: Office 365 for schools

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/community/education/
Title: Microsoft Azure in education

Search URL Search Domain Scan URL

URL: https://enterprise.microsoft.com/en-us/
Title: Enterprise

Search URL Search Domain Scan URL

URL: https://partner.microsoft.com/en-us/
Title: Microsoft partner resources

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=808093
Title: Microsoft AppSource

Search URL Search Domain Scan URL

URL: https://technet.microsoft.com/en-us
Title: TechNet

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/en-us/store/register
Title: Microsoft developer program

Search URL Search Domain Scan URL

URL: https://channel9.msdn.com/
Title: Channel 9

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/en-us/office
Title: Office Dev Center

Search URL Search Domain Scan URL

URL: https://careers.microsoft.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://news.microsoft.com/
Title: Company news

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-us
Title: Privacy at Microsoft

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/contactus
Title: Contact us

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy & cookies

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=206977
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://choice.microsoft.com/
Title: About our ads

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Emali.A!cl&threatid=2147728322&enterprise=1 HTTP 302
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1 HTTP 301
https://www.microsoft.com/en-us/security/portal/Threat/Encyclopedia/Entry.aspx?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1 HTTP 301
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1 Page URL
https://www.microsoft.com/en-us/wdsi/threats/threat-search?query= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Emali.A!cl&threatid=2147728322&enterprise=1 HTTP 302
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1 HTTP 301
https://www.microsoft.com/en-us/security/portal/Threat/Encyclopedia/Entry.aspx?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1 HTTP 301
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

malware-encyclopedia-description Show response
www.microsoft.com/en-us/wdsi/threats/
Redirect Chain

https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Emali.A!cl&threatid=2147728322&enterprise=1
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
https://www.microsoft.com/en-us/security/portal/Threat/Encyclopedia/Entry.aspx?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

98 KB
19 KB

1037ms
1037ms

Document
text/html

2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:187::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

64ae8a57b297a2702fd2cbd26944b2f9538af5723dd6a5017e05c9b4a4c8e102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.microsoft.com
:scheme: https
:path: /en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
cache-control: no-store, no-cache
pragma: no-cache
content-type: text/html
expires: -1
correlationvector: PcovgkJ+SkSZRdFg.1.1
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
x-edgeconnect-origin-mex-latency: 969
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 02 Oct 2018 16:51:44 GMT
content-length: 18633
set-cookie: MS-CV=PcovgkJ+SkSZRdFg.1; domain=.microsoft.com; expires=Wed, 03-Oct-2018 16:51:43 GMT; path=/
strict-transport-security: max-age=31536000
x-rtag: RT

Redirect headers

status: 301
content-type: text/html; charset=UTF-8
location: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
content-length: 286
x-edgeconnect-origin-mex-latency: 101
expires: Tue, 02 Oct 2018 16:51:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 02 Oct 2018 16:51:43 GMT
strict-transport-security: max-age=31536000
x-rtag: RT

GET
S 200 jquery-1.9.0.js Show response
ajax.aspnetcdn.com/ajax/jquery/ 261 KB
78 KB 33ms
7ms Script
application/javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery/jquery-1.9.0.js

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8F6B) /

Resource Hash

4d7b01c2f6043bcee83a33d0f627dc6fbc27dc8aeb5bdd5d863e84304b512ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 79430
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:11:01 GMT
server: ECAcc (frc/8F6B)
etag: "8030b6bcc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
S 200 script.jsx Show response
c.s-microsoft.com/en-us/CMSScripts/ 91 KB
33 KB 61ms
12ms Script
text/javascript 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=7F1B8B51-548D-40BB-E21B-D19E5566BF14

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

d5d00ecb9c3653b408e8428d2b615f4894ba8feaaa6a54ee615da9206305af79

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
etag: "eDamNWW9B62D6y7Trtm5lw=="
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: private, max-age=229053
access-control-allow-credentials: true
content-type: text/javascript
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 33426
expires: Fri, 05 Oct 2018 08:29:17 GMT

GET
S 200 mwf-west-european-default.min.css
assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/css/ 451 KB
51 KB 191ms
30ms Stylesheet
text/css 2a02:26f0:6c00:2bd::2957
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/css/mwf-west-european-default.min.css

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:2bd::2957 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

762ad81ce4c3cd8c5dd0d27e92eb5ead4c2987a05ea4d0456c0dca85e7389258

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff, nosniff

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff, nosniff, nosniff
last-modified: Tue, 13 Dec 2016 03:14:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 50ZDg2/ftI5J+FFD+WWnTQ==
status: 200
etag: "0x8D4230638E65517"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges
cache-control: max-age=31536000
accept-ranges: bytes
x-ms-lease-state: available

GET
H/1.1 200
OK 17-1042c1
statics-uhf-eas.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/ec-f8ec33/b7-01890e/67-f66a05/bb-33df2f/d6-3f8236/1c-14fb9c/8e-0f0147/ 157 KB
21 KB 52ms
6ms Stylesheet
text/css 2a02:26f0:6c00::210:ba10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://statics-uhf-eas.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/ec-f8ec33/b7-01890e/67-f66a05/bb-33df2f/d6-3f8236/1c-14fb9c/8e-0f0147/17-1042c1?ver=2.0

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00::210:ba10 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4a9b594ca8257d5fbd03c09218a9d5c40f8e1a05a9822409a20f2bdde862c695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 16:51:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-S2: 2018-08-21T19:24:04
P3P: CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id: a475a0ff-6f2e-4761-91f8-909ec635524e
X-S1: 2018-08-21T19:24:04
Connection: keep-alive
MS-CV: DXZ0GmQ+jU6kEDQG.0
Content-Length: 21170
X-XSS-Protection: 1
Last-Modified: Tue, 21 Aug 2018 19:24:04 GMT
Server: Microsoft-IIS/10.0
X-Az: {did:ae2b27ee78ae4971a618f3ab62c21a8f, rid: 3, sn: uhf-eas-prod, dt: 2018-07-29T12:18:20.2720119Z, bt: 2018-08-20T19:20:02.0000000Z}
Vary: Accept-Encoding
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=27916366
Timing-Allow-Origin: *
X-AppVersion: 1.0.6806.34801
Expires: Wed, 21 Aug 2019 19:24:30 GMT

GET
H/1.1 200
OK override.css
statics-uhf-eas.akamaized.net/statics/ 476 B
863 B 51ms
5ms Stylesheet
text/css 2a02:26f0:6c00::210:ba10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://statics-uhf-eas.akamaized.net/statics/override.css?c=4
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba10 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1847e42e29f06597236c9e85b74250931c1400e7927bc4bb14572dd8bcd2670b

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Oct 2018 16:51:44 GMT
Last-Modified: Tue, 07 Aug 2018 22:04:59 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D5FCB1D155BCBF
Content-Type: text/css
x-ms-request-id: 5a89d156-a01e-0066-1184-398a33000000
x-ms-version: 2009-09-19
Connection: keep-alive
Content-Length: 476

GET
S 200 mscc-0.4.1.min.css
c.s-microsoft.com/mscc/statics/ 1 KB
934 B 55ms
6ms Stylesheet
text/css 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.css
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 02 Oct 2018 16:51:44 GMT
content-encoding: gzip
last-modified: Mon, 10 Sep 2018 17:42:23 GMT
content-md5: 2MKxgMQLzH/8vixotX2Pog==
status: 200
etag: 0x8D61744C3ED0073
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 41f924a0-901e-0090-04fe-4986d4000000
x-ms-version: 2009-09-19
content-length: 627

GET
S 200 style.csx
c.s-microsoft.com/en-us/CMSStyles/ 128 KB
21 KB 55ms
6ms Stylesheet
text/css 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/en-us/CMSStyles/style.csx?k=3c9ade18-bc6a-b6bd-84c3-fc69aaaa7520_899796fc-1ab6-ed87-096b-4f10b915033c_e8d8727e-02f3-1a80-54c3-f87750a8c4de_6e5b2ac7-688a-4a18-9695-a31e8139fa0f_b3dad3e4-0853-1041-fa46-2e9d6598a584_fc29d27f-7342-9cf3-c2b5-a04f30605f03_28863b11-6a1b-a28c-4aab-c36e3deb3375_907fa087-b443-3de8-613e-b445338dad1f_a66bb9d1-7095-dfc6-5a12-849441da475c_1b0ca1a3-6da9-0dbf-9932-198c9f68caeb_ef11258b-15d1-8dab-81d5-8d18bc3234bc_11339d5d-cf04-22ad-4987-06a506090313_50edf96d-7437-c38c-ad33-ebe81b170501_8031d0e3-4981-8dbc-2504-bbd5121027b7_3f0c3b77-e132-00a5-3afc-9a2f141e9eae_aebeacd9-6349-54aa-9608-cb67eadc2d17_0cdb912f-7479-061d-e4f3-bea46f10a753_343d1ae8-c6c4-87d3-af9d-4720b6ea8f34_a905814f-2c84-2cd4-839e-5634cc0cc383_190a3885-bf35-9fab-6806-86ce81df76f6_05c744db-5e3d-bcfb-75b0-441b9afb179b_8beffb66-d700-2891-2c8d-02e40c7ac557_f97e06f1-0a5a-580f-1d0e-fbf8beb2474c_98743321-7374-6d09-d24b-e6136cbb7941

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

61c8aa36e474ad8fedab9a601c1b96c99a371bd5693714065d25385491442ee3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
etag: "PU7dUcH9/O1e25xQSss07Q=="
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: private, max-age=288900
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 21109
expires: Sat, 06 Oct 2018 01:06:44 GMT

GET
S 200 jquery-1.9.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 90 KB
32 KB 38ms
13ms Script
application/javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8F2A) /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 32857
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:11:01 GMT
server: ECAcc (frc/8F2A)
etag: "8030b6bcc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 8f-d24839 Show response
statics-uhf-eas.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/2f-2c5417/db-bc01... 110 KB
30 KB 51ms
6ms Script
text/javascript 2a02:26f0:6c00::210:ba10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://statics-uhf-eas.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/2f-2c5417/db-bc0148/bc-5b77d5/78-4c7d22/df-e4d70f/e4-8302f6/cd-23d3b0/6d-1e7ed0/b7-cadaa7/ca-40b7b0/c3-6454d7/f9-7592d3/db-2792b1/f9-fa0ea3/7e-cda2d3/32-6dafa3/b0-8ba565/e0-3c9860/91-97a04f/1f-100dea/33-abe4df/85-2572bb/8f-d24839?ver=2.0&iife=1

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00::210:ba10 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

1d67692b4ae730d72bba373c2dc4781dc5cadad521d282884fe730b7f007984e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 16:51:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-S2: 2018-08-21T19:20:24
P3P: CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id: 1fabc6a0-fc9a-4037-9be8-0bea6e06c57c
X-S1: 2018-08-21T19:20:24
Connection: keep-alive
MS-CV: WznbffJu/UWxVoD5.0
Content-Length: 30180
X-XSS-Protection: 1
Last-Modified: Tue, 21 Aug 2018 19:20:24 GMT
Server: Microsoft-IIS/10.0
X-Az: {did:ae2b27ee78ae4971a618f3ab62c21a8f, rid: 3, sn: uhf-eas-prod, dt: 2018-07-29T12:18:20.2720119Z, bt: 2018-08-20T19:20:02.0000000Z}
Vary: Accept-Encoding
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=27916122
Timing-Allow-Origin: *
X-AppVersion: 1.0.6806.34801
Expires: Wed, 21 Aug 2019 19:20:26 GMT

GET
H/1.1 200
OK meversion Show response
mem.gfx.ms/ 11 KB
5 KB 55ms
7ms Script
application/javascript 2a02:26f0:6c00:19b::37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mem.gfx.ms/meversion?partner=MSSecurityPortal&market=en-us&uhf=1
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19b::37 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: c6bdda35b04862bf5ed7bbf792b41eefa3abcbc06120521ee2a4b4d860d46783

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Version: 0.0.0.0
Date: Tue, 02 Oct 2018 16:51:44 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Expires: Wed, 03 Oct 2018 05:24:35 GMT
Cache-Control: public, no-transform, max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 4247
X-Served-By: pf9lIoUwb1c5L8VCNx/TlqcvMzCinZpKBelPAR44w/uqw9adRouBVOJoI5DbTKTJ

GET
S 200 mscc-0.4.1.min.js Show response
c.s-microsoft.com/mscc/statics/ 3 KB
2 KB 67ms
18ms Script
text/javascript 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.js
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 02 Oct 2018 16:51:44 GMT
content-encoding: gzip
last-modified: Mon, 10 Sep 2018 17:42:12 GMT
content-md5: XpofSqMdSqYPb4maLkXO+A==
status: 200
etag: 0x8D61744BD6EA9B6
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9fc6c4bd-001e-003f-1afe-49a444000000
x-ms-version: 2009-09-19
content-length: 1588

GET
S 200 script.jsx Show response
c.s-microsoft.com/en-us/CMSScripts/ 126 KB
34 KB 61ms
12ms Script
text/javascript 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=0502864a-b6ef-2f14-9f8e-267004d3a4e0_c5ea3348-55af-729a-2641-14f0312bacf3_742bd11f-3d7c-9955-3df5-f02b66689699_cb9d43d2-fbae-5b5c-827f-72166d6b87fc_49488e0d-6ae2-5101-c995-f4d56443b1d8_7dea7b90-4334-c043-b252-9f132d19ee19_38aa9ffb-ddb5-75be-6536-a58628f435f5_e3e65a0a-c133-43e7-571d-2293e03f85e6_c7a4393f-7c9b-39d3-762d-af461a6d6564_4ca0e9dc-a4de-17ba-f0de-d1d346cb99e2_06310cd8-41c6-3b11-4645-b4884789ed70_5c27e8aa-9347-969e-39ac-37a4de428a8d_d6872b5a-5310-a73c-7cb3-227a3213a1c5_be92d794-4118-193f-9871-58b72092a5ac_64c742e2-b29c-b6c1-fdd9-accf33ec40bd_cf2ceca9-3467-a5b3-d095-68958eee6d4c_cec39dd8-f1d3-56f1-abfc-a7db34ff7b46_ec5fa2c9-3950-ff57-a5c3-1fa77e0db190_d19f9592-65df-bcc9-e30e-439b875c3381_76a3d06f-f11f-77ef-9bfd-6227ba750200_5e1caa45-461c-3b04-f88b-8cd50af16db5_c2dceda8-20b4-7d3f-13b6-9cac67d7df17_914fa41b-cc86-d3b0-4e15-2fdfa357bcc7_40c6c884-da6e-7c2c-081f-4a7dfe7c7245_06147d0a-1719-8e3b-c749-d86ff2a860c7_2afb53cb-cccc-c3fc-e7eb-990fce9ac3b0

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

ae5003545ac514b5fd86ecd9eaeb0db79b3093be90e8917e1b8a3b5a20759543

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
etag: "9niA2M/D2RvC+2eQZMwIgA=="
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: private, max-age=288367
access-control-allow-credentials: true
content-type: text/javascript
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 34542
expires: Sat, 06 Oct 2018 00:57:51 GMT

GET
S 200 RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 4 KB
4 KB 40ms
6ms Image
image/png 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-cms-cdninvalkey: am:RE1Mu3b
date: Tue, 02 Oct 2018 16:51:44 GMT
x-aspnet-version: 4.0.30319
x-source-length: 4054
x-powered-by: ASP.NET
status: 200
x-activityid: b77875d7-766c-4a4d-8b6e-52b647571e70
content-location: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
x-deployment: a89a5014e89c41b7b60a64d7ee950637
content-length: 4054
last-modified: Sat, 29 Sep 2018 21:30:55 GMT
server: Microsoft-IIS/10.0
x-datacenter: NorthEU
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=189521
x-instance: Resizer.Web_IN_1
timing-allow-origin: *
expires: Thu, 04 Oct 2018 21:30:25 GMT

GET
S 200 script.jsx Show response
c.s-microsoft.com/en-us/CMSScripts/ 5 KB
2 KB 66ms
19ms Script
text/javascript 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=6db6281e-906e-7476-9f13-46bbbe9de347_c5b6c48d-bb3c-06df-bcee-b82aeeddbda1_2b326cdb-063a-b229-e01a-c68419b182fb_a0e8a600-b2fc-705e-c3d1-c7dd4c37cd5f_75734061-a6fe-6ecf-b974-38c17d4da337

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

8ec07a8dfc71ada312bac8f2be4a67a5dfbbcaadb3d6941913132aa8c088b469

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
etag: "DXYt7BtIdbCYuzL01Ua9AQ=="
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: private, max-age=220535
access-control-allow-credentials: true
content-type: text/javascript
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 1605
expires: Fri, 05 Oct 2018 06:07:19 GMT

GET
S 200 script.jsx Show response
c.s-microsoft.com/en-us/CMSScripts/ 965 B
1 KB 17ms
16ms Script
text/javascript 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=061cded8-d150-4292-af9e-1c7898ae93da

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

70e7960998ae22ad4e8ce45b5b94d55fb9a79c4c5fda4f55fbe557516cfe71b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
etag: "zdK9zZSP2cvXeUQCnLf2EA=="
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: private, max-age=289652
access-control-allow-credentials: true
content-type: text/javascript
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 619
expires: Sat, 06 Oct 2018 01:19:16 GMT

GET
S 200 RW70Fu
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 293 B
735 B 12ms
10ms Image
image/png 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RW70Fu?ver=3fd4
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1ffa31e129f7c7aa84788e0dde8aa355a8c1d00637ebdb5a0109a8f72f09bdc8

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-cms-cdninvalkey: am:RW70Fu
date: Tue, 02 Oct 2018 16:51:44 GMT
x-aspnet-version: 4.0.30319
x-source-length: 293
x-powered-by: ASP.NET
status: 200
x-activityid: c7b39658-adfc-4a73-8f89-4133975fbd69
content-location: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RW70Fu?ver=3fd4
x-deployment: a89a5014e89c41b7b60a64d7ee950637
content-length: 293
last-modified: Sat, 29 Sep 2018 04:58:57 GMT
server: Microsoft-IIS/10.0
x-datacenter: NorthEU
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=130058
x-instance: Resizer.Web_IN_1
timing-allow-origin: *
expires: Thu, 04 Oct 2018 04:59:22 GMT

GET
S 200 RW6L4x
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 566 B
1008 B 11ms
11ms Image
image/png 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RW6L4x?ver=e91c
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3ea6781ec4d04de9dd081bc1141ea4404a796010f7e03b07ebd9c5654d8573e0

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-cms-cdninvalkey: am:RW6L4x
date: Tue, 02 Oct 2018 16:51:44 GMT
x-aspnet-version: 4.0.30319
x-source-length: 566
x-powered-by: ASP.NET
status: 200
x-activityid: 1b51fad3-890a-4c94-841f-e5d8b0953cb1
content-location: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RW6L4x?ver=e91c
x-deployment: a89a5014e89c41b7b60a64d7ee950637
content-length: 566
last-modified: Sat, 29 Sep 2018 06:18:34 GMT
server: Microsoft-IIS/10.0
x-datacenter: NorthEU
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=134760
x-instance: Resizer.Web_IN_2
timing-allow-origin: *
expires: Thu, 04 Oct 2018 06:17:44 GMT

GET
S 200 RW6L4w
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 531 B
974 B 6ms
5ms Image
image/png 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RW6L4w?ver=b434
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6375ab53676c688ccb3e28ce9a511a87c810618100cbdc4f6740d06b18171e78

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-cms-cdninvalkey: am:RW6L4w
date: Tue, 02 Oct 2018 16:51:44 GMT
x-aspnet-version: 4.0.30319
x-source-length: 531
x-powered-by: ASP.NET
status: 200
x-activityid: 3eeea3b6-22c9-40c1-b97d-ec540a9b7d9d
content-location: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RW6L4w?ver=b434
x-deployment: a89a5014e89c41b7b60a64d7ee950637
content-length: 531
last-modified: Mon, 01 Oct 2018 12:26:39 GMT
server: Microsoft-IIS/10.0
x-datacenter: NorthEU
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=329742
x-instance: Resizer.Web_IN_2
timing-allow-origin: *
expires: Sat, 06 Oct 2018 12:27:26 GMT

GET
S 200 mwf-auto-init-main.var.min.js Show response
assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/scripts/ 252 KB
60 KB 84ms
10ms Script
application/x-javascript 2a02:26f0:6c00:2bd::2957
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/scripts/mwf-auto-init-main.var.min.js

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:2bd::2957 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

f51ae227d465f408b004cfc8dc65a1adb7ca563464ba3b9f63c652f189f6e803

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff, nosniff

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff, nosniff, nosniff
content-md5: vy57XuwRIoF2hBDdlHbFZQ==
status: 200
content-length: 60346
x-ms-lease-state: available
last-modified: Tue, 13 Dec 2016 03:15:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D423063BCD7E44"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges
cache-control: max-age=31536000
accept-ranges: bytes

GET
S 200 latest.woff
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 40 KB
41 KB 23ms
11ms Font
font/x-woff 2a02:26f0:6c00:292::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff

Requested by

Host: c.s-microsoft.com
URL: https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=0502864a-b6ef-2f14-9f8e-267004d3a4e0_c5ea3348-55af-729a-2641-14f0312bacf3_742bd11f-3d7c-9955-3df5-f02b66689699_cb9d43d2-fbae-5b5c-827f-72166d6b87fc_49488e0d-6ae2-5101-c995-f4d56443b1d8_7dea7b90-4334-c043-b252-9f132d19ee19_38aa9ffb-ddb5-75be-6536-a58628f435f5_e3e65a0a-c133-43e7-571d-2293e03f85e6_c7a4393f-7c9b-39d3-762d-af461a6d6564_4ca0e9dc-a4de-17ba-f0de-d1d346cb99e2_06310cd8-41c6-3b11-4645-b4884789ed70_5c27e8aa-9347-969e-39ac-37a4de428a8d_d6872b5a-5310-a73c-7cb3-227a3213a1c5_be92d794-4118-193f-9871-58b72092a5ac_64c742e2-b29c-b6c1-fdd9-accf33ec40bd_cf2ceca9-3467-a5b3-d095-68958eee6d4c_cec39dd8-f1d3-56f1-abfc-a7db34ff7b46_ec5fa2c9-3950-ff57-a5c3-1fa77e0db190_d19f9592-65df-bcc9-e30e-439b875c3381_76a3d06f-f11f-77ef-9bfd-6227ba750200_5e1caa45-461c-3b04-f88b-8cd50af16db5_c2dceda8-20b4-7d3f-13b6-9cac67d7df17_914fa41b-cc86-d3b0-4e15-2fdfa357bcc7_40c6c884-da6e-7c2c-081f-4a7dfe7c7245_06147d0a-1719-8e3b-c749-d86ff2a860c7_2afb53cb-cccc-c3fc-e7eb-990fce9ac3b0

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:292::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

1ee846986fbf0bfc9f0996f563d748589a32b29af6a6e444312c5a4da27504c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/css/mwf-west-european-default.min.css
Origin: https://www.microsoft.com

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
last-modified: Tue, 01 Mar 2016 17:40:35 GMT
status: 200
etag: "1D173E175B3AB80"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: public, max-age=395010
access-control-allow-credentials: true
accept-ranges: bytes
content-type: font/x-woff
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 41280
expires: Sun, 07 Oct 2018 06:35:14 GMT

GET
H2 200 mwfmdl2-v2.92.woff
www.microsoft.com/mwf/_h/v2.92/mwf.app/fonts/ 20 KB
20 KB 15ms
15ms Font
application/font-woff 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/_h/v2.92/mwf.app/fonts/mwfmdl2-v2.92.woff

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:187::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

bd6a377fb644d95d52e81a6f0785c7d40cad9840daa8100b1d43039c3216241d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:path: /mwf/_h/v2.92/mwf.app/fonts/mwfmdl2-v2.92.woff
pragma: no-cache
cookie: MS-CV=PcovgkJ+SkSZRdFg.1
origin: https://www.microsoft.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.microsoft.com
referer: https://statics-uhf-eas.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/ec-f8ec33/b7-01890e/67-f66a05/bb-33df2f/d6-3f8236/1c-14fb9c/8e-0f0147/17-1042c1?ver=2.0
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://statics-uhf-eas.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/ec-f8ec33/b7-01890e/67-f66a05/bb-33df2f/d6-3f8236/1c-14fb9c/8e-0f0147/17-1042c1?ver=2.0
Origin: https://www.microsoft.com

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 758b5bbd-7bd5-4689-97a2-7d9ce554cc92
ms-cv: 5dU/SCHNxEuRzXxK.0
content-length: 20020
x-xss-protection: 1
last-modified: Mon, 13 Aug 2018 06:59:45 GMT
x-az: {did:ebbeaea41e034f1a8d3657f77961d2e1, rid: 4, sn: mwf-eus-prod, dt: 2018-07-28T13:04:54.6920097Z, bt: 2018-08-07T09:16:44.0000000Z}
date: Tue, 02 Oct 2018 16:51:44 GMT
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=27180407
x-appversion: 1.0.6793.16702
expires: Tue, 13 Aug 2019 06:58:31 GMT

GET
S 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 7ms
6ms Font
application/font-woff2 2a02:26f0:6c00:292::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:292::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/css/mwf-west-european-default.min.css
Origin: https://www.microsoft.com

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
last-modified: Tue, 01 Mar 2016 17:40:35 GMT
status: 200
etag: "1D173E175B3AB80"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: public, max-age=390336
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/font-woff2
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 34052
expires: Sun, 07 Oct 2018 05:17:20 GMT

GET
S 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/ 29 KB
29 KB 12ms
12ms Font
application/font-woff2 2a02:26f0:6c00:292::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:292::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://statics-uhf-eas.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/ec-f8ec33/b7-01890e/67-f66a05/bb-33df2f/d6-3f8236/1c-14fb9c/8e-0f0147/17-1042c1?ver=2.0
Origin: https://www.microsoft.com

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
last-modified: Tue, 01 Mar 2016 17:40:35 GMT
status: 200
etag: "1D173E175B3AB80"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: public, max-age=233899
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/font-woff2
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 29388
expires: Fri, 05 Oct 2018 09:50:03 GMT

GET
S 200 yql
query.yahooapis.com/v1/public/ 2 KB
3 KB 337ms
125ms Script
application/javascript 2001:4998:58:4904::4000
Yahoo!

General

Check archive.org

Show headers Download Go to

Full URL

https://query.yahooapis.com/v1/public/yql?q=select%20title%2C%20link%2C%20pubDate%20from%20rss%20where%20url%3D%22https%3A%2F%2Fcloudblogs.microsoft.com%2Fmicrosoftsecure%2Ffeed%2F%3Fproduct%3Dwindows%252Cwindows-defender-advanced-threat-protection%22%20limit%206%20offset%200%20%7C%20sort(field%3D%22pubDate%22%2C%20descending%3D%22true%22)&format=json&diagnostics=false&callback=simpleAJAXLib.display

Requested by

Host: c.s-microsoft.com
URL: https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=061cded8-d150-4292-af9e-1c7898ae93da

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:4998:58:4904::4000 , United States, ASN26101 (YAHOO-3 - Yahoo!, US),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
via: http/1.1 media-router-omega78.prod.media.bf1.yahoo.com (ApacheTrafficServer [cMsSf ]), http/1.1 a02.ue.bf1.yahoo.net (ApacheTrafficServer [cMsSf ])
x-content-type-options: nosniff
age: 0
status: 200
content-disposition: attachment; filename=f.txt
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"

GET
S 200 latest.woff
c.s-microsoft.com/static/fonts/segoe-ui/west-european/light/ 33 KB
33 KB 37ms
37ms Font
font/x-woff 2a02:26f0:6c00:292::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/light/latest.woff

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:292::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

0ed2dc761ddf650b9aab0c366f43ddea0db81e13bbe603a21f2bfef519387ce9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/css/mwf-west-european-default.min.css
Origin: https://www.microsoft.com

Response headers

date: Tue, 02 Oct 2018 16:51:44 GMT
last-modified: Tue, 01 Mar 2016 17:40:35 GMT
status: 200
etag: "1D173E175B3AB80"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: public, max-age=183900
access-control-allow-credentials: true
accept-ranges: bytes
content-type: font/x-woff
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 33556
expires: Thu, 04 Oct 2018 19:56:44 GMT

GET
H2 204 _log
uhf.microsoft.com/ 0
128 B 48ms
8ms Image
text/html 2a02:26f0:6c00:299::2b57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uhf.microsoft.com/_log?o=mscc&s=Microsoft.OneRenderFramework.Core&m=show&nv=aspnet-3.1.3&sv=0.1.2
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:299::2b57 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:path: /_log?o=mscc&s=Microsoft.OneRenderFramework.Core&m=show&nv=aspnet-3.1.3&sv=0.1.2
pragma: no-cache
cookie: MS-CV=PcovgkJ+SkSZRdFg.1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: uhf.microsoft.com
referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
:scheme: https
:method: GET
Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Oct 2018 16:51:44 GMT
status: 204
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 0
expires: Tue, 02 Oct 2018 16:51:44 GMT

GET
H2 200 Primary Request threat-search Show response
www.microsoft.com/en-us/wdsi/threats/ 92 KB
17 KB 1809ms
1809ms Document
text/html 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Requested by

Host: c.s-microsoft.com
URL: https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=6db6281e-906e-7476-9f13-46bbbe9de347_c5b6c48d-bb3c-06df-bcee-b82aeeddbda1_2b326cdb-063a-b229-e01a-c68419b182fb_a0e8a600-b2fc-705e-c3d1-c7dd4c37cd5f_75734061-a6fe-6ecf-b974-38c17d4da337

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:187::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

9c72ee97ace51686d4d8b3c82b60a73593887bd44d707418db9918aaa1028ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.microsoft.com
:scheme: https
:path: /en-us/wdsi/threats/threat-search?query=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
accept-encoding: gzip, deflate
cookie: MS-CV=PcovgkJ+SkSZRdFg.1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Response headers

status: 200
content-type: text/html
cache-control: no-store, no-cache
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
correlationvector: PcovgkJ+SkSZRdFg.2.1
x-frame-options: SAMEORIGIN
x-edgeconnect-origin-mex-latency: 1510
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 02 Oct 2018 16:51:46 GMT
content-length: 17095
set-cookie: MS-CV=PcovgkJ+SkSZRdFg.2; domain=.microsoft.com; expires=Wed, 03-Oct-2018 16:51:44 GMT; path=/
strict-transport-security: max-age=31536000
x-rtag: RT

GET
H/1.1 200
OK meBoot.min.js
mem.gfx.ms/me/MeControl/9.18199.0/en-US/ 22 KB
8 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:19b::37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mem.gfx.ms/me/MeControl/9.18199.0/en-US/meBoot.min.js
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurityPortal&market=en-us&uhf=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19b::37 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Version: 0.0.0.0
Date: Tue, 02 Oct 2018 16:51:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Sep 2018 02:58:20 GMT
X-Powered-By: ASP.NET
X-Served-By: pf9lIoUwb1c5L8VCNx/TlqcvMzCinZpKBelPAR44w/sBRjSmEb5Z0wyCIEseoTCb
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8120
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK meCore.min.js
mem.gfx.ms/me/MeControl/9.18199.0/en-US/ 37 KB
13 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:19b::37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mem.gfx.ms/me/MeControl/9.18199.0/en-US/meCore.min.js
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurityPortal&market=en-us&uhf=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19b::37 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Version: 0.0.0.0
Date: Tue, 02 Oct 2018 16:51:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Sep 2018 02:58:20 GMT
X-Powered-By: ASP.NET
X-Served-By: pf9lIoUwb1c5L8VCNx/TlqcvMzCinZpKBelPAR44w/uM4c3uUqE56T+xuNMp5AIr
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12374
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK Cookie set me.srf
login.live.com/ Frame D317 0
0 901ms
175ms Document
text/html 2620:1ec:9::1
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=7ab201ff-9229-4562-0cdc-93d0dbb121eb&partnerId=mssecurityportal

Requested by

Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2620:1ec:9::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: login.live.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1

Response headers

Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Tue, 02 Oct 2018 16:50:45 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie: uaid=8d406a7fa45743f2a4af1a3cad5db913; domain=login.live.com;secure= ;path=/;HTTPOnly= ;version=1 MSPRequ=lt=1538499105&co=1&id=N; secure= ;path=/;HTTPOnly=;version=1
PPServer: PPV: 30 H: BAYIDSLGN1B025 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Date: Tue, 02 Oct 2018 16:51:45 GMT
Content-Length: 1418

POST
H/1.1 200
OK Cookie set v1
web.vortex.data.microsoft.com/collect/ 57 B
950 B 28ms
28ms Other
application/json 40.77.226.250
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/me/MeControl/9.18199.0/en-US/meCore.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Origin: https://www.microsoft.com
Accept-Encoding: gzip, deflate
Host: web.vortex.data.microsoft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
Cookie: MS-CV=PcovgkJ+SkSZRdFg.1
Connection: keep-alive
Content-Length: 4715
Referer: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?amp;name=Trojan%3aWin32%2fEmali.A!cl&threatid=2147728322&enterprise=1
Origin: https://www.microsoft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 02 Oct 2018 16:51:44 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin: https://www.microsoft.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Set-Cookie: MC1=GUID=0939fbd656b84e419c95c55fe693f2c9&HASH=0939&LV=201810&V=4&LU=1538499104881; Domain=.microsoft.com; Expires=Wed, 02 Oct 2019 16:51:44 GMT; Path=/ MS0=fbf60bc7f0a04928ab90148d645291c8; Domain=.microsoft.com; Expires=Tue, 02 Oct 2018 17:21:44 GMT; Path=/
MS-CV: /WaHWxjlEEG4J3pfI83A7g.0
Content-Type: application/json
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Content-Length: 57
Expires: 0

POST v1
web.vortex.data.microsoft.com/collect/ 0
0

GET
S 200 jquery-1.9.0.js Show response
ajax.aspnetcdn.com/ajax/jquery/ 261 KB
78 KB 11ms
6ms Script
application/javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery/jquery-1.9.0.js

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8F6B) /

Resource Hash

4d7b01c2f6043bcee83a33d0f627dc6fbc27dc8aeb5bdd5d863e84304b512ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 79430
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:11:01 GMT
server: ECAcc (frc/8F6B)
etag: "8030b6bcc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
S 200 script.jsx Show response
c.s-microsoft.com/en-us/CMSScripts/ 91 KB
33 KB 22ms
17ms Script
text/javascript 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=7F1B8B51-548D-40BB-E21B-D19E5566BF14

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

d5d00ecb9c3653b408e8428d2b615f4894ba8feaaa6a54ee615da9206305af79

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
etag: "eDamNWW9B62D6y7Trtm5lw=="
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: private, max-age=229051
access-control-allow-credentials: true
content-type: text/javascript
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 33426
expires: Fri, 05 Oct 2018 08:29:17 GMT

GET
S 200 mwf-west-european-default.min.css
assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/css/ 451 KB
51 KB 44ms
40ms Stylesheet
text/css 2a02:26f0:6c00:2bd::2957
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/css/mwf-west-european-default.min.css

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:2bd::2957 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

762ad81ce4c3cd8c5dd0d27e92eb5ead4c2987a05ea4d0456c0dca85e7389258

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff, nosniff

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff, nosniff, nosniff
last-modified: Tue, 13 Dec 2016 03:14:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: 50ZDg2/ftI5J+FFD+WWnTQ==
status: 200
etag: "0x8D4230638E65517"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges
cache-control: max-age=31536000
accept-ranges: bytes
x-ms-lease-state: available

GET
H/1.1 200
OK 17-1042c1
statics-uhf-eus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/ec-f8ec33/b7-01890e/67-f66a05/bb-33df2f/d6-3f8236/1c-14fb9c/8e-0f0147/ 157 KB
21 KB 87ms
12ms Stylesheet
text/css 2a02:26f0:6c00::210:ba21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://statics-uhf-eus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/ec-f8ec33/b7-01890e/67-f66a05/bb-33df2f/d6-3f8236/1c-14fb9c/8e-0f0147/17-1042c1?ver=2.0

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00::210:ba21 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4a9b594ca8257d5fbd03c09218a9d5c40f8e1a05a9822409a20f2bdde862c695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 16:51:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-S2: 2018-08-21T19:23:42
P3P: CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id: 8c72410c-cf9a-4834-934a-daad82dcec25
X-S1: 2018-08-21T19:23:42
Connection: keep-alive
MS-CV: beO5plycqESA2p6G.0
Content-Length: 21170
X-XSS-Protection: 1
Last-Modified: Tue, 21 Aug 2018 19:23:42 GMT
Server: Microsoft-IIS/10.0
X-Az: {did:23e7d0f1609043c8958dd666d015292f, rid: 1, sn: uhf-eus-prod, dt: 2018-07-30T15:30:20.1735610Z, bt: 2018-08-20T19:20:02.0000000Z}
Vary: Accept-Encoding
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=27916273
Timing-Allow-Origin: *
X-AppVersion: 1.0.6806.34801
Expires: Wed, 21 Aug 2019 19:22:59 GMT

GET
H/1.1 200
OK override.css
statics-uhf-eus.akamaized.net/statics/ 476 B
863 B 87ms
13ms Stylesheet
text/css 2a02:26f0:6c00::210:ba21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://statics-uhf-eus.akamaized.net/statics/override.css?c=4
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba21 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1847e42e29f06597236c9e85b74250931c1400e7927bc4bb14572dd8bcd2670b

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 02 Oct 2018 16:51:46 GMT
Last-Modified: Tue, 07 Aug 2018 22:04:59 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D5FCB1D155BCBF
Content-Type: text/css
x-ms-request-id: f7b234f4-e01e-012a-3581-490b79000000
x-ms-version: 2009-09-19
Connection: keep-alive
Content-Length: 476

GET
S 200 mscc-0.4.1.min.css
c.s-microsoft.com/mscc/statics/ 1 KB
934 B 20ms
17ms Stylesheet
text/css 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.css
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 02 Oct 2018 16:51:46 GMT
content-encoding: gzip
last-modified: Mon, 10 Sep 2018 17:42:23 GMT
content-md5: 2MKxgMQLzH/8vixotX2Pog==
status: 200
etag: 0x8D61744C3ED0073
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/css;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 41f924a0-901e-0090-04fe-4986d4000000
x-ms-version: 2009-09-19
content-length: 627

GET
S 200 style.csx
c.s-microsoft.com/en-us/CMSStyles/ 128 KB
21 KB 27ms
26ms Stylesheet
text/css 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

61c8aa36e474ad8fedab9a601c1b96c99a371bd5693714065d25385491442ee3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
etag: "PU7dUcH9/O1e25xQSss07Q=="
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: private, max-age=288898
access-control-allow-credentials: true
content-type: text/css
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 21109
expires: Sat, 06 Oct 2018 01:06:44 GMT

GET
S 200 jquery-1.9.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 90 KB
32 KB 14ms
13ms Script
application/javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frc/8F2A) /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 32857
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:11:01 GMT
server: ECAcc (frc/8F2A)
etag: "8030b6bcc33d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 8f-d24839 Show response
statics-uhf-eus.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/2f-2c5417/db-bc01... 110 KB
30 KB 84ms
11ms Script
text/javascript 2a02:26f0:6c00::210:ba21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://statics-uhf-eus.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/2f-2c5417/db-bc0148/bc-5b77d5/78-4c7d22/df-e4d70f/e4-8302f6/cd-23d3b0/6d-1e7ed0/b7-cadaa7/ca-40b7b0/c3-6454d7/f9-7592d3/db-2792b1/f9-fa0ea3/7e-cda2d3/32-6dafa3/b0-8ba565/e0-3c9860/91-97a04f/1f-100dea/33-abe4df/85-2572bb/8f-d24839?ver=2.0&iife=1

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00::210:ba21 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

1d67692b4ae730d72bba373c2dc4781dc5cadad521d282884fe730b7f007984e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 16:51:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-S2: 2018-09-07T09:06:42
P3P: CP="CAO CONi OTR OUR DEM ONL"
X-Activity-Id: 09405a0c-2619-4443-8b35-69efb57df318
X-S1: 2018-09-07T09:06:42
Connection: keep-alive
MS-CV: y3R7fqi940e5vBwW.0
Content-Length: 30180
X-XSS-Protection: 1
Last-Modified: Fri, 07 Sep 2018 09:06:42 GMT
Server: Microsoft-IIS/10.0
X-Az: {did:23e7d0f1609043c8958dd666d015292f, rid: 3, sn: uhf-eus-prod, dt: 2018-09-07T08:59:16.7316156Z, bt: 2018-08-20T19:20:02.0000000Z}
Vary: Accept-Encoding
Access-Control-Allow-Methods: HEAD,GET,OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=29348096
Timing-Allow-Origin: *
X-AppVersion: 1.0.6806.34801
Expires: Sat, 07 Sep 2019 09:06:42 GMT

GET
H/1.1 200
OK meversion Show response
mem.gfx.ms/ 11 KB
5 KB 13ms
12ms Script
application/javascript 2a02:26f0:6c00:19b::37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mem.gfx.ms/meversion?partner=MSSecurityPortal&market=en-us&uhf=1
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19b::37 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: c6bdda35b04862bf5ed7bbf792b41eefa3abcbc06120521ee2a4b4d860d46783

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Version: 0.0.0.0
Date: Tue, 02 Oct 2018 16:51:46 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Expires: Wed, 03 Oct 2018 05:24:35 GMT
Cache-Control: public, no-transform, max-age=86400
X-UA-Compatible: IE=edge
Connection: keep-alive
Content-Length: 4247
X-Served-By: pf9lIoUwb1c5L8VCNx/TlqcvMzCinZpKBelPAR44w/uqw9adRouBVOJoI5DbTKTJ

GET
S 200 mscc-0.4.1.min.js Show response
c.s-microsoft.com/mscc/statics/ 3 KB
2 KB 28ms
27ms Script
text/javascript 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/mscc/statics/mscc-0.4.1.min.js
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 02 Oct 2018 16:51:46 GMT
content-encoding: gzip
last-modified: Mon, 10 Sep 2018 17:42:12 GMT
content-md5: XpofSqMdSqYPb4maLkXO+A==
status: 200
etag: 0x8D61744BD6EA9B6
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9fc6c4bd-001e-003f-1afe-49a444000000
x-ms-version: 2009-09-19
content-length: 1588

GET
S 200 script.jsx Show response
c.s-microsoft.com/en-us/CMSScripts/ 126 KB
34 KB 29ms
27ms Script
text/javascript 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

ae5003545ac514b5fd86ecd9eaeb0db79b3093be90e8917e1b8a3b5a20759543

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
etag: "9niA2M/D2RvC+2eQZMwIgA=="
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: private, max-age=288365
access-control-allow-credentials: true
content-type: text/javascript
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 34542
expires: Sat, 06 Oct 2018 00:57:51 GMT

GET
S 200 RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 4 KB
4 KB 10ms
9ms Image
image/png 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-cms-cdninvalkey: am:RE1Mu3b
date: Tue, 02 Oct 2018 16:51:46 GMT
x-aspnet-version: 4.0.30319
x-source-length: 4054
x-powered-by: ASP.NET
status: 200
x-activityid: b77875d7-766c-4a4d-8b6e-52b647571e70
content-location: https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
x-deployment: a89a5014e89c41b7b60a64d7ee950637
content-length: 4054
last-modified: Sat, 29 Sep 2018 21:30:55 GMT
server: Microsoft-IIS/10.0
x-datacenter: NorthEU
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=189519
x-instance: Resizer.Web_IN_1
timing-allow-origin: *
expires: Thu, 04 Oct 2018 21:30:25 GMT

GET
S 200 script.jsx Show response
c.s-microsoft.com/en-us/CMSScripts/ 5 KB
2 KB 69ms
68ms Script
text/javascript 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=0212a22e-3dd5-62aa-167b-751dd441bec0

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

d3fb5ea6dce2c5f2845976f3c33e8d8c64500c78196fecdc93bd4297a3b4035a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
etag: "RNzHfAlj9Eu/TEAsQCv5sQ=="
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: private, max-age=263705
access-control-allow-credentials: true
content-type: text/javascript
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 1619
expires: Fri, 05 Oct 2018 18:06:51 GMT

GET
S 200 mwf-auto-init-main.var.min.js Show response
assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/scripts/ 252 KB
60 KB 34ms
0ms Script
application/x-javascript 2a02:26f0:6c00:2bd::2957
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/scripts/mwf-auto-init-main.var.min.js

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:2bd::2957 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

f51ae227d465f408b004cfc8dc65a1adb7ca563464ba3b9f63c652f189f6e803

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff, nosniff

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff, nosniff, nosniff
content-md5: vy57XuwRIoF2hBDdlHbFZQ==
status: 200
content-length: 60346
x-ms-lease-state: available
last-modified: Tue, 13 Dec 2016 03:15:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D423063BCD7E44"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges
cache-control: max-age=31536000
accept-ranges: bytes

GET
S 200 latest.woff
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 40 KB
41 KB 7ms
6ms Font
font/x-woff 2a02:26f0:6c00:292::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:292::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

1ee846986fbf0bfc9f0996f563d748589a32b29af6a6e444312c5a4da27504c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/css/mwf-west-european-default.min.css
Origin: https://www.microsoft.com

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
last-modified: Tue, 01 Mar 2016 17:40:35 GMT
status: 200
etag: "1D173E175B3AB80"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: public, max-age=395008
access-control-allow-credentials: true
accept-ranges: bytes
content-type: font/x-woff
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 41280
expires: Sun, 07 Oct 2018 06:35:14 GMT

GET
H2 200 mwfmdl2-v2.92.woff
www.microsoft.com/mwf/_h/v2.92/mwf.app/fonts/ 20 KB
20 KB 17ms
16ms Font
application/font-woff 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/_h/v2.92/mwf.app/fonts/mwfmdl2-v2.92.woff

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:187::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

bd6a377fb644d95d52e81a6f0785c7d40cad9840daa8100b1d43039c3216241d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:path: /mwf/_h/v2.92/mwf.app/fonts/mwfmdl2-v2.92.woff
pragma: no-cache
cookie: MC1=GUID=0939fbd656b84e419c95c55fe693f2c9&HASH=0939&LV=201810&V=4&LU=1538499104881; MS0=fbf60bc7f0a04928ab90148d645291c8; MS-CV=PcovgkJ+SkSZRdFg.2
origin: https://www.microsoft.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.microsoft.com
referer: https://statics-uhf-eus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/ec-f8ec33/b7-01890e/67-f66a05/bb-33df2f/d6-3f8236/1c-14fb9c/8e-0f0147/17-1042c1?ver=2.0
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://statics-uhf-eus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/ec-f8ec33/b7-01890e/67-f66a05/bb-33df2f/d6-3f8236/1c-14fb9c/8e-0f0147/17-1042c1?ver=2.0
Origin: https://www.microsoft.com

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
status: 200
x-activity-id: 758b5bbd-7bd5-4689-97a2-7d9ce554cc92
ms-cv: 5dU/SCHNxEuRzXxK.0
content-length: 20020
x-xss-protection: 1
last-modified: Mon, 13 Aug 2018 06:59:45 GMT
x-az: {did:ebbeaea41e034f1a8d3657f77961d2e1, rid: 4, sn: mwf-eus-prod, dt: 2018-07-28T13:04:54.6920097Z, bt: 2018-08-07T09:16:44.0000000Z}
date: Tue, 02 Oct 2018 16:51:46 GMT
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=27180405
x-appversion: 1.0.6793.16702
expires: Tue, 13 Aug 2019 06:58:31 GMT

GET
S 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 9ms
9ms Font
application/font-woff2 2a02:26f0:6c00:292::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:292::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/css/mwf-west-european-default.min.css
Origin: https://www.microsoft.com

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
last-modified: Tue, 01 Mar 2016 17:40:35 GMT
status: 200
etag: "1D173E175B3AB80"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: public, max-age=390334
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/font-woff2
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 34052
expires: Sun, 07 Oct 2018 05:17:20 GMT

GET
S 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/ 29 KB
29 KB 10ms
10ms Font
application/font-woff2 2a02:26f0:6c00:292::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:292::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://statics-uhf-eus.akamaized.net/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/ec-f8ec33/b7-01890e/67-f66a05/bb-33df2f/d6-3f8236/1c-14fb9c/8e-0f0147/17-1042c1?ver=2.0
Origin: https://www.microsoft.com

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
last-modified: Tue, 01 Mar 2016 17:40:35 GMT
status: 200
etag: "1D173E175B3AB80"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: public, max-age=233897
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/font-woff2
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 29388
expires: Fri, 05 Oct 2018 09:50:03 GMT

GET
S 200 latest.woff
c.s-microsoft.com/static/fonts/segoe-ui/west-european/light/ 33 KB
33 KB 7ms
6ms Font
font/x-woff 2a02:26f0:6c00:292::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/light/latest.woff

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:292::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

0ed2dc761ddf650b9aab0c366f43ddea0db81e13bbe603a21f2bfef519387ce9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://assets.onestore.ms/cdnfiles/external/mwf/long/v1/v1.17.1/css/mwf-west-european-default.min.css
Origin: https://www.microsoft.com

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
last-modified: Tue, 01 Mar 2016 17:40:35 GMT
status: 200
etag: "1D173E175B3AB80"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: public, max-age=183898
access-control-allow-credentials: true
accept-ranges: bytes
content-type: font/x-woff
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 33556
expires: Thu, 04 Oct 2018 19:56:44 GMT

GET
H2 204 _log
uhf.microsoft.com/ 0
128 B 8ms
7ms Image
text/html 2a02:26f0:6c00:299::2b57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uhf.microsoft.com/_log?o=mscc&s=Microsoft.OneRenderFramework.Core&m=show&nv=aspnet-3.1.3&sv=0.1.2
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:299::2b57 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /_log?o=mscc&s=Microsoft.OneRenderFramework.Core&m=show&nv=aspnet-3.1.3&sv=0.1.2
pragma: no-cache
cookie: MC1=GUID=0939fbd656b84e419c95c55fe693f2c9&HASH=0939&LV=201810&V=4&LU=1538499104881; MS0=fbf60bc7f0a04928ab90148d645291c8; MS-CV=PcovgkJ+SkSZRdFg.2
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: uhf.microsoft.com
referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
:scheme: https
:method: GET
Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Oct 2018 16:51:46 GMT
status: 204
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 0
expires: Tue, 02 Oct 2018 16:51:46 GMT

GET
S 200 script.jsx Show response
c.s-microsoft.com/en-us/CMSScripts/ 2 KB
1 KB 7ms
6ms Script
text/javascript 2a02:26f0:6c00:28b::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://c.s-microsoft.com/en-us/CMSScripts/script.jsx?k=9BF1A397-B649-9938-E1AF-63749A8D6427

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28b::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

35a3d6fea2f1374b6e3c6aa84fcd728c786ae5e88efd8852d76356040d442473

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 16:51:46 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
etag: "L0fikPuT3zaYyvOL4UB4eg=="
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: *
cache-control: private, max-age=288368
access-control-allow-credentials: true
content-type: text/javascript
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 686
expires: Sat, 06 Oct 2018 00:57:54 GMT

GET
H/1.1 200
OK meBoot.min.js Show response
mem.gfx.ms/me/MeControl/9.18199.0/en-US/ 22 KB
8 KB 10ms
9ms Script
application/javascript 2a02:26f0:6c00:19b::37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mem.gfx.ms/me/MeControl/9.18199.0/en-US/meBoot.min.js
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurityPortal&market=en-us&uhf=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19b::37 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f9c6a25eeaa17f1cbce7d2fcfca504b747d9eaf732ec5158bb00dda642c6865d

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Version: 0.0.0.0
Date: Tue, 02 Oct 2018 16:51:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Sep 2018 02:58:20 GMT
X-Powered-By: ASP.NET
X-Served-By: pf9lIoUwb1c5L8VCNx/TlqcvMzCinZpKBelPAR44w/sBRjSmEb5Z0wyCIEseoTCb
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8120
X-UA-Compatible: IE=edge

GET
H2 204 _log
uhf.microsoft.com/ 0
128 B 6ms
6ms Image
text/html 2a02:26f0:6c00:299::2b57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uhf.microsoft.com/_log?c=TUMxO01TLUNWO01TMA==&h=www.microsoft.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:299::2b57 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /_log?c=TUMxO01TLUNWO01TMA==&h=www.microsoft.com
pragma: no-cache
cookie: MC1=GUID=0939fbd656b84e419c95c55fe693f2c9&HASH=0939&LV=201810&V=4&LU=1538499104881; MS0=fbf60bc7f0a04928ab90148d645291c8; MS-CV=PcovgkJ+SkSZRdFg.2
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: uhf.microsoft.com
referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
:scheme: https
:method: GET
Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Oct 2018 16:51:46 GMT
status: 204
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 0
expires: Tue, 02 Oct 2018 16:51:46 GMT

GET
H2 200 cartcount Show response
www.microsoft.com/store/buy/ Frame ED11 777 B
878 B 22ms
22ms Document
text/html 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/store/buy/cartcount

Requested by

Host: statics-uhf-eus.akamaized.net
URL: https://statics-uhf-eus.akamaized.net/shell/_scrf/js/themes=default/54-af9f9f/c0-247156/de-099401/e1-a50eee/e7-954872/d8-97d509/f0-251fe2/46-be1318/77-04a268/7f-652c90/63-077520/a4-34de62/2f-2c5417/db-bc0148/bc-5b77d5/78-4c7d22/df-e4d70f/e4-8302f6/cd-23d3b0/6d-1e7ed0/b7-cadaa7/ca-40b7b0/c3-6454d7/f9-7592d3/db-2792b1/f9-fa0ea3/7e-cda2d3/32-6dafa3/b0-8ba565/e0-3c9860/91-97a04f/1f-100dea/33-abe4df/85-2572bb/8f-d24839?ver=2.0&iife=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:187::356e , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

2f78e0df96f48eece9c0db612d8bdf7d03a314b304fc37f93e6fe1083ba11611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1

Request headers

:method: GET
:authority: www.microsoft.com
:scheme: https
:path: /store/buy/cartcount
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
accept-encoding: gzip, deflate
cookie: MC1=GUID=0939fbd656b84e419c95c55fe693f2c9&HASH=0939&LV=201810&V=4&LU=1538499104881; MS0=fbf60bc7f0a04928ab90148d645291c8; MS-CV=PcovgkJ+SkSZRdFg.2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Response headers

status: 200
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
x-activity-id: 03391bea-ef09-495f-92ef-622db4bef2d1
ms-cv: hoSdQsUCeEOuE5vi.0
x-appversion: 1.0.6845.29844
x-az: {did:3ed323e0c46b4bd2aa89fc62e4994282, rid: 50, sn: onestore-neu-prod, dt: 2018-09-20T01:37:43.6783343Z, bt: 2018-09-28T16:34:48.0000000Z}
p3p: CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
access-control-allow-headers: *
x-xss-protection: 1
content-length: 358
cache-control: max-age=86400
expires: Wed, 03 Oct 2018 16:51:46 GMT
date: Tue, 02 Oct 2018 16:51:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
x-rtag: Str

GET
H/1.1 200
OK meCore.min.js Show response
mem.gfx.ms/me/MeControl/9.18199.0/en-US/ 37 KB
13 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:19b::37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mem.gfx.ms/me/MeControl/9.18199.0/en-US/meCore.min.js
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurityPortal&market=en-us&uhf=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:19b::37 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 9c1af1d57262b5277e2853dd082e4743e405077e420cb8de7bd0750ea5996ec9

Request headers

Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Version: 0.0.0.0
Date: Tue, 02 Oct 2018 16:51:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Sep 2018 02:58:20 GMT
X-Powered-By: ASP.NET
X-Served-By: pf9lIoUwb1c5L8VCNx/TlqcvMzCinZpKBelPAR44w/uM4c3uUqE56T+xuNMp5AIr
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12374
X-UA-Compatible: IE=edge

GET
H/1.1 200
OK Cookie set me.srf
login.live.com/ Frame 3BF0 0
0 175ms
174ms Document
text/html 2620:1ec:9::1
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=7ab201ff-9229-4562-0cdc-93d0dbb121eb&partnerId=mssecurityportal

Requested by

Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-1.9.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

2620:1ec:9::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: login.live.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
Accept-Encoding: gzip, deflate
Cookie: uaid=8d406a7fa45743f2a4af1a3cad5db913; MSPRequ=lt=1538499105&co=1&id=N
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=

Response headers

Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Tue, 02 Oct 2018 16:50:47 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie: MSPRequ=lt=1538499107&id=N&co=2; secure= ;path=/;HTTPOnly=;version=1
PPServer: PPV: 30 H: BAYIDSLGN1B025 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Date: Tue, 02 Oct 2018 16:51:46 GMT
Content-Length: 1418

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 57 B
664 B 58ms
57ms Other
application/json 40.77.226.250
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://web.vortex.data.microsoft.com/collect/v1

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/me/MeControl/9.18199.0/en-US/meCore.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Resource Hash

411a206884c2b850d089f656647e6d82341e2f47c6a74ca0cb070c2aa802ef7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Origin: https://www.microsoft.com
Accept-Encoding: gzip, deflate
Host: web.vortex.data.microsoft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
Cookie: MC1=GUID=0939fbd656b84e419c95c55fe693f2c9&HASH=0939&LV=201810&V=4&LU=1538499104881; MS0=fbf60bc7f0a04928ab90148d645291c8; MS-CV=PcovgkJ+SkSZRdFg.2
Connection: keep-alive
Content-Length: 4546
Referer: https://www.microsoft.com/en-us/wdsi/threats/threat-search?query=
Origin: https://www.microsoft.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 02 Oct 2018 16:51:47 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin: https://www.microsoft.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
MS-CV: HjTMWFB3tUypA0p0GnzxvA.0
Content-Type: application/json
Access-Control-Allow-Headers: Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Content-Length: 57
Expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: web.vortex.data.microsoft.com
URL: https://web.vortex.data.microsoft.com/collect/v1

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.microsoft.com/	1970-01-18 19:23:05	Name: MS-CV Value: PcovgkJ+SkSZRdFg.2
.microsoft.com/	1970-01-18 19:21:40	Name: MS0 Value: fbf60bc7f0a04928ab90148d645291c8
.microsoft.com/	1970-01-19 04:07:15	Name: MC1 Value: GUID=0939fbd656b84e419c95c55fe693f2c9&HASH=0939&LV=201810&V=4&LU=1538499104881

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
assets.onestore.ms
c.s-microsoft.com
go.microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
login.live.com
mem.gfx.ms
query.yahooapis.com
statics-uhf-eas.akamaized.net
statics-uhf-eus.akamaized.net
uhf.microsoft.com
web.vortex.data.microsoft.com
www.microsoft.com
web.vortex.data.microsoft.com
152.199.19.160
2001:4998:58:4904::4000
2620:1ec:9::1
2a02:26f0:6c00:183::356e
2a02:26f0:6c00:187::356e
2a02:26f0:6c00:19b::37
2a02:26f0:6c00:28b::356e
2a02:26f0:6c00:292::356e
2a02:26f0:6c00:299::2b57
2a02:26f0:6c00:29c::2c1a
2a02:26f0:6c00:2bd::2957
2a02:26f0:6c00::210:ba10
2a02:26f0:6c00::210:ba1b
2a02:26f0:6c00::210:ba21
40.77.226.250
0ed2dc761ddf650b9aab0c366f43ddea0db81e13bbe603a21f2bfef519387ce9
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
1847e42e29f06597236c9e85b74250931c1400e7927bc4bb14572dd8bcd2670b
1d67692b4ae730d72bba373c2dc4781dc5cadad521d282884fe730b7f007984e
1ee846986fbf0bfc9f0996f563d748589a32b29af6a6e444312c5a4da27504c1
1ffa31e129f7c7aa84788e0dde8aa355a8c1d00637ebdb5a0109a8f72f09bdc8
2f78e0df96f48eece9c0db612d8bdf7d03a314b304fc37f93e6fe1083ba11611
35211f76c4c35c17f2649b96868c0d691f1d78b107f7635d22619948d0ee6880
35a3d6fea2f1374b6e3c6aa84fcd728c786ae5e88efd8852d76356040d442473
3ea6781ec4d04de9dd081bc1141ea4404a796010f7e03b07ebd9c5654d8573e0
411a206884c2b850d089f656647e6d82341e2f47c6a74ca0cb070c2aa802ef7c
4a9b594ca8257d5fbd03c09218a9d5c40f8e1a05a9822409a20f2bdde862c695
4d7b01c2f6043bcee83a33d0f627dc6fbc27dc8aeb5bdd5d863e84304b512ef3
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
61c8aa36e474ad8fedab9a601c1b96c99a371bd5693714065d25385491442ee3
6375ab53676c688ccb3e28ce9a511a87c810618100cbdc4f6740d06b18171e78
64ae8a57b297a2702fd2cbd26944b2f9538af5723dd6a5017e05c9b4a4c8e102
70e7960998ae22ad4e8ce45b5b94d55fb9a79c4c5fda4f55fbe557516cfe71b5
762ad81ce4c3cd8c5dd0d27e92eb5ead4c2987a05ea4d0456c0dca85e7389258
8ec07a8dfc71ada312bac8f2be4a67a5dfbbcaadb3d6941913132aa8c088b469
9c1af1d57262b5277e2853dd082e4743e405077e420cb8de7bd0750ea5996ec9
9c72ee97ace51686d4d8b3c82b60a73593887bd44d707418db9918aaa1028ddb
ae5003545ac514b5fd86ecd9eaeb0db79b3093be90e8917e1b8a3b5a20759543
bd6a377fb644d95d52e81a6f0785c7d40cad9840daa8100b1d43039c3216241d
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c6bdda35b04862bf5ed7bbf792b41eefa3abcbc06120521ee2a4b4d860d46783
c87516d7dd7077edd467f5b7b085b035cd4803ecf049670ab19de004e270aba8
d3fb5ea6dce2c5f2845976f3c33e8d8c64500c78196fecdc93bd4297a3b4035a
d5d00ecb9c3653b408e8428d2b615f4894ba8feaaa6a54ee615da9206305af79
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f51ae227d465f408b004cfc8dc65a1adb7ca563464ba3b9f63c652f189f6e803
f9c6a25eeaa17f1cbce7d2fcfca504b747d9eaf732ec5158bb00dda642c6865d

www.microsoft.com Open in urlscan Pro 2a02:26f0:6c00:187::356e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

98 %HTTPS

87 %IPv6

8 Domains

13 Subdomains

14 IPs

3 Countries

1152 kBTransfer

4010 kBSize

3 Cookies

51 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.microsoft.com Open in urlscan Pro
2a02:26f0:6c00:187::356e Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

98 %
HTTPS

87 %
IPv6

8
Domains

13
Subdomains

14
IPs

3
Countries

1152 kB
Transfer

4010 kB
Size

3
Cookies

61 HTTP transactions
0 data transactions