www.microsoft.com Open in urlscan Pro
2a02:26f0:6c00:187::356e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
Submission: On April 18 via api (April 18th 2023, 6:39:17 pm UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Links 56 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 50 HTTP transactions. The main IP is 2a02:26f0:6c00:187::356e, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.microsoft.com. The Cisco Umbrella rank of the primary domain is 329.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 06 on October 4th 2022. Valid for: a year.

This is the only time www.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2a02:26f0:6c0... 2a02:26f0:6c00:187::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:350... 2a02:26f0:3500:585::2957	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:4f:1... 2620:1ec:4f:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2.16.186.89 2.16.186.89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:1494	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:350... 2a02:26f0:3500:594::356e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2603:1027:1:d... 2603:1027:1:d8::4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	192.229.221.185 192.229.221.185	15133 (EDGECAST) (EDGECAST)
4	51.104.15.252 51.104.15.252	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
50	11

26 2a02:26f0:6c00:187::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:585::2957 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.onestore.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

wcpstatic.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.89 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-89.deploy.static.akamaitechnologies.com

statics-marketingsites-eus-ms-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mem.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1494 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img-prod-cms-rt-microsoft-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:594::356e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:1027:1:d8::4 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.185 (United States)

ASN15133 (EDGECAST, US)

logincdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.104.15.252 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	microsoft.com www.microsoft.com — Cisco Umbrella Rank: 329 wcpstatic.microsoft.com — Cisco Umbrella Rank: 7957 browser.events.data.microsoft.com — Cisco Umbrella Rank: 378	870 KB
5	s-microsoft.com c.s-microsoft.com — Cisco Umbrella Rank: 9604	147 KB
4	gfx.ms mem.gfx.ms — Cisco Umbrella Rank: 4553	60 KB
3	akamaized.net statics-marketingsites-eus-ms-com.akamaized.net — Cisco Umbrella Rank: 25856 img-prod-cms-rt-microsoft-com.akamaized.net — Cisco Umbrella Rank: 1326	8 KB
3	onestore.ms assets.onestore.ms — Cisco Umbrella Rank: 26581	211 KB
2	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 3331	102 KB
1	msftauth.net logincdn.msftauth.net — Cisco Umbrella Rank: 6235	6 KB
1	live.com login.live.com — Cisco Umbrella Rank: 61	7 KB
50	8

	Domain	Requested by
26	www.microsoft.com	www.microsoft.com
5	c.s-microsoft.com	assets.onestore.ms
4	browser.events.data.microsoft.com	js.monitor.azure.com
4	mem.gfx.ms	www.microsoft.com mem.gfx.ms
3	assets.onestore.ms	www.microsoft.com
2	img-prod-cms-rt-microsoft-com.akamaized.net	www.microsoft.com
2	js.monitor.azure.com	www.microsoft.com mem.gfx.ms
1	logincdn.msftauth.net	login.live.com
1	login.live.com	mem.gfx.ms
1	statics-marketingsites-eus-ms-com.akamaized.net	www.microsoft.com
1	wcpstatic.microsoft.com	www.microsoft.com
50	11

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
aka.ms
www.bing.com
azure.microsoft.com
github.com
customers.microsoft.com
events.microsoft.com
techcommunity.microsoft.com
docs.microsoft.com
servicetrust.microsoft.com
dynamics.microsoft.com
partner.microsoft.com
about.ads.microsoft.com
azuremarketplace.microsoft.com
appsource.microsoft.com
blogs.microsoft.com
developer.microsoft.com
learn.microsoft.com
twitter.com
www.linkedin.com
facebook.com
account.microsoft.com
education.microsoft.com
powerplatform.microsoft.com
visualstudio.microsoft.com
careers.microsoft.com
news.microsoft.com
privacy.microsoft.com
support.microsoft.com
choice.microsoft.com

Subject Issuer	Validity	Valid
www.microsoft.com Microsoft Azure TLS Issuing CA 06	`2022-10-04` - `2023-09-29`	a year	crt.sh
wildcard.onestore.ms Microsoft Azure TLS Issuing CA 05	`2022-09-22` - `2023-09-17`	a year	crt.sh
wcpstatic.microsoft.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-06` - `2023-12-06`	a year	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 01	`2023-03-23` - `2024-03-17`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 06	`2023-03-31` - `2024-03-25`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2023-03-30` - `2024-03-30`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2023-03-08` - `2024-03-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
Frame ID: D9D56156C39667F96721F3EA1C6E3750
Requests: 48 HTTP requests in this frame

Frame: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=c533fd1c-6a3f-48ff-1915-fd70394be6ee&partnerId=mssecurity
Frame ID: D2EF1A969F1BBF8158B7136FFD95BA7C
Requests: 2 HTTP requests in this frame

Frame: https://mem.gfx.ms/me/mecache?partner=mssecurity&wreply=https%3A%2F%2Fwww.microsoft.com
Frame ID: 3EE452BAA08BE73E2BB920794D39B903
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft shifts to a new threat actor naming taxonomy - Microsoft Security BlogtwitterCalifornia Consumer Privacy Act (CCPA) Opt-Out Icon

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

50
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

1413 kB
Transfer

3649 kB
Size

8
Cookies

56 Outgoing links

These are links going to different origins than the main page.

URL: https://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://aka.ms/3rdpartycookies
Title: Third-Party Cookies

Search URL Search Domain Scan URL

URL: https://www.bing.com/new?form=MI13IO&OCID=MI13IO&pc=U710
Title: Learn more

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/services/key-vault/
Title: Azure Key Vault

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/services/azure-firewall/
Title: Azure Firewall

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/services/web-application-firewall/
Title: Azure Web App Firewall

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/services/ddos-protection/
Title: Azure DDoS Protection

Search URL Search Domain Scan URL

URL: https://github.com/features/security
Title: GitHub Advanced Security

Search URL Search Domain Scan URL

URL: https://customers.microsoft.com/en-us/search?sq=Microsoft%20Security&ff=&p=0&so=story_publish_date%20desc
Title: Customer stories

Search URL Search Domain Scan URL

URL: https://events.microsoft.com/en-us/allevents/?language=English&clientTimeZone=1&search=security
Title: Microsoft Security Events

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/security-compliance-and-identity/ct-p/MicrosoftSecurityandCompliance
Title: Microsoft Tech Community

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/security/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/learn/topics/sci?wt.mc_id=techcom_header-webpage-m365
Title: Training & certifications

Search URL Search Domain Scan URL

URL: https://aka.ms/underattack
Title: Under attack?

Search URL Search Domain Scan URL

URL: https://servicetrust.microsoft.com/
Title: Service Trust Portal

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/
Title: Azure

Search URL Search Domain Scan URL

URL: https://dynamics.microsoft.com/en-us/
Title: Dynamics 365

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/solutions/space/
Title: Azure Space

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/solutions/quantum-computing/
Title: Quantum computing

Search URL Search Domain Scan URL

URL: https://partner.microsoft.com/en-US/
Title: Find a partner

Search URL Search Domain Scan URL

URL: https://partner.microsoft.com/en-US/membership/cloud-solution-provider
Title: Become a partner

Search URL Search Domain Scan URL

URL: https://partner.microsoft.com/en-us/membership
Title: Partner Network

Search URL Search Domain Scan URL

URL: https://about.ads.microsoft.com/en-us/resources/microsoft-advertising-partner-program/microsoft-advertising-partner-program
Title: Find an advertising partner

Search URL Search Domain Scan URL

URL: https://about.ads.microsoft.com/en-us/partners/welcome?s_cid=en-us-gct-web-src_ext-sub_0-flx_uhfcombepartner
Title: Become an advertising partner

Search URL Search Domain Scan URL

URL: https://azuremarketplace.microsoft.com/en-us/
Title: Azure Marketplace

Search URL Search Domain Scan URL

URL: https://appsource.microsoft.com/en-us/
Title: AppSource

Search URL Search Domain Scan URL

URL: https://blogs.microsoft.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://about.ads.microsoft.com/en-us?s_cid=dig-src_uhfcomm
Title: Microsoft Advertising

Search URL Search Domain Scan URL

URL: https://developer.microsoft.com/en-us/
Title: Developer Center

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/docs/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/
Title: Microsoft Learn

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet/?text=Microsoft%20shifts%20to%20a%20new%20threat%20actor%20naming%20taxonomy&url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fblog%2F2023%2F04%2F18%2Fmicrosoft-shifts-to-a-new-threat-actor-naming-taxonomy%2F
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fblog%2F2023%2F04%2F18%2Fmicrosoft-shifts-to-a-new-threat-actor-naming-taxonomy%2F&title=Microsoft%20shifts%20to%20a%20new%20threat%20actor%20naming%20taxonomy&source=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fblog%2F2023%2F04%2F18%2Fmicrosoft-shifts-to-a-new-threat-actor-naming-taxonomy%2F
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fblog%2F2023%2F04%2F18%2Fmicrosoft-shifts-to-a-new-threat-actor-naming-taxonomy%2F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://aka.ms/threatactors
Title: https://aka.ms/threatactors

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/microsoft-defender-threat/what-s-new-intel-profiles-deliver-crucial-information-context/ba-p/3780076
Title: Intel Profiles

Search URL Search Domain Scan URL

URL: https://aka.ms/threatintelblog
Title: https://aka.ms/threatintelblog

Search URL Search Domain Scan URL

URL: https://twitter.com/@MSFTSecurity
Title: @MSFTSecurity

Search URL Search Domain Scan URL

URL: https://account.microsoft.com/
Title: Account profile

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2139749
Title: Microsoft Store support

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/p/?LinkID=824764&clcid=0x409
Title: Returns

Search URL Search Domain Scan URL

URL: https://account.microsoft.com/orders
Title: Order tracking

Search URL Search Domain Scan URL

URL: https://education.microsoft.com/
Title: Educator training and development

Search URL Search Domain Scan URL

URL: https://azure.microsoft.com/en-us/free/students/
Title: Azure for students

Search URL Search Domain Scan URL

URL: https://powerplatform.microsoft.com/en-us/
Title: Microsoft Power Platform

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/
Title: Microsoft Tech Community

Search URL Search Domain Scan URL

URL: https://visualstudio.microsoft.com/
Title: Visual Studio

Search URL Search Domain Scan URL

URL: https://careers.microsoft.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://news.microsoft.com/
Title: Company news

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-us
Title: Privacy at Microsoft

Search URL Search Domain Scan URL

URL: https://aka.ms/yourcaliforniaprivacychoices
Title: California Consumer Privacy Act (CCPA) Opt-Out Icon Your California Privacy Choices

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/contactus
Title: Contact Microsoft

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?LinkID=206977
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2196228
Title: Trademarks

Search URL Search Domain Scan URL

URL: https://go.microsoft.com/fwlink/?linkid=2196227
Title: Safety & eco

Search URL Search Domain Scan URL

URL: https://choice.microsoft.com/
Title: About our ads

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/ 184 KB
33 KB 872ms
416ms Document
text/html 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c45ede9a71f233477aed6110a50ea9dd38e933c8a5ca47df9665d1421c1e2991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600
content-encoding: gzip
content-length: 33604
content-type: text/html; charset=utf-8
date: Tue, 18 Apr 2023 18:39:12 GMT
expires: Tue, 18 Apr 2023 18:49:11 GMT
link: <https://www.microsoft.com/en-us/security/blog/wp-json/>; rel="https://api.w.org/" <https://www.microsoft.com/en-us/security/blog/wp-json/wp/v2/posts/127276>; rel="alternate"; type="application/json" <https://www.microsoft.com/en-us/security/blog/?p=127276>; rel=shortlink
ms-cv: CASMicrosoftCV30bf2b1d.0
ms-cv-esi: CASMicrosoftCV30bf2b1d.0
strict-transport-security: max-age=31536000
tls_version: tls1.3
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-rtag: RT

GET
H2 200 style.min.css
www.microsoft.com/en-us/security/blog/wp-includes/css/dist/block-library/ 95 KB
13 KB 432ms
432ms Stylesheet
text/css 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/css/dist/block-library/style.min.css?ver=6.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 10 Mar 2023 00:22:37 GMT
x-rtag: RT
etag: "17ced-5f680c224ed40-gzip"
vary: Accept-Encoding
content-type: text/css
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2d56.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2d56.0
content-length: 12736
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 classic-themes.min.css
www.microsoft.com/en-us/security/blog/wp-includes/css/ 291 B
487 B 437ms
436ms Stylesheet
text/css 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/css/classic-themes.min.css?ver=6.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 13 Feb 2023 20:50:19 GMT
x-rtag: RT
etag: "123-5f49afeb578c0-gzip"
vary: Accept-Encoding
content-type: text/css
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2dcb.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2dcb.0
content-length: 210
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 styles.css
www.microsoft.com/en-us/security/blog/wp-content/plugins/wds-ms-inline-interruption-styles-officeblogs/css/ 10 KB
4 KB 438ms
437ms Stylesheet
text/css 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/plugins/wds-ms-inline-interruption-styles-officeblogs/css/styles.css?ver=1681843151

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b201ab52de2c92539f7a276b6cf170b1bdf0f3705f1b6ab9597517d030afefe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 17:23:30 GMT
x-rtag: RT
etag: "29a7-5f912c0078880-gzip"
vary: Accept-Encoding
content-type: text/css
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2dcc.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2dcc.0
content-length: 3910
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.microsoft.com/en-us/security/blog/wp-includes/js/ 18 KB
5 KB 245ms
243ms Script
application/javascript 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/js/wp-emoji-release.min.js?ver=6.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
x-rtag: RT
etag: "4904-5f3acfe01ab40-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2eca.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2eca.0
content-length: 5039
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 mwf-west-european-default.min.css
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/ 581 KB
71 KB 114ms
26ms Stylesheet
text/css 2a02:26f0:3500:585::2957
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:585::2957 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

4919e80f038d2b93f1184d1733ac35009643481735c7bc7aa31d8b56e118fc04

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Thu, 01 Feb 2018 02:22:19 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: QshXRY8/Osc4oVEHlL0Pbw==
etag: "0x8D5691A9EA468B4"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=900
accept-ranges: bytes
content-length: 71704
x-ms-lease-state: available

GET
H2 200 style.css
www.microsoft.com/en-us/security/blog/wp-content/themes/ms_s/ 342 B
516 B 423ms
422ms Stylesheet
text/css 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms_s/style.css?ver=1681233905

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f174b3ce00dc0ef25fe0867dae1da92a595c50f730dbe2cd1fd7f29546034e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 17:23:30 GMT
x-rtag: RT
etag: "156-5f912c0078880-gzip"
vary: Accept-Encoding
content-type: text/css
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2dcd.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2dcd.0
content-length: 238
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 style.min.css
www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/ 69 KB
14 KB 407ms
407ms Stylesheet
text/css 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/style.min.css?ver=1681233905

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3f9133661081aceb9b5e1e10aa17a87e4b7db93609497be50b677477fb5a050c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 17:25:05 GMT
x-rtag: RT
etag: "113bd-5f912c5b11e40-gzip"
vary: Accept-Encoding
content-type: text/css
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2dce.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2dce.0
content-length: 13558
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 wcp-consent.js Show response
wcpstatic.microsoft.com/mscc/lib/v2/ 273 KB
80 KB 109ms
29ms Script
application/javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
content-md5: X1JOIM5h9UISVFS6+GfEew==
age: 20973
x-cache: CONFIG_NOCACHE
content-length: 81726
x-ms-lease-status: unlocked
last-modified: Wed, 24 Aug 2022 17:34:36 GMT
etag: 0x8DA85F6EA62BF74
vary: Accept-Encoding
x-azure-ref: 20230418T183912Z-9ftgs7aqrx67me8q0a5v1fbxws00000005r000000001rmpp
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 37e093df-e01e-0059-78f4-712753000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 jquery.min.js Show response
www.microsoft.com/en-us/security/blog/wp-includes/js/jquery/ 88 KB
31 KB 407ms
406ms Script
application/javascript 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Mar 2023 18:37:33 GMT
x-rtag: RT
etag: "15ed7-5f667d23f9540-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2dcf.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2dcf.0
content-length: 31049
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.microsoft.com/en-us/security/blog/wp-includes/js/jquery/ 13 KB
5 KB 407ms
406ms Script
application/javascript 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 06 Feb 2023 20:59:15 GMT
x-rtag: RT
etag: "3470-5f40e4dc48ec0-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2dd1.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2dd1.0
content-length: 4795
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 mwf-main.var.min.js Show response
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/ 302 KB
70 KB 100ms
13ms Script
application/x-javascript 2a02:26f0:3500:585::2957
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/mwf-main.var.min.js?ver=v1.23.2+5182151

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:585::2957 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

b1d83c2d49c49ea38d578afa752aaec44a86d069d6ce2d54460e2612fc31a102

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff, nosniff
last-modified: Thu, 01 Feb 2018 02:22:29 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: FuF99EJdzMvbQQjP24cb+Q==
etag: "0x8D5691AA4A90431"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=900
accept-ranges: bytes
content-length: 71185
x-ms-lease-state: available

GET
H2 200 ms.analytics-web-3.min.js Show response
js.monitor.azure.com/scripts/c/ 136 KB
61 KB 70ms
13ms Script
text/javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8a13eda4650628c3b24edd6b407cfedf1821188701430545bc17ccf7fe0083ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: br
x-ms-meta-jssdkver: 3.2.9
last-modified: Tue, 21 Feb 2023 18:31:48 GMT
x-ms-meta-jssdksrc: [cdn]/scripts/c/ms.analytics-web-3.2.9.min.js
vary: Accept-Encoding
x-azure-ref: 20230418T183912Z-ktn68xdgu92ddeknrx1z42x50c00000005a000000001ub6r
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 432bb6b3-101e-007f-02a8-6de394000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,x-ms-meta-lastmodified,x-ms-meta-jssdksrc,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2 200 74-888e54
www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/51-0a6e40/ 167 KB
23 KB 391ms
390ms Stylesheet
text/css 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/51-0a6e40/74-888e54?ver=2.0&_cf=02242021_3231

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a9f24da628989ece81a468b5a98977c64c8d914e9d139aad578bccde73bcc2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

ms-operation-id: c162915f02bce04b8160380ce9de896a
date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-rtag: RT
x-s2: 2023-04-04T19:14:40
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 40165ef2-3cad-4b42-a9dc-1b3cbb5f863b
tls_version: tls1.3
ms-cv-esi: CASMicrosoftCV30bf2dd0.0
ms-cv: CASMicrosoftCV30bf2dd0.0
content-length: 22742
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Apr 2023 19:14:40 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-03-10T08:58:24.0000000Z}
x-s1: 2023-04-04T19:14:40
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30328528
timing-allow-origin: *
x-appversion: 1.0.8468.43152
expires: Wed, 03 Apr 2024 19:14:40 GMT

GET
H/1.1 200
OK override.css
statics-marketingsites-eus-ms-com.akamaized.net/statics/ 1 KB
907 B 98ms
25ms Stylesheet
text/css 2.16.186.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://statics-marketingsites-eus-ms-com.akamaized.net/statics/override.css
Requested by: Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-89.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 18 Apr 2023 18:39:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Jun 2019 23:22:13 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D6EEC3A2D67C35
Vary: Accept-Encoding
Content-Type: text/css
x-ms-request-id: d0de67a5-701e-0062-5638-494dd2000000
x-ms-version: 2009-09-19
Connection: keep-alive
Content-Length: 473

GET
H2 200 a2-598841 Show response
www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23... 134 KB
36 KB 395ms
395ms Script
text/javascript 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/shell/_scrf/js/themes=default/8e-e88b64/82-2a4f02/49-a00ab0/92-02e55d/7c-dcea75/75-fca72d/ed-e77ee7/d5-bf34c0/a9-078595/7a-7ea8cc/2d-40bdad/23-e8cd2b/96-eb5423/e6-6b0cce/d1-98d78a/c6-082272/a7-f7a340/1e-addbef/2e-ca165a/fc-169dd8/8e-60935c/87-fecbed/96-6ed6eb/c3-eb62e0/ad-ffd6bf/35-621acc/3b-84517a/b0-07f293/1e-9d9d16/52-f0367f/94-1dce2c/bf-517249/e1-ed258e/20-0b10e2/6b-0f1117/fb-5e9831/a2-598841?ver=2.0&_cf=02242021_3231&iife=1

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f972ffc4af215a60ab0d70a63535cfcd23a951766c9903c6770bfc431e88852e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

ms-operation-id: 8fe22599d4a65a4a926b2e009f22920e
date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-rtag: RT
x-s2: 2023-04-04T19:11:39
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 5c77c516-ee42-4ecc-91ff-9c3eeff4ee51
tls_version: tls1.3
ms-cv-esi: CASMicrosoftCV30bf2dd2.0
ms-cv: CASMicrosoftCV30bf2dd2.0
content-length: 35909
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Apr 2023 19:11:38 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-03-10T08:58:24.0000000Z}
x-s1: 2023-04-04T19:11:38
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30328346
timing-allow-origin: *
x-appversion: 1.0.8468.43152
expires: Wed, 03 Apr 2024 19:11:38 GMT

GET
H2 200 meversion Show response
mem.gfx.ms/ 29 KB
10 KB 38ms
10ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e0c4a17058f3b70c5a894f92c8e4fffb1c17a88fd8e1741da61caa966ea0ddda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 18 Apr 2023 18:39:12 GMT
x-azure-ref-originshield: 0Uoo+ZAAAAACmplFjWhmITb+tBsr+ZGKCRlJBMjMxMDUwNDE3MDM5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-azure-ref: 00OM+ZAAAAADRKTlKZKxrSaViQs+6A5kqRlJBMzFFREdFMDMxMgBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
expires: Tue, 18 Apr 2023 23:31:45 GMT

GET
H2 200 RE1Mu3b
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 4 KB
4 KB 79ms
15ms Image
image/png 2a02:26f0:3500:16::215:1494
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE1Mu3b?ver=5c31

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:1494 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
last-modified: Mon, 10 Apr 2023 10:56:41 GMT
x-resizerversion: 1.0
x-datacenter: northeu
x-source-length: 4054
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=101956
x-activityid: 9a68338b-330b-4436-8e78-1591ee0cab82
content-location: https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RE1Mu3b?ver=5c31
timing-allow-origin: *
content-length: 4054
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
expires: Wed, 19 Apr 2023 22:58:28 GMT

GET
H2 200 Figure1-New-threat-actor-naming-taxonomy.png
www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/04/ 190 KB
191 KB 446ms
444ms Image
image/png 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/04/Figure1-New-threat-actor-naming-taxonomy.png

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b05213d91289eeaa94cf3802e05962e90133328204bbc38550d5dc6b4cb0313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:13 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 17 Apr 2023 20:03:01 GMT
x-rtag: RT
etag: "2f7bf-5f98dad8ebb9a"
content-type: image/png
tls_version: tls1.3
cache-control: max-age=31536000
ms-cv-esi: CASMicrosoftCV30bf2ecb.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2ecb.0
content-length: 194495
expires: Wed, 17 Apr 2024 18:39:12 GMT

GET
H2 200 Featured-image-2-440x268.jpg
www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/04/ 24 KB
24 KB 256ms
254ms Image
image/jpeg 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/04/Featured-image-2-440x268.jpg

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

31637b3e54194a5211554bebcf26d96a45585fec3a074df49c6feb80a3479599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 17 Apr 2023 20:26:32 GMT
x-rtag: RT
etag: "5fc5-5f98e01abc4c3"
content-type: image/jpeg
tls_version: tls1.3
cache-control: max-age=31536000
ms-cv-esi: CASMicrosoftCV30bf2ecc.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2ecc.0
content-length: 24517
expires: Wed, 17 Apr 2024 18:39:12 GMT

GET
H2 200 CLO22_Factory_026-1-440x268.jpg
www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/04/ 19 KB
19 KB 255ms
254ms Image
image/jpeg 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/04/CLO22_Factory_026-1-440x268.jpg

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a257394705e76938634e235bd3f661be5f1047fdf1dbc924aa185127f881f3f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 05 Apr 2023 16:21:52 GMT
x-rtag: RT
etag: "4caa-5f899309f232f"
content-type: image/jpeg
tls_version: tls1.3
cache-control: max-age=31536000
ms-cv-esi: CASMicrosoftCV30bf2ecd.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2ecd.0
content-length: 19626
expires: Wed, 17 Apr 2024 18:39:12 GMT

GET
H2 200 FY23_Secure2023_DigitalSwag_Hero_Image_Desktop_800x450-440x268.png
www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/04/ 135 KB
135 KB 506ms
504ms Image
image/png 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/04/FY23_Secure2023_DigitalSwag_Hero_Image_Desktop_800x450-440x268.png

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

41e52be6759ff8fdbbc903dd623e79aeeadb76135c9725f1aed6e1e8a109a7d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:13 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 19:19:50 GMT
x-rtag: RT
etag: "21a94-5f914601991bc"
content-type: image/png
tls_version: tls1.3
cache-control: max-age=31536000
ms-cv-esi: CASMicrosoftCV30bf2ece.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2ece.0
content-length: 137876
expires: Wed, 17 Apr 2024 18:39:12 GMT

GET
H2 200 modernizr.js Show response
www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/bower_components/modernizer/ 50 KB
16 KB 447ms
447ms Script
application/javascript 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/bower_components/modernizer/modernizr.js?ver=2.8.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b828b15e9b7836b493a8bd6e832a24ee13aa8b6f8b4a1bf307a7af2912014178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 17:23:30 GMT
x-rtag: RT
etag: "c897-5f912c0078880-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2e97.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2e97.0
content-length: 15769
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 mwf-auto-init-main.var.min.js Show response
assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/ 303 KB
71 KB 15ms
15ms Script
application/x-javascript 2a02:26f0:3500:585::2957
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/scripts/mwf-auto-init-main.var.min.js?ver=v1.23.2+5182151

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:3500:585::2957 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

f2a28cd82e7ec00d2d8158f21fb0507722cd8b09fa4a0a16fadc58f30385cc25

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff, nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff, nosniff, nosniff, nosniff
content-md5: 12go4t01WZJhAGBag3beKQ==
content-length: 71611
x-ms-lease-state: available
last-modified: Thu, 01 Feb 2018 02:22:29 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: "0x8D5691AA4A3D407"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control: max-age=900
accept-ranges: bytes

GET
H2 200 picturefill.min.js Show response
www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/bower_components/picturefill/dist/ 12 KB
5 KB 242ms
239ms Script
application/javascript 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/bower_components/picturefill/dist/picturefill.min.js?ver=3.0.3

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 17:23:30 GMT
x-rtag: RT
etag: "2e1f-5f912c0078880-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2ec3.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2ec3.0
content-length: 5171
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 imagesloaded.min.js Show response
www.microsoft.com/en-us/security/blog/wp-includes/js/ 5 KB
2 KB 255ms
252ms Script
application/javascript 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
x-rtag: RT
etag: "15fd-5a7fbb57c37c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2ec4.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2ec4.0
content-length: 1834
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 masonry.min.js Show response
www.microsoft.com/en-us/security/blog/wp-includes/js/ 24 KB
8 KB 247ms
244ms Script
application/javascript 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-includes/js/masonry.min.js?ver=4.2.2

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
x-rtag: RT
etag: "5e4a-5a7fbb57c37c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2ec5.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2ec5.0
content-length: 7382
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 project.min.js Show response
www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/scripts/ 6 KB
2 KB 242ms
239ms Script
application/javascript 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/themes/ms-security/assets/scripts/project.min.js?ver=1681233810

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

682d50732b7337b57f5d67840f768b93e9a209ad11b6b71e208cca2d4f504b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 17:23:30 GMT
x-rtag: RT
etag: "19d5-5f912c0078880-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2ec6.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2ec6.0
content-length: 2006
expires: Thu, 18 May 2023 18:39:12 GMT

GET
H2 200 focus-within.js Show response
www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/vendor/ 10 KB
4 KB 508ms
505ms Script
application/javascript 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/assets/js/vendor/focus-within.js?ver=1.3.8

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c05536c0f0662d15af06f535b7e11931840fa8d5893debb0d69289d3f4b15d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 17:24:57 GMT
x-rtag: RT
etag: "289e-5f912c5370c40-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2ec7.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2ec7.0
content-length: 3288
expires: Thu, 18 May 2023 18:39:13 GMT

GET
H2 404 ms-oembed-lib-gif.js
www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/dist/js/ 0
0 396ms
394ms Script
text/html 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/dist/js/ms-oembed-lib-gif.js

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:13 GMT
strict-transport-security: max-age=31536000
x-rtag: RT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
tls_version: tls1.3
cache-control: no-cache, must-revalidate, max-age=0
ms-cv-esi: CASMicrosoftCV30bf2ec8.0
ms-cv: CASMicrosoftCV30bf2ec8.0
link: <https://www.microsoft.com/en-us/security/blog/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 microsoft-uhf.js Show response
www.microsoft.com/en-us/security/blog/wp-content/plugins/microsoft-uhf/assets/ 3 KB
2 KB 245ms
243ms Script
application/javascript 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/plugins/microsoft-uhf/assets/microsoft-uhf.js?ver=0.4.0

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cffbae450bcad74d65019c0aa2bada046cdcf5f5fa4af699929838f58c7ff8c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 11 Apr 2023 17:24:57 GMT
x-rtag: RT
etag: "d4e-5f912c5370c40-gzip"
vary: Accept-Encoding
content-type: application/javascript
tls_version: tls1.3
cache-control: max-age=2592000
ms-cv-esi: CASMicrosoftCV30bf2ec9.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2ec9.0
content-length: 1370
expires: Thu, 18 May 2023 18:39:12 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf73ba8c24162c4cfd51b3b508b2bc0f8ee00cab13bec8f32b6fb6359be7d17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 223 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 707c5b510b5712a82fd8bdf073a6d9860583931ee85f6ee7e2e735e81ae05d18

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mwfmdl2-v3.54.woff
www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/ 26 KB
26 KB 199ms
198ms Font
application/font-woff 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/51-0a6e40/74-888e54?ver=2.0&_cf=02242021_3231

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/onerfstatics/marketingsites-eus-prod/west-european/shell/_scrf/css/themes=default.device=uplevel_web_pc/79-4cdd0a/33-ae3d41/a5-4bf7a2/13-8e1ceb/81-32f0c0/5c-b7b685/51-0a6e40/74-888e54?ver=2.0&_cf=02242021_3231
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

ms-operation-id: 5330fa921bb59147b2562a43eac6b73a
date: Tue, 18 Apr 2023 18:39:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-rtag: RT
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-activity-id: 53ce40c9-1505-41d7-813b-a1c8180d4fd7
tls_version: tls1.3
ms-cv-esi: CASMicrosoftCV30bf2f58.0
ms-cv: CASMicrosoftCV30bf2f58.0
content-length: 26288
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Nov 2022 17:03:24 GMT
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2022-11-11T02:52:14.0000000Z}
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=25229415
x-appversion: 1.0.8349.33967
expires: Sun, 04 Feb 2024 18:49:27 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/ 29 KB
29 KB 98ms
27ms Font
font/woff2 2a02:26f0:3500:594::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semibold/latest.woff2
Requested by: Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:594::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f

Request headers

Referer: https://assets.onestore.ms/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "5b68d583e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=258888
accept-ranges: bytes
content-length: 29388
expires: Fri, 21 Apr 2023 18:34:00 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/ 33 KB
34 KB 100ms
31ms Font
font/woff2 2a02:26f0:3500:594::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/normal/latest.woff2
Requested by: Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:594::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b

Request headers

Referer: https://assets.onestore.ms/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "588d483e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=261829
accept-ranges: bytes
content-length: 34052
expires: Fri, 21 Apr 2023 19:23:01 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Light/ 27 KB
27 KB 97ms
42ms Font
font/woff2 2a02:26f0:3500:594::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Light/latest.woff2
Requested by: Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:594::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fe8a1047376498c80a157d13555e42a92ad480fcb0bcc9de51ad1930fbeb7f91

Request headers

Referer: https://assets.onestore.ms/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "1282d283e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=257620
accept-ranges: bytes
content-length: 27168
expires: Fri, 21 Apr 2023 18:12:52 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/ 29 KB
30 KB 64ms
14ms Font
font/woff2 2a02:26f0:3500:594::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Bold/latest.woff2
Requested by: Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:594::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b

Request headers

Referer: https://assets.onestore.ms/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
last-modified: Fri, 10 Jan 2020 19:09:42 GMT
etag: "83cce83e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=259267
accept-ranges: bytes
content-length: 30132
expires: Fri, 21 Apr 2023 18:40:19 GMT

GET
H2 200 latest.woff2
c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semilight/ 28 KB
28 KB 82ms
45ms Font
font/woff2 2a02:26f0:3500:594::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.s-microsoft.com/static/fonts/segoe-ui/west-european/Semilight/latest.woff2
Requested by: Host: assets.onestore.ms
URL: https://assets.onestore.ms/cdnfiles/external/mwf/short/v1/latest/css/mwf-west-european-default.min.css?ver=6.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:594::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6ba0d1a726f1887bd61727b308ed0be0e73edba17d4ad11b91ab19b632e078f6

Request headers

Referer: https://assets.onestore.ms/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:12 GMT
last-modified: Fri, 10 Jan 2020 19:09:43 GMT
etag: "95edd883e9c7d51:0"
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=259500
accept-ranges: bytes
content-length: 28908
expires: Fri, 21 Apr 2023 18:44:12 GMT

GET
H2 200 Figure2-Blizzard-Russia-Sandstorm-Iran.png
www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/04/ 128 KB
129 KB 289ms
286ms Image
image/png 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/04/Figure2-Blizzard-Russia-Sandstorm-Iran.png

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

53eb575adbe35155750b21d21a32283b97ba63c312c343441998104eb9de9ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:13 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 17 Apr 2023 20:03:09 GMT
x-rtag: RT
etag: "1fe7c-5f98dae13398b"
content-type: image/png
tls_version: tls1.3
cache-control: max-age=31536000
ms-cv-esi: CASMicrosoftCV30bf2f59.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2f59.0
content-length: 130684
expires: Wed, 17 Apr 2024 18:39:12 GMT

GET
H2 200 Figure3-Storm-In-development-actors.png
www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/04/ 60 KB
60 KB 400ms
398ms Image
image/png 2a02:26f0:6c00:187::356e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.microsoft.com/en-us/security/blog/wp-content/uploads/2023/04/Figure3-Storm-In-development-actors.png

Requested by

Host: www.microsoft.com
URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:187::356e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

121079fae214e5093d028d8f3428bb912b3a12c723128f6887d0976807cc7778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:13 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 17 Apr 2023 20:03:15 GMT
x-rtag: RT
etag: "ef96-5f98dae6807ae"
content-type: image/png
tls_version: tls1.3
cache-control: max-age=31536000
ms-cv-esi: CASMicrosoftCV30bf2f5a.0
accept-ranges: bytes
ms-cv: CASMicrosoftCV30bf2f5a.0
content-length: 61334
expires: Wed, 17 Apr 2024 18:39:12 GMT

GET
H2 200 ms.shared.analytics.mectrl-3.2.6.gbl.min.js Show response
js.monitor.azure.com/scripts/c/ 88 KB
41 KB 45ms
11ms Script
text/javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/c/ms.shared.analytics.mectrl-3.2.6.gbl.min.js
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55

Request headers

Referer: https://www.microsoft.com/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:13 GMT
content-encoding: br
x-ms-meta-jssdkver: 3.2.6
last-modified: Thu, 18 Aug 2022 21:40:45 GMT
vary: Accept-Encoding
x-azure-ref: 20230418T183913Z-b7a4yqug6d27hfqq3ex6mnn74s00000000n000000002kk6r
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c635ad0d-f01e-005d-3319-6e24a3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2 200 meBoot.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.23082.2/en-US/ 177 KB
33 KB 34ms
13ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.23082.2/en-US/meBoot.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fa334c1e3766c50298f83ee32aed20fcd0978230350837dc7cb9115d096a7167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.microsoft.com/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 18 Apr 2023 18:39:12 GMT
last-modified: Wed, 29 Mar 2023 19:24:18 GMT
x-azure-ref-originshield: 0hY0+ZAAAAAD20VFJTSysR6OaOXhHTgSaRlJBMjMxMDUwNDE3MDQ1AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
etag: "1d962aebaac36e7"
x-azure-ref: 00eM+ZAAAAAANRNsO53QlRaG2ndV6sPR+RlJBMzFFREdFMDkxOABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ua-compatible: IE=edge

GET
H/1.1 200
OK me.srf Show response
login.live.com/ Frame D2EF 12 KB
7 KB 261ms
106ms Document
text/html 2603:1027:1:d8::4
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=c533fd1c-6a3f-48ff-1915-fd70394be6ee&partnerId=mssecurity

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.23082.2/en-US/meBoot.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2603:1027:1:d8::4 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fd25a431f8d2829ae10875e58ed2d3d62df8561af2866c0d8b8edd8b635a3ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.microsoft.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 5116
Content-Type: text/html; charset=utf-8
Date: Tue, 18 Apr 2023 18:39:13 GMT
Expires: Tue, 18 Apr 2023 18:38:13 GMT
Link: <https://logincdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net>; rel=preconnect; crossorigin <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin <https://acctcdn.msauth.net/>; rel=dns-prefetch <https://acctcdn.msftauth.net/>; rel=dns-prefetch <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://logincdn.msauth.net/>; rel=dns-prefetch <https://logincdn.msftauth.net/>; rel=dns-prefetch <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer: PPV: 30 H: BL02PF5A9C88325 V: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-XSS-Protection: 1; mode=block
x-ms-request-id: 056e2168-6875-4381-9ce0-49496cba5ebc
x-ms-route-info: C104_BL2

GET
H2 200 meCore.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.23082.2/en-US/ 98 KB
16 KB 15ms
14ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.23082.2/en-US/meCore.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSSecurity&market=en-us&uhf=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a5268a183f2a091d2d17773997e89a25fc45cbd60e586edf61f544fb85d6f6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.microsoft.com/
Origin: https://www.microsoft.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 18 Apr 2023 18:39:13 GMT
last-modified: Wed, 29 Mar 2023 19:24:26 GMT
x-azure-ref-originshield: 0A8s9ZAAAAAAzbYLY0RpeQqxTmNQfCptoRlJBMjMxMDUwNDE4MDI3AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
etag: "1d962aebf7220a1"
x-azure-ref: 00eM+ZAAAAADGVoEKVJKYTqnuYpDK4M6HRlJBMzFFREdFMDkxOABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
x-ua-compatible: IE=edge

GET
DATA 200
OK truncated
/ 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 RW10pup
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 3 KB
3 KB 14ms
14ms Image
image/png 2a02:26f0:3500:16::215:1494
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RW10pup?ver=d8fa

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:16::215:1494 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c23044c09bca18df7cf6420ba798462d3a3950fa7ffbf69579bfc98a75a4cd67

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.microsoft.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:13 GMT
last-modified: Fri, 31 Mar 2023 06:07:35 GMT
x-resizerversion: 1.0
x-source-length: 2946
x-datacenter: northeu
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=386920
x-activityid: 1f6971e2-14cd-45a2-ae3d-96b4ae7fa207
content-location: https://image.prod.cms.rt.microsoft.com/cms/api/am/imageFileData/RW10pup?ver=d8fa
timing-allow-origin: *
content-length: 2946
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
expires: Sun, 23 Apr 2023 06:07:53 GMT

GET
H2 200 MeControl_m1hvm05UW24U67C54E5A2w2.js Show response
logincdn.msftauth.net/16.000/content/js/ Frame D2EF 17 KB
6 KB 85ms
13ms Script
application/x-javascript 192.229.221.185
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://logincdn.msftauth.net/16.000/content/js/MeControl_m1hvm05UW24U67C54E5A2w2.js
Requested by: Host: login.live.com
URL: https://login.live.com/me.srf?wa=wsignin1.0&wreply=https%3A%2F%2Fwww.microsoft.com&uaid=c533fd1c-6a3f-48ff-1915-fd70394be6ee&partnerId=mssecurity
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D5) /
Resource Hash: ed86873b741c54f5d65aa6d4188932119e886a64b19fda8dbb2355035bd3583c

Request headers

Referer: https://login.live.com/
Origin: https://login.live.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 18 Apr 2023 18:39:13 GMT
content-encoding: gzip
content-md5: Nqvh2i2/QFVNAKcVGXsYYw==
age: 2360108
x-cache: HIT
content-length: 6056
x-ms-lease-status: unlocked
last-modified: Tue, 21 Mar 2023 05:36:41 GMT
server: ECAcc (ama/48D5)
etag: 0x8DB29CE3FBEA99F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dbf593d3-c01e-000c-75ae-5c1206000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 mecache Show response
mem.gfx.ms/me/ Frame 3EE4 3 KB
1 KB 10ms
9ms Document
text/html 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/me/mecache?partner=mssecurity&wreply=https%3A%2F%2Fwww.microsoft.com

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.23082.2/en-US/meBoot.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9fb986a4af68e84538254ac7354aa38a7aabab9a998b6d5268206a1d9b946cab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.microsoft.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.microsoft.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, no-transform, max-age=43200
content-encoding: br
content-security-policy: frame-ancestors https://www.microsoft.com;
content-type: text/html; charset=utf-8
date: Tue, 18 Apr 2023 18:39:13 GMT
expires: Tue, 18 Apr 2023 15:52:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 00eM+ZAAAAAAx8plaEDxgR7/L09CowsbuRlJBMzFFREdFMDMxMgBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
x-azure-ref-originshield: 0jWo+ZAAAAADFKXCVHQcoQKj+N8rlhnK2RlJBMjMxMDUwNDE3MDMzAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache: TCP_HIT
x-content-type-options: nosniff
x-ua-compatible: IE=edge

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 230ms
22ms Preflight 51.104.15.252
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.104.15.252 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://www.microsoft.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Tue, 18 Apr 2023 18:39:13 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 153 B
1 KB 88ms
22ms XHR
application/json 51.104.15.252
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.104.15.252 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

4a9b60e581c5bacce745ff1fc213387b21a6fc54bf4ec023971b3add96dfdd0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1681843154229
accept-language: de-DE,de;q=0.9
client-version: 1DS-Web-JS-3.2.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://www.microsoft.com/
apikey: cb68b8f590184975aa5eb4ed576fb074-e666ac9b-fa31-4339-8b9c-775f4bae31f3-6978
Client-Id: NO_AUTH

Response headers

Strict-Transport-Security: max-age=31536000
Date: Tue, 18 Apr 2023 18:39:14 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 302
Access-Control-Allow-Methods: POST
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: application/json
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Content-Length: 153

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 153 B
592 B 23ms
22ms XHR
application/json 51.104.15.252
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.analytics-web-3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.104.15.252 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

bebe36dd9bbd206512e8f198bd2d64a515d79d611c02c8550eaca243388976b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

upload-time: 1681843155231
accept-language: de-DE,de;q=0.9
client-version: 1DS-Web-JS-3.2.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
time-delta-to-apply-millis: 302
content-type: application/x-json-stream
cache-control: no-cache, no-store
Referer: https://www.microsoft.com/
apikey: cb68b8f590184975aa5eb4ed576fb074-e666ac9b-fa31-4339-8b9c-775f4bae31f3-6978
Client-Id: NO_AUTH

Response headers

Strict-Transport-Security: max-age=31536000
Date: Tue, 18 Apr 2023 18:39:15 GMT
Server: Microsoft-HTTPAPI/2.0
time-delta-millis: 34
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 153

OPTIONS
H/1.1 200
OK /
browser.events.data.microsoft.com/OneCollector/1.0/ Frame 0
0 29ms
29ms Preflight 51.104.15.252
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.104.15.252 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
Access-Control-Request-Method: POST
Origin: https://www.microsoft.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
Access-Control-Allow-Origin: https://www.microsoft.com
Access-Control-Max-Age: 3600
Cache-Control: public, 3600
Content-Length: 0
Date: Tue, 18 Apr 2023 18:39:14 GMT
Server: Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.microsoft.com/	1970-01-20 19:56:19	Name: MicrosoftApplicationsTelemetryDeviceId Value: 4ec9989d-d29f-47c2-9cf5-f09352329255
www.microsoft.com/	1970-01-20 11:10:44	Name: ai_session Value: 2pHC+f5q8jwoeyAExVr93B\|1681843153226\|1681843153226
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: c533fd1c6a3f48ff1915fd70394be6ee
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1681843153&co=1
.login.live.com/	1969-12-31 23:59:59	Name: OParams Value: 11O.DY39vJ4PfheEpey2l8zcyZP6fXHVi7OR7pmhnCMLzgh46rYpMMFZm!0bBOKRtihUkvFYsIE3bm3nu1GkJbSGcM!cAg4bcLtbDhP0giv9QLbBMQZAa4NCZQV6G0gssadaL6Sdu40qovBqRcCaRfkzN4x!bpNiLoOOpGXS*Y1FT!1vHS8bX6NmY8b2cJ!yReabebNp6byHTqJNK6m1SqrLO3eUfW2sgY1Iy7BKF!aCf8!dcnOyYY7fX!7IbFarBnPoDrgQDppCqtVqZkhuqmsL0$
.microsoft.com/	1970-01-20 19:56:19	Name: MC1 Value: GUID=f3819937b58b4b3a8aa6034cd28bbdbb&HASH=f381&LV=202304&V=4&LU=1681843154531
.microsoft.com/	1970-01-20 11:10:44	Name: MS0 Value: 41fa352e250544bb9ca8cf6cffcc794c
www.microsoft.com/	1970-01-20 19:56:19	Name: MSFPC Value: GUID=f3819937b58b4b3a8aa6034cd28bbdbb&HASH=f381&LV=202304&V=4&LU=1681843154531

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.microsoft.com/en-us/security/blog/wp-content/plugins/oembeds/dist/js/ms-oembed-lib-gif.js Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/ Message: Mixed Content: The page at 'https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/' was loaded over HTTPS, but requested an insecure element 'http://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RW10pup?ver=d8fa'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.onestore.ms
browser.events.data.microsoft.com
c.s-microsoft.com
img-prod-cms-rt-microsoft-com.akamaized.net
js.monitor.azure.com
login.live.com
logincdn.msftauth.net
mem.gfx.ms
statics-marketingsites-eus-ms-com.akamaized.net
wcpstatic.microsoft.com
www.microsoft.com
192.229.221.185
2.16.186.89
2603:1027:1:d8::4
2620:1ec:4e:1::45
2620:1ec:4f:1::45
2a02:26f0:3500:16::215:1494
2a02:26f0:3500:585::2957
2a02:26f0:3500:594::356e
2a02:26f0:6c00:187::356e
51.104.15.252
0bd288d5397a69ead391875b422bf2cbdcc4f795d64aa2f780aff45768d78248
112fec798b78aa02e102a724b5cb1990c0f909bc1d8b7b1fa256eab41bbc0960
121079fae214e5093d028d8f3428bb912b3a12c723128f6887d0976807cc7778
1232bbdbc5d205f3c5a40efa5ed92839c79e7879d5168445cc47645bb93f7d1b
22b4df5c33045b645cafa45b04685f4752e471a2e933bff5bf14324d87deee12
2bf73ba8c24162c4cfd51b3b508b2bc0f8ee00cab13bec8f32b6fb6359be7d17
31637b3e54194a5211554bebcf26d96a45585fec3a074df49c6feb80a3479599
3f9133661081aceb9b5e1e10aa17a87e4b7db93609497be50b677477fb5a050c
41e52be6759ff8fdbbc903dd623e79aeeadb76135c9725f1aed6e1e8a109a7d7
4919e80f038d2b93f1184d1733ac35009643481735c7bc7aa31d8b56e118fc04
4a9b60e581c5bacce745ff1fc213387b21a6fc54bf4ec023971b3add96dfdd0d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f7f4afe26e71fa9ca1dac4a43b557a554a46f53251d849f07ed08a04829d74b
53eb575adbe35155750b21d21a32283b97ba63c312c343441998104eb9de9ebd
5b05213d91289eeaa94cf3802e05962e90133328204bbc38550d5dc6b4cb0313
682d50732b7337b57f5d67840f768b93e9a209ad11b6b71e208cca2d4f504b27
6ba0d1a726f1887bd61727b308ed0be0e73edba17d4ad11b91ab19b632e078f6
707c5b510b5712a82fd8bdf073a6d9860583931ee85f6ee7e2e735e81ae05d18
7d145b10d4a03fc22a08b2228f403779414c838430ce718ba52fb23e15837e55
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
8a13eda4650628c3b24edd6b407cfedf1821188701430545bc17ccf7fe0083ac
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9fb986a4af68e84538254ac7354aa38a7aabab9a998b6d5268206a1d9b946cab
a257394705e76938634e235bd3f661be5f1047fdf1dbc924aa185127f881f3f3
a5268a183f2a091d2d17773997e89a25fc45cbd60e586edf61f544fb85d6f6a8
a9f24da628989ece81a468b5a98977c64c8d914e9d139aad578bccde73bcc2da
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1d83c2d49c49ea38d578afa752aaec44a86d069d6ce2d54460e2612fc31a102
b201ab52de2c92539f7a276b6cf170b1bdf0f3705f1b6ab9597517d030afefe4
b828b15e9b7836b493a8bd6e832a24ee13aa8b6f8b4a1bf307a7af2912014178
bebe36dd9bbd206512e8f198bd2d64a515d79d611c02c8550eaca243388976b9
c05536c0f0662d15af06f535b7e11931840fa8d5893debb0d69289d3f4b15d6c
c23044c09bca18df7cf6420ba798462d3a3950fa7ffbf69579bfc98a75a4cd67
c45ede9a71f233477aed6110a50ea9dd38e933c8a5ca47df9665d1421c1e2991
c688d3f2135b6b51617a306a0b1a665324402a00a6bceba475881af281503ad9
cffbae450bcad74d65019c0aa2bada046cdcf5f5fa4af699929838f58c7ff8c2
d87d0a7a7fe2c36d1dc093bfe56e9b81b311988789dbd3b65abf811d551ef02f
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0c4a17058f3b70c5a894f92c8e4fffb1c17a88fd8e1741da61caa966ea0ddda
ed86873b741c54f5d65aa6d4188932119e886a64b19fda8dbb2355035bd3583c
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
f174b3ce00dc0ef25fe0867dae1da92a595c50f730dbe2cd1fd7f29546034e81
f2a28cd82e7ec00d2d8158f21fb0507722cd8b09fa4a0a16fadc58f30385cc25
f972ffc4af215a60ab0d70a63535cfcd23a951766c9903c6770bfc431e88852e
fa334c1e3766c50298f83ee32aed20fcd0978230350837dc7cb9115d096a7167
fd25a431f8d2829ae10875e58ed2d3d62df8561af2866c0d8b8edd8b635a3ee1
fe8a1047376498c80a157d13555e42a92ad480fcb0bcc9de51ad1930fbeb7f91
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.microsoft.com Open in urlscan Pro 2a02:26f0:6c00:187::356e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

70 %IPv6

8 Domains

11 Subdomains

11 IPs

4 Countries

1413 kBTransfer

3649 kBSize

8 Cookies

56 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.microsoft.com Open in urlscan Pro
2a02:26f0:6c00:187::356e Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

11
Subdomains

11
IPs

4
Countries

1413 kB
Transfer

3649 kB
Size

8
Cookies

50 HTTP transactions
3 data transactions