msrc-blog.microsoft.com
Open in
urlscan Pro
40.122.65.162
Public Scan
Effective URL: https://msrc-blog.microsoft.com/2021/03/15/one-click-microsoft-exchange-on-premises-mitigation-tool-march-2021/?utm_source=phpLi...
Submission: On May 31 via api from SG
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 01 on May 27th 2021. Valid for: a year.
This is the only time msrc-blog.microsoft.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 202.55.81.249 202.55.81.249 | 18106 (VIEWQWEST...) (VIEWQWEST-SG-AP Viewqwest Pte Ltd) | |
11 | 40.122.65.162 40.122.65.162 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
11 | 1 |
ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG)
PTR: edm.care.net.sg
bc01.care.net.sg |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
msrc-blog.microsoft.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
microsoft.com
msrc-blog.microsoft.com |
334 KB |
1 |
care.net.sg
1 redirects
bc01.care.net.sg |
623 B |
11 | 2 |
Domain | Requested by | |
---|---|---|
11 | msrc-blog.microsoft.com |
msrc-blog.microsoft.com
|
1 | bc01.care.net.sg | 1 redirects |
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
msrc.microsoft.com |
portal.msrc.microsoft.com |
microsoft.com |
www.microsoft.com |
aka.ms |
docs.microsoft.com |
github.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
blog.msrc.microsoft.com Microsoft Azure TLS Issuing CA 01 |
2021-05-27 - 2022-05-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://msrc-blog.microsoft.com/2021/03/15/one-click-microsoft-exchange-on-premises-mitigation-tool-march-2021/?utm_source=phpList&utm_medium=email&utm_campaign=MICROSOFT+RECENT+ALERT+OF+EXCHANGE+SERVER+VULNERABILITY&utm_content=HTML
Frame ID: 17342DFED869D2C1D949E835759D65BC
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://bc01.care.net.sg/lt.php?tid=eE4ECQcLVl5QVR0GCABeTg0FClMeXA9WCRgFA1pbUAdRV19RXwpIVQpSCFVdAANOW...
HTTP 303
https://msrc-blog.microsoft.com/2021/03/15/one-click-microsoft-exchange-on-premises-mitigation-tool-march-20... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP (Programming Languages) Expand
Detected patterns
- url /\.php(?:$|\?)/i
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL (Databases) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
Windows Server (Operating Systems) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Report Security Vulnerability
Search URL Search Domain Scan URL
Title: Report Abuse
Search URL Search Domain Scan URL
Title: Security Update Guide
Search URL Search Domain Scan URL
Title: About MSRC
Search URL Search Domain Scan URL
Title: recent Exchange Server on-premises attacks
Search URL Search Domain Scan URL
Title: one-click mitigation tool
Search URL Search Domain Scan URL
Title: Microsoft Safety Scanner
Search URL Search Domain Scan URL
Title: GitHub
Search URL Search Domain Scan URL
Title: https://aka.ms/exchangevulns
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bc01.care.net.sg/lt.php?tid=eE4ECQcLVl5QVR0GCABeTg0FClMeXA9WCRgFA1pbUAdRV19RXwpIVQpSCFVdAANOW1JeAh5RAARYGA9WCgocUVMCXlEDDVIDUVwITVlVXlsOVVkBHlwBAgEYA1MPXxwLAQteHQUKAgUFBlFXDVRUUg
HTTP 303
https://msrc-blog.microsoft.com/2021/03/15/one-click-microsoft-exchange-on-premises-mitigation-tool-march-2021/?utm_source=phpList&utm_medium=email&utm_campaign=MICROSOFT+RECENT+ALERT+OF+EXCHANGE+SERVER+VULNERABILITY&utm_content=HTML Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
msrc-blog.microsoft.com/2021/03/15/one-click-microsoft-exchange-on-premises-mitigation-tool-march-2021/ Redirect Chain
|
85 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
msrc-blog.microsoft.com/wp-content/themes/astra/assets/css/minified/ |
77 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
msrc-blog.microsoft.com/wp-includes/css/dist/block-library/ |
57 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
astra-addon-609d8e0480f367-32112150.css
msrc-blog.microsoft.com/wp-content/uploads/astra-addon/ |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-emoji-release.min.js
msrc-blog.microsoft.com/wp-includes/js/ |
14 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.js
msrc-blog.microsoft.com/wp-content/themes/astra/assets/js/minified/ |
10 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
astra-addon-609d8e0487a8a1-15661087.js
msrc-blog.microsoft.com/wp-content/uploads/astra-addon/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wp-embed.min.js
msrc-blog.microsoft.com/wp-includes/js/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
astra.woff
msrc-blog.microsoft.com/wp-content/themes/astra/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image-28-1024x523.png
msrc-blog.microsoft.com/wp-content/uploads/2021/03/ |
263 KB 263 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
astra.ttf
msrc-blog.microsoft.com/wp-content/themes/astra/assets/fonts/ |
3 KB 3 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| astraAddon object| wp object| twemoji2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.msrc-blog.microsoft.com/ | Name: ARRAffinitySameSite Value: eb798fdc5860267277591591faa3c3bdc60006823b662571534a839f860146a8 |
|
.msrc-blog.microsoft.com/ | Name: ARRAffinity Value: eb798fdc5860267277591591faa3c3bdc60006823b662571534a839f860146a8 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bc01.care.net.sg
msrc-blog.microsoft.com
202.55.81.249
40.122.65.162
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
1ef0899dadf11eccd489e8aca5ef79eaf9c1caa00f9f1d4d8ad45ff1ed375ccf
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
4a499a94e37f7ec44fd2abd059ce6ac6d4bb99b0b4aa1925764b372abda90c3b
4c8eb350131819e5d4670f063bd56fe028ea97e5febcca94a069981f7333a1ad
5869fb41f83294671829a00a6dbbc3e3ab32794655e6d4a56a5261f54e7bb14a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
97e6b702954a7bb842cdd268a03d16a7847cf1f2b3897269a1dd495526155a3b
98a78744939189bce65c693e91f360439e488b0d074c56aa216f1ab9f5d11f9f
c3326eca3e04119400003592725c6a3c116ea221a7b3c581b8f92f789d71e4e8