msrc-blog.microsoft.com Open in urlscan Pro
40.122.65.162 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.msgapp.com/jc.aspx?d=GWGMW3UCIAMENX7F35RHJZAORFE23XEEEJFMLEHOMC4FMBTBXBUGR6XOTVGVPZZMZ3372AAGTWLSLJAIZIFPAB...
Effective URL:
https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/
Submission: On January 11 via manual (January 11th 2021, 7:10:55 pm UTC) from US

Summary HTTP 10 Redirects Links 29 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 40.122.65.162, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is msrc-blog.microsoft.com.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 05 on October 13th 2020. Valid for: a year.

This is the only time msrc-blog.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 1	52.2.89.141 52.2.89.141		14618 (AMAZON-AES) (AMAZON-AES)
10	40.122.65.162 40.122.65.162		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	1

1 52.2.89.141 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-89-141.compute-1.amazonaws.com

www.msgapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 40.122.65.162 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

msrc-blog.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	microsoft.com msrc-blog.microsoft.com	69 KB
1	msgapp.com 1 redirects www.msgapp.com	728 B
10	2

	Domain	Requested by
10	msrc-blog.microsoft.com	msrc-blog.microsoft.com
1	www.msgapp.com	1 redirects
10	2

This site contains links to these domains. Also see Links.

Domain
msrc.microsoft.com
portal.msrc.microsoft.com
microsoft.com
aka.ms
blogs.microsoft.com
www.fireeye.com
techcommunity.microsoft.com
www.microsoft.com
securitycenter.windows.com
nam06.safelinks.protection.outlook.com
docs.microsoft.com
support.microsoft.com
fasttrack.microsoft.com
www.solarwinds.com
us-cert.cisa.gov

Subject Issuer	Validity	Valid
blog.msrc.microsoft.com Microsoft Azure TLS Issuing CA 05	`2020-10-13` - `2021-10-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/
Frame ID: 0E266055F91F045B3D0008094018D4E1
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Solorigate Resource Center – updated December 31st, 2020 – Microsoft Security Response Center

Page URL History Show full URLs

http://www.msgapp.com/jc.aspx?d=GWGMW3UCIAMENX7F35RHJZAORFE23XEEEJFMLEHOMC4FMBTBXBUGR6XOTVGVPZZMZ3... HTTP 302
https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
url /\.aspx?(?:$|\?)/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

69 kB
Transfer

279 kB
Size

2
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://msrc.microsoft.com/create-report
Title: Report Security Vulnerability

Search URL Search Domain Scan URL

URL: https://portal.msrc.microsoft.com/en-us/engage/cars
Title: Report Abuse

Search URL Search Domain Scan URL

URL: https://portal.msrc.microsoft.com/
Title: Security Update Guide

Search URL Search Domain Scan URL

URL: https://microsoft.com/msrc
Title: About MSRC

Search URL Search Domain Scan URL

URL: https://aka.ms/solorigate
Title: https://aka.ms/solorigate

Search URL Search Domain Scan URL

URL: https://blogs.microsoft.com/on-the-issues/2020/12/17/cyberattacks-cybersecurity-solarwinds-fireeye/
Title: A moment of reckoning: the need for a strong and global cybersecurity response

Search URL Search Domain Scan URL

URL: https://blogs.microsoft.com/on-the-issues/2020/12/13/customers-protect-nation-state-cyberattacks/
Title: Important steps for customers to protect themselves from recent nation-state cyberattacks – Microsoft On the Issues

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html
Title: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor

Search URL Search Domain Scan URL

URL: https://aka.ms/detect_solorigate
Title: https://aka.ms/detect_solorigate

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/azure-active-directory-identity/azure-ad-workbook-to-help-you-assess-solorigate-risk/ba-p/2010718
Title: Azure AD workbook to help you assess Solorigate risk

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/azure-active-directory-identity/understanding-quot-solorigate-quot-s-identity-iocs-for-identity/ba-p/2007610
Title: Understanding “Solorigate”‘s Identity IOCs – for Identity Vendors and their customers

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2020/12/21/advice-for-incident-responders-on-recovery-from-systemic-identity-compromises/
Title: Advice for incident responders on recovery from systemic identity compromises

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/
Title: Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/azure-sentinel/solarwinds-post-compromise-hunting-with-azure-sentinel/ba-p/1995095
Title: SolarWinds Post-Compromise Hunting with Azure Sentinel

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/iot-security/latest-threat-intelligence-15-december-2020-fireeye-and/m-p/1999394
Title: Latest Threat Intelligence for Azure Defender for IoT

Search URL Search Domain Scan URL

URL: https://securitycenter.windows.com/threatanalytics3/2b74f636-146e-48dd-94f6-5cb5132467ca/overview
Title: Threat Analytics article

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/azure-active-directory-identity/protecting-microsoft-365-from-on-premises-attacks/ba-p/1751754
Title: protect Microsoft 365 from on-premises attacks

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2020/12/15/ensuring-customers-are-protected-from-solorigate/
Title: Ensure customers are protected from Solorigate

Search URL Search Domain Scan URL

URL: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fsecurity%2F&data=04%7C01%7CDaniel.Simpson%40microsoft.com%7C17d17fb4a2eb4cbec94d08d8a60d808b%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637441924247553107%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=s0c7w%2B27CowRln9io%2Frw3z4XgsUw988GJMHAXnDKlIo%3D&reserved=0
Title: https://docs.microsoft.com/security/

Search URL Search Domain Scan URL

URL: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fsecurity%2F&data=04%7C01%7CDaniel.Simpson%40microsoft.com%7C17d17fb4a2eb4cbec94d08d8a60d808b%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637441924247503328%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=ceUnIXTwiR02VusxM1ZMp3aH%2BkV3tdW8nAd49yu3euQ%3D&reserved=0
Title: https://docs.microsoft.com/azure/security/

Search URL Search Domain Scan URL

URL: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fazure%2Fsentinel%2F&data=04%7C01%7CDaniel.Simpson%40microsoft.com%7C17d17fb4a2eb4cbec94d08d8a60d808b%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637441924247513282%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IccezWfsgh7xIWjgvWKpwOy6LXIBXl8AgO25u4phS9c%3D&reserved=0
Title: https://docs.microsoft.com/azure/sentinel/

Search URL Search Domain Scan URL

URL: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fmicrosoft-365%2Fsecurity%2F&data=04%7C01%7CDaniel.Simpson%40microsoft.com%7C17d17fb4a2eb4cbec94d08d8a60d808b%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637441924247543149%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=ZmU1dbnMEJLiAHuPSnCUhgmomuv7z%2Bq1ICzlFWuUJJY%3D&reserved=0
Title: https://docs.microsoft.com/microsoft-365/security/

Search URL Search Domain Scan URL

URL: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fwindows%2Fsecurity%2F&data=04%7C01%7CDaniel.Simpson%40microsoft.com%7C17d17fb4a2eb4cbec94d08d8a60d808b%7C72f988bf86f141af91ab2d7cd011db47%7C0%7C0%7C637441924247543149%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=FzEiMVtt1bJOnKwLeDzt4DnGkFT%2Bd3kAAn6xP3rYS6Y%3D&reserved=0
Title: https://docs.microsoft.com/windows/security/

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/cloud-app-security/
Title: https://docs.microsoft.com/cloud-app-security/

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/contactus
Title: https://support.microsoft.com/contactus

Search URL Search Domain Scan URL

URL: https://fasttrack.microsoft.com/
Title: https://fasttrack.microsoft.com

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/products-and-services/2020/12/global-intrusion-campaign-leverages-software-supply-chain-compromise.html
Title: Global Intrusion Campaign Leverages Software Supply Chain Compromise

Search URL Search Domain Scan URL

URL: https://www.solarwinds.com/securityadvisory
Title: SolarWinds Advisory

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/alerts/aa20-352a
Title: https://us-cert.cisa.gov/ncas/alerts/aa20-352a

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.msgapp.com/jc.aspx?d=GWGMW3UCIAMENX7F35RHJZAORFE23XEEEJFMLEHOMC4FMBTBXBUGR6XOTVGVPZZMZ3372AAGTWLSLJAIZIFPABF2E2UZFRUUQAXAXIWIFQAV2EGUFUXYWLDZQAHAQVUQGN7OOSO3234ZVVCN6VUJVJGN32DHEWHDA5Q4DQECHXR7QP3A37AODTU3BPQYUCZX7CYNHBJH2FUQZY6Y6DIWROA6TXPPWO6ZG2TID3FDOWHNH7VV77ZJKWR3CAPBTF5CUJ7FXUQ3OFPBIVYWRUWJWO7DYA7NCEBV5ZZZGXNKZBZYFLEPSNIOYPRN53UR7HHDI2ORGEUZ3E6KKZVU6RMON3TZDEXFE57DKSVFZF5Q3TW6B5YP HTTP 302
https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Redirect Chain http://www.msgapp.com/jc.aspx?d=GWGMW3UCIAMENX7F35RHJZAORFE23XEEEJFMLEHOMC4FMBTBXBUGR6XOTVGVPZZMZ3372AAGTWLSLJAIZIFPABF2E2UZFRUUQAXAXIWIFQAV2EGUFUXYWLDZQAHAQVUQGN7OOSO3234ZVVCN6VUJVJGN32DHEWHDA5Q4D... https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/	89 KB 22 KB	1573ms 1105ms	Document text/html	40.122.65.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.122.65.162 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / PHP/7.4.11 ASP.NET Resource Hash `cacbee602d0291b5b9cc98525c2127c56e4eae5336dc139f647e142dc487ed61` Request headers Host msrc-blog.microsoft.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 21995 Content-Type text/html; charset=UTF-8 Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/10.0 X-Powered-By PHP/7.4.11 ASP.NET Link <https://msrc-blog.microsoft.com/wp-json/>; rel="https://api.w.org/" <https://msrc-blog.microsoft.com/wp-json/wp/v2/posts/12515>; rel="alternate"; type="application/json" <https://msrc-blog.microsoft.com/?p=12515>; rel=shortlink Set-Cookie ARRAffinity=076a7fe9c379d2061e74fbdd188c1f548d31c79559f23ef52c1fed5d7712a624;Path=/;HttpOnly;Secure;Domain=msrc-blog.microsoft.com ARRAffinitySameSite=076a7fe9c379d2061e74fbdd188c1f548d31c79559f23ef52c1fed5d7712a624;Path=/;HttpOnly;SameSite=None;Secure;Domain=msrc-blog.microsoft.com Date Mon, 11 Jan 2021 19:10:36 GMT Redirect headers Access-Control-Allow-Methods GET,POST,OPTIONS Access-Control-Allow-Origin * Cache-Control private Content-Type text/html; charset=utf-8 Date Mon, 11 Jan 2021 19:10:35 GMT Location https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ P3P CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" Server nginx/1.18.0 Set-Cookie ASP.NET_SessionId=eh0blwad5upk04ohkizskmjf; path=/; HttpOnly; SameSite=Lax Recipient=101293683; domain=.msgapp.com; expires=Fri, 11-May-2029 19:10:35 GMT; path=/ X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET X-Proxy-Server-For msgapp-production Content-Length 206 Connection keep-alive
GET H/1.1	200 OK	style.min.css msrc-blog.microsoft.com/wp-content/themes/astra/assets/css/minified/	86 KB 20 KB	384ms 261ms	Stylesheet text/css	40.122.65.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://msrc-blog.microsoft.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=2.6.2 Requested by Host: msrc-blog.microsoft.com URL: https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.122.65.162 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `62c2aafc4d87c9187996f40a2f23df9710d98ade7366818aedc6233acfe97614` Request headers Referer https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 11 Jan 2021 19:10:36 GMT Content-Encoding gzip ETag "cbd5aad4b5d8d61:0" Last-Modified Tue, 22 Dec 2020 22:57:32 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 20569
GET H/1.1	200 OK	style.min.css msrc-blog.microsoft.com/wp-includes/css/dist/block-library/	50 KB 8 KB	436ms 148ms	Stylesheet text/css	40.122.65.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://msrc-blog.microsoft.com/wp-includes/css/dist/block-library/style.min.css?ver=96bfb56d8f3e2205c9643f332f47647a Requested by Host: msrc-blog.microsoft.com URL: https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.122.65.162 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981` Request headers Referer https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 11 Jan 2021 19:10:36 GMT Content-Encoding gzip ETag "801b6e7589ced61:0" Last-Modified Thu, 10 Dec 2020 00:14:43 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 7808
GET H/1.1	200 OK	astra-addon-5fe27966e24d52-06616509.css msrc-blog.microsoft.com/wp-content/uploads/astra-addon/	23 KB 4 KB	582ms 191ms	Stylesheet text/css	40.122.65.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://msrc-blog.microsoft.com/wp-content/uploads/astra-addon/astra-addon-5fe27966e24d52-06616509.css?ver=2.7.2 Requested by Host: msrc-blog.microsoft.com URL: https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.122.65.162 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `495b23f6426c5d43a9bfc3ec7b02c0d848ed45711b43fb0a9930305e2387d508` Request headers Referer https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 11 Jan 2021 19:10:37 GMT Content-Encoding gzip ETag "aefebe8eb5d8d61:0" Last-Modified Tue, 22 Dec 2020 22:55:34 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Accept-Ranges bytes Content-Length 3827
GET H/1.1	200 OK	wp-emoji-release.min.js Show response msrc-blog.microsoft.com/wp-includes/js/	14 KB 5 KB	621ms 159ms	Script application/x-javascript	40.122.65.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://msrc-blog.microsoft.com/wp-includes/js/wp-emoji-release.min.js?ver=96bfb56d8f3e2205c9643f332f47647a Requested by Host: msrc-blog.microsoft.com URL: https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.122.65.162 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4` Request headers Referer https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 11 Jan 2021 19:10:37 GMT Content-Encoding gzip ETag "066cb7a89ced61:0" Last-Modified Thu, 10 Dec 2020 00:14:52 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Accept-Ranges bytes Content-Length 4649
GET H/1.1	200 OK	style.min.js Show response msrc-blog.microsoft.com/wp-content/themes/astra/assets/js/minified/	10 KB 4 KB	480ms 166ms	Script application/x-javascript	40.122.65.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://msrc-blog.microsoft.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=2.6.2 Requested by Host: msrc-blog.microsoft.com URL: https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.122.65.162 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `758af520af740958167ad867622e499b689a3299fa395f5697ad775f8b9ae4ea` Request headers Referer https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 11 Jan 2021 19:10:37 GMT Content-Encoding gzip ETag "3d8131d5b5d8d61:0" Last-Modified Tue, 22 Dec 2020 22:57:33 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Accept-Ranges bytes Content-Length 3473
GET H/1.1	200 OK	astra-addon-5fe27965977489-96409158.js Show response msrc-blog.microsoft.com/wp-content/uploads/astra-addon/	2 KB 1 KB	525ms 167ms	Script application/x-javascript	40.122.65.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://msrc-blog.microsoft.com/wp-content/uploads/astra-addon/astra-addon-5fe27965977489-96409158.js?ver=2.7.2 Requested by Host: msrc-blog.microsoft.com URL: https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.122.65.162 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `a0d544de4c91c30690c6274fbe310631a1b98906f5aceab84d4f71ebec3de9ba` Request headers Referer https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 11 Jan 2021 19:10:37 GMT Content-Encoding gzip ETag "fdd5f78db5d8d61:0" Last-Modified Tue, 22 Dec 2020 22:55:33 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Accept-Ranges bytes Content-Length 1127
GET H/1.1	200 OK	wp-embed.min.js Show response msrc-blog.microsoft.com/wp-includes/js/	1 KB 1 KB	504ms 143ms	Script application/x-javascript	40.122.65.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://msrc-blog.microsoft.com/wp-includes/js/wp-embed.min.js?ver=96bfb56d8f3e2205c9643f332f47647a Requested by Host: msrc-blog.microsoft.com URL: https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.122.65.162 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0` Request headers Referer https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 11 Jan 2021 19:10:37 GMT Content-Encoding gzip ETag "4c95c0e22ed61:0" Last-Modified Thu, 09 Apr 2020 00:07:41 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/x-javascript Accept-Ranges bytes Content-Length 969
GET H/1.1	404 Not Found	astra.woff msrc-blog.microsoft.com/wp-content/themes/astra/assets/fonts/	0 0	155ms 155ms	Font text/html	40.122.65.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://msrc-blog.microsoft.com/wp-content/themes/astra/assets/fonts/astra.woff Requested by Host: msrc-blog.microsoft.com URL: https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.122.65.162 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash Request headers Origin https://msrc-blog.microsoft.com Referer https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 11 Jan 2021 19:10:37 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET Content-Length 103 Content-Type text/html
GET H/1.1	200 OK	astra.ttf msrc-blog.microsoft.com/wp-content/themes/astra/assets/fonts/	3 KB 3 KB	172ms 171ms	Font application/octet-stream	40.122.65.162 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://msrc-blog.microsoft.com/wp-content/themes/astra/assets/fonts/astra.ttf Requested by Host: msrc-blog.microsoft.com URL: https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.122.65.162 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `c3326eca3e04119400003592725c6a3c116ea221a7b3c581b8f92f789d71e4e8` Request headers Origin https://msrc-blog.microsoft.com Referer https://msrc-blog.microsoft.com/2020/12/21/december-21st-2020-solorigate-resource-center/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 11 Jan 2021 19:10:37 GMT Last-Modified Tue, 22 Dec 2020 22:57:32 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "5a7dd5b5d8d61:0" Content-Type application/octet-stream Accept-Ranges bytes Content-Length 3228

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| bodyElement object| astraAddon object| wp object| button object| menu object| links object| subMenus number| len object| twemoji

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.msrc-blog.microsoft.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 076a7fe9c379d2061e74fbdd188c1f548d31c79559f23ef52c1fed5d7712a624
			.msrc-blog.microsoft.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 076a7fe9c379d2061e74fbdd188c1f548d31c79559f23ef52c1fed5d7712a624

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

msrc-blog.microsoft.com
www.msgapp.com
40.122.65.162
52.2.89.141
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
495b23f6426c5d43a9bfc3ec7b02c0d848ed45711b43fb0a9930305e2387d508
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
62c2aafc4d87c9187996f40a2f23df9710d98ade7366818aedc6233acfe97614
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
758af520af740958167ad867622e499b689a3299fa395f5697ad775f8b9ae4ea
a0d544de4c91c30690c6274fbe310631a1b98906f5aceab84d4f71ebec3de9ba
c3326eca3e04119400003592725c6a3c116ea221a7b3c581b8f92f789d71e4e8
cacbee602d0291b5b9cc98525c2127c56e4eae5336dc139f647e142dc487ed61