URL: https://blogs.iis.net/peterviola
Submission Tags: falconsandbox
Submission: On November 19 via api from US

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 8 HTTP transactions. The main IP is 40.118.185.161, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is blogs.iis.net.
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 05 on November 9th 2020. Valid for: a year.
This is the only time blogs.iis.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 40.118.185.161 8075 (MICROSOFT...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2620:1ec:bdf::10 8068 (MICROSOFT...)
2 2606:2800:133... 15133 (EDGECAST)
1 40.78.112.64 8075 (MICROSOFT...)
1 152.199.19.160 15133 (EDGECAST)
8 7
Domain Requested by
2 blogs-iis.azureedge.net blogs.iis.net
2 c.s-microsoft.com blogs.iis.net
1 ajax.aspnetcdn.com blogs.iis.net
1 iisnetblogs.blob.core.windows.net blogs.iis.net
1 consentdeliveryfd.azurefd.net blogs.iis.net
1 blogs.iis.net
8 6
Subject Issuer Validity Valid
*.iis.net
Microsoft Azure TLS Issuing CA 05
2020-11-09 -
2021-11-04
a year crt.sh
www.microsoft.com
Microsoft RSA TLS CA 01
2020-08-28 -
2021-08-28
a year crt.sh
*.azurefd.net
Microsoft Azure TLS Issuing CA 02
2020-11-10 -
2021-11-05
a year crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2
2020-03-18 -
2022-03-18
2 years crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02
2020-11-14 -
2021-11-14
a year crt.sh

This page contains 1 frames:

Primary Page: https://blogs.iis.net/peterviola
Frame ID: D5F4078EE7137618DFE467816CCB67F7
Requests: 12 HTTP requests in this frame

Screenshot


Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

243 kB
Transfer

655 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set peterviola
blogs.iis.net/
44 KB
12 KB
Document
General
Full URL
https://blogs.iis.net/peterviola
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.185.161 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1c951734d83283e2225a2ec91963d8cc013d2a3e8ebf704015f305d5ee8a65b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Host
blogs.iis.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
public, max-age=60
Content-Length
11944
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
ETag
dfccd388a9be4adb92b07dd1233cd0e6
Vary
*
Set-Cookie
ARRAffinity=aba165df68051c8ddb3699c9fab6f50e167553a6c800429e6ed1b45e6c439ab9;Path=/;HttpOnly;Domain=blogs.iis.net ARRAffinity=aba165df68051c8ddb3699c9fab6f50e167553a6c800429e6ed1b45e6c439ab9;Path=/;HttpOnly;Domain=blogs.iis.net
X-Generator
Orchard
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Thu, 19 Nov 2020 00:31:45 GMT
mscc-0.4.2.min.js
c.s-microsoft.com/mscc/statics/
4 KB
2 KB
Script
General
Full URL
https://c.s-microsoft.com/mscc/statics/mscc-0.4.2.min.js
Requested by
Host: blogs.iis.net
URL: https://blogs.iis.net/peterviola
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28b::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a188e6c4c6729c3abbe6a34e45b5c3d7d65ffc659e1baa46632ffb1c876e815c

Request headers

Referer
https://blogs.iis.net/peterviola
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 19 Nov 2020 00:31:46 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 15:56:14 GMT
content-md5
AO6kLOW8s6NiicKEPl74tA==
etag
0x8D795E59EC908A0
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1a05ae20-f01e-0080-7bfc-c7b032000000
x-ms-version
2009-09-19
content-length
2017
mscc-0.4.2.min.css
c.s-microsoft.com/mscc/statics/
1 KB
934 B
Stylesheet
General
Full URL
https://c.s-microsoft.com/mscc/statics/mscc-0.4.2.min.css
Requested by
Host: blogs.iis.net
URL: https://blogs.iis.net/peterviola
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28b::356e , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
66c5d9882a954332c4aebef2386c7713a226fa617ddcd08d22f24e53ba5ec066

Request headers

Referer
https://blogs.iis.net/peterviola
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 19 Nov 2020 00:31:46 GMT
content-encoding
gzip
last-modified
Fri, 10 Jan 2020 15:56:23 GMT
content-md5
QLyM0qNPDXd6ayzd1iIoLA==
etag
0x8D795E5A424E059
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
a3a91312-801e-0025-4efc-c78b2b000000
x-ms-version
2009-09-19
content-length
626
wcp-consent.js
consentdeliveryfd.azurefd.net/mscc/lib/v2/
249 KB
74 KB
Script
General
Full URL
https://consentdeliveryfd.azurefd.net/mscc/lib/v2/wcp-consent.js
Requested by
Host: blogs.iis.net
URL: https://blogs.iis.net/peterviola
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::10 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
208edbed32b2adac9446df83caa4a093a261492ba6b8b3bcfe6a75efb8b70294

Request headers

Referer
https://blogs.iis.net/peterviola
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 19 Nov 2020 00:31:45 GMT
content-encoding
gzip
vary
Accept-Encoding
content-md5
OLdpUi3Q5MKZjJA0pU4XTg==
age
15575
x-cache
HIT
content-length
75124
x-ms-lease-status
unlocked
last-modified
Wed, 14 Oct 2020 22:31:12 GMT
etag
0x8D87090DB39FE9E
x-azure-ref
08ry1XwAAAAB/rg0fSGxRSrxIvorbXUh8RlJBRURHRTEwMDgAMzliNDYxNTctY2I5ZS00OWI3LWE2NWEtODcyMmEzZjgyNGU0
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d839776a-a01e-0035-33e7-bd9168000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
styles.min.css
blogs-iis.azureedge.net/node1/Themes/TheBootstrapMachine/Styles/iis/
154 KB
69 KB
Stylesheet
General
Full URL
https://blogs-iis.azureedge.net/node1/Themes/TheBootstrapMachine/Styles/iis/styles.min.css?v=10757315423
Requested by
Host: blogs.iis.net
URL: https://blogs.iis.net/peterviola
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F4A) / ARR/3.0
Resource Hash
25cff127c6d8f5861ae364694bf1e1b5294d538c21c0d4c10a1a83dc48eb74e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blogs.iis.net/peterviola
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 00:31:46 GMT
content-encoding
gzip
etag
"0589e311793d61:0"
last-modified
Fri, 25 Sep 2020 08:38:08 GMT
server
ECAcc (frc/8F4A)
age
486696
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=604800
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
70099
x-content-type-options
nosniff
psnmwbc6alxmfv0p8xxe_400x400.jpg
iisnetblogs.blob.core.windows.net/media/peterviola/Media/
25 KB
26 KB
Image
General
Full URL
https://iisnetblogs.blob.core.windows.net/media/peterviola/Media/psnmwbc6alxmfv0p8xxe_400x400.jpg
Requested by
Host: blogs.iis.net
URL: https://blogs.iis.net/peterviola
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.78.112.64 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7d1efba744cb365ba1142b95d5ba5ac6dfa2a298597afc32a02fd5a231bfaa58

Request headers

Referer
https://blogs.iis.net/peterviola
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 19 Nov 2020 00:31:46 GMT
Last-Modified
Tue, 06 Jun 2017 18:44:17 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Ft4dgsDhnl8a8IOtEzxyvQ==
ETag
0x8D4AD0C092D291B
Content-Type
image/jpeg
x-ms-request-id
2f4f8284-901e-0041-590b-be4e96000000
x-ms-version
2009-09-19
Content-Length
25935
jquery-3.5.0.min.js
ajax.aspnetcdn.com/ajax/jQuery/
87 KB
39 KB
Script
General
Full URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.0.min.js
Requested by
Host: blogs.iis.net
URL: https://blogs.iis.net/peterviola
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AD7) /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.iis.net/peterviola
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 00:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18632220
x-cache
HIT
content-length
39744
x-xss-protection
1; mode=block
last-modified
Tue, 14 Apr 2020 15:26:14 GMT
server
ECAcc (ama/8AD7)
etag
"c844f287112d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
blogs-iis.azureedge.net/node1/Themes/TheBootstrapMachine/Scripts/
59 KB
21 KB
Script
General
Full URL
https://blogs-iis.azureedge.net/node1/Themes/TheBootstrapMachine/Scripts/bootstrap.min.js?v=10757315423
Requested by
Host: blogs.iis.net
URL: https://blogs.iis.net/peterviola
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F7D) / ARR/3.0
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blogs.iis.net/peterviola
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 19 Nov 2020 00:31:46 GMT
content-encoding
gzip
etag
"0589e311793d61:0"
last-modified
Fri, 25 Sep 2020 08:38:08 GMT
server
ECAcc (frc/8F7D)
age
486696
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=604800
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
20954
x-content-type-options
nosniff
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
254251fd421abfd7966a41ec0251d5b6796c99362c7cf90c8e286a9d457543f1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
26 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
539bc5dd1a6ad116e16519734c98624e0eb6a8944a9f6cac063ede42e025d131

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd1e04dbc9845485da8bee67bc7ba16b7ed3748fb46d970ecc78c60a7b012ebc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d69bc7d1ccef0a90191e97b60809187129f889fbfc37250ce34fdee8c9c94a5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| mscc function| WcpConsent object| siteConsent function| manageConsent function| dropAnalyticsCookies function| clearCookie function| $ function| jQuery object| bootstrap boolean| isConsentAdvertising

1 Cookies

Domain/Path Name / Value
.blogs.iis.net/ Name: ARRAffinity
Value: aba165df68051c8ddb3699c9fab6f50e167553a6c800429e6ed1b45e6c439ab9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff