| nam10.safelinks.protection.outlook.com/?url=https://aka.ms/o0ukef&data=05|02|phishing@psu.edu|ce6795298b9f453fbc4708dc4f8994de|7cf48d453ddb4389a9c1c115526eb52e|0|0|638472699530879633|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|0|||&sdata=0WevqD1SaZQxE/e7M4XjyDT2axBPgrZuhAsi7cd93go=&reserved=0 | 104.47.55.28 | 302 Found | 138 B |
URL User Request GET HTTP/1.1nam10.safelinks.protection.outlook.com/?url=https://aka.ms/o0ukef&data=05|02|phishing@psu.edu|ce6795298b9f453fbc4708dc4f8994de|7cf48d453ddb4389a9c1c115526eb52e|0|0|638472699530879633|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|0|||&sdata=0WevqD1SaZQxE/e7M4XjyDT2axBPgrZuhAsi7cd93go=&reserved=0 IP104.47.55.28:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerDigiCert Inc Subject*.safelinks.protection.outlook.com FingerprintCC:53:E3:CC:4D:02:3F:3F:4C:FD:84:C8:44:7C:57:A4:AF:B0:B9:96 ValidityTue, 30 Jan 2024 00:00:00 GMT - Thu, 30 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4e5ea91267d25391cae7440d7f4c6a23 a9516cfa649f54fa9c2c738714605b41645f35f5 507382b74344077b19f6d559aaf6612ad7a0b07d0c2b06c6455f031ba1c7e117
GET /?url=https://aka.ms/o0ukef&data=05|02|phishing@psu.edu|ce6795298b9f453fbc4708dc4f8994de|7cf48d453ddb4389a9c1c115526eb52e|0|0|638472699530879633|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0=|0|||&sdata=0WevqD1SaZQxE/e7M4XjyDT2axBPgrZuhAsi7cd93go=&reserved=0 HTTP/1.1
Host: nam10.safelinks.protection.outlook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://aka.ms/o0ukef
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 4.0
X-SL-GetUrlReputation-Verdict: Good
X-Robots-Tag: noindex, nofollow
X-AspNet-Version: 4.0.30319
X-ServerName: MW2NAM10WS025
X-ServerVersion: 15.20.7430.028
X-ServerLat: 22
X-SafeLinks-Tracking-Id: d8c58f00-cda6-4ccc-372b-08dc4f89ff6d
X-Powered-By: ASP.NET
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
Date: Fri, 29 Mar 2024 00:48:49 GMT
Connection: close
Content-Length: 138
|
|
| | 184.24.201.247 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1IP184.24.201.247:443
CertificateIssuerMicrosoft Corporation Subjectgo.microsoft.com Fingerprint77:01:70:50:0D:52:1B:1E:66:47:DF:09:49:BD:C0:48:06:13:ED:80 ValidityMon, 25 Sep 2023 16:26:11 GMT - Thu, 19 Sep 2024 16:26:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /o0ukef HTTP/1.1
Host: aka.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Server: Kestrel
Location: https://aka.ms/krs?id=-crYd9Lj
Request-Context: appId=cid-v1:26ef1154-5995-4d24-ad78-ef0b04f11587
X-Response-Cache-Status: True
Expires: Fri, 29 Mar 2024 00:48:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 29 Mar 2024 00:48:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
|
|
| | 184.24.201.247 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1IP184.24.201.247:443
CertificateIssuerMicrosoft Corporation Subjectgo.microsoft.com Fingerprint77:01:70:50:0D:52:1B:1E:66:47:DF:09:49:BD:C0:48:06:13:ED:80 ValidityMon, 25 Sep 2023 16:26:11 GMT - Thu, 19 Sep 2024 16:26:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /krs?id=-crYd9Lj HTTP/1.1
Host: aka.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Server: Kestrel
Location: https://krs.microsoft.com/redirect?id=-crYd9Lj
Request-Context: appId=cid-v1:26ef1154-5995-4d24-ad78-ef0b04f11587
X-Response-Cache-Status: True
Expires: Fri, 29 Mar 2024 00:48:49 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 29 Mar 2024 00:48:49 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
|
|
| www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2 | 23.38.201.156 | 200 OK | 23 kB |
URL GET HTTP/2www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2 IP23.38.201.156:443
Requested byhttps://krs.microsoft.com/redirect?id=-crYd9Lj CertificateIssuerMicrosoft Corporation Subjectwww.microsoft.com FingerprintE1:57:9B:A5:51:25:CE:C3:A7:8E:39:F5:5C:F8:1D:A8:BF:A9:4F:88 ValidityThu, 14 Sep 2023 17:24:20 GMT - Sun, 08 Sep 2024 17:24:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22904, version 0.0 Hashc654a623ad90bb3dcd769dbbac34d863 8719de38f17d8e4d73e2a5e4e867d63dd3965baa deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432
GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2 HTTP/1.1
Host: www.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://krs.microsoft.com/
Origin: https://krs.microsoft.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/font-woff2
last-modified: Thu, 18 Jan 2024 19:18:31 GMT
x-activity-id: d60b99a5-cba5-48b0-8992-d8c6e735b7ef
x-appversion: 1.0.8745.29656
x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2023-12-12T00:28:32.0000000Z}
ms-operation-id: 22c9efc752a18f45b92d0311af17b198
p3p: CP="CAO CONi OTR OUR DEM ONL"
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS
x-xss-protection: 1; mode=block
content-length: 22904
cache-control: public, max-age=25468169
expires: Fri, 17 Jan 2025 19:18:19 GMT
date: Fri, 29 Mar 2024 00:48:50 GMT
tls_version: tls1.3
strict-transport-security: max-age=31536000
ms-cv: CASMicrosoftCV3120f7bb.0
ms-cv-esi: CASMicrosoftCV3120f7bb.0
x-rtag: RT
X-Firefox-Spdy: h2
|
|
| krsprod.azureedge.net/images/appgroups/f696136c-35fb-4350-a296-0c8b47068b32/103ba177-4e85-43ea-a1b1-74460cfac566 | 152.199.19.161 | 200 OK | 148 kB |
URL GET HTTP/2krsprod.azureedge.net/images/appgroups/f696136c-35fb-4350-a296-0c8b47068b32/103ba177-4e85-43ea-a1b1-74460cfac566 IP152.199.19.161:443
Requested byhttps://krs.microsoft.com/redirect?id=-crYd9Lj CertificateIssuerDigiCert Inc Subject*.vo.msecnd.net Fingerprint86:E0:37:E4:B1:31:51:81:DD:54:33:82:FF:4D:EB:D1:15:5F:65:C4 ValidityTue, 30 Jan 2024 00:00:00 GMT - Thu, 30 Jan 2025 23:59:59 GMT
File typePNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced Size148 kB (148318 bytes) Hash7def051fc9a0d25bf0da0e19f3c415ff e22f3c1a9ed3bf338ca9d21c4c49f2b621cdf394 0ae57c82dfe6ecf6e7dde018eb97661b74f2ace7b16281ed27651a9170900b8d
GET /images/appgroups/f696136c-35fb-4350-a296-0c8b47068b32/103ba177-4e85-43ea-a1b1-74460cfac566 HTTP/1.1
Host: krsprod.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://krs.microsoft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 340143
content-md5: fe8FH8mg0lvw2g4Z88QV/w==
content-type: application/octet-stream
date: Fri, 29 Mar 2024 00:48:50 GMT
etag: "0x8DA911580181880"
last-modified: Wed, 07 Sep 2022 21:11:15 GMT
server: ECAcc (ska/F760)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-creation-time: Wed, 07 Sep 2022 21:11:15 GMT
x-ms-is-current-version: true
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: c813b358-901e-009e-755a-7e625f000000
x-ms-server-encrypted: true
x-ms-version: 2021-04-10
x-ms-version-id: 2022-09-07T21:11:15.5750016Z
content-length: 148318
X-Firefox-Spdy: h2
|
|
| c.s-microsoft.com/favicon.ico?v2 | 23.38.201.156 | | 540 B |
URL GET c.s-microsoft.com/favicon.ico?v2 IP23.38.201.156:0
Requested byhttps://krs.microsoft.com/redirect?id=-crYd9Lj CertificateIssuerMicrosoft Corporation Subjectwww.microsoft.com FingerprintE1:57:9B:A5:51:25:CE:C3:A7:8E:39:F5:5C:F8:1D:A8:BF:A9:4F:88 ValidityThu, 14 Sep 2023 17:24:20 GMT - Sun, 08 Sep 2024 17:24:20 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /favicon.ico?v2 HTTP/1.1
Host: c.s-microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://krs.microsoft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/x-icon
last-modified: Wed, 21 Feb 2024 17:15:40 GMT
etag: "1DA64E997EE8600"
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
x-sitemuse-origin: Azure
x-azure-ref: 20240226T081051Z-gr12wku8891gx0ccg3avvkf8t800000001s0000000002bn5
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 540
cache-control: public, max-age=230723
expires: Sun, 31 Mar 2024 16:54:14 GMT
date: Fri, 29 Mar 2024 00:48:51 GMT
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| krs.microsoft.com/redirect?id=-crYd9Lj | 13.107.213.53 | 200 OK | 1.8 kB |
URL User Request GET HTTP/2krs.microsoft.com/redirect?id=-crYd9Lj IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerDigiCert Inc Subjectkrs.microsoft.com Fingerprint88:FC:F2:E9:6E:1F:57:EE:B9:9A:65:E8:8A:24:C6:F4:17:98:AB:F9 ValidityThu, 29 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (1878), with no line terminators Hashec136da2fd2ac46a06050d8692cd9310 b169c6dc1d63b2b7f310923365aea6c6f8e40e77 35f6276a99a42f5594c9b63aa59130cc501a25b5a85062d7274dbb57f34eb2af
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /redirect?id=-crYd9Lj HTTP/1.1
Host: krs.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:48:50 GMT
content-type: text/html; charset=utf-8
content-encoding: br
set-cookie: TiPMix=48.05188889805091; path=/; HttpOnly; Domain=krs.microsoft.com; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=krs.microsoft.com; Max-Age=3600; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:21c5cddf-c4b1-44ff-854e-6e2d0ac6af45
x-azure-ref: 20240329T004849Z-7efuu6q5mt33t53zm4z26yf3zw00000003g00000000044nv
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| krs.microsoft.com/css/styles.css | 13.107.213.53 | 200 OK | 555 B |
URL GET HTTP/2krs.microsoft.com/css/styles.css IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://krs.microsoft.com/redirect?id=-crYd9Lj CertificateIssuerDigiCert Inc Subjectkrs.microsoft.com Fingerprint88:FC:F2:E9:6E:1F:57:EE:B9:9A:65:E8:8A:24:C6:F4:17:98:AB:F9 ValidityThu, 29 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (614), with no line terminators Hashc1809977c0d933c7e5613c08e2d14428 f0638b9f62b176f19d75d09d5e22d6247e4b837a 5bea8c481c965df7c7b6c0f6ffed0bf68591ecb5b1b1178c82399f336c7e7fa9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /css/styles.css HTTP/1.1
Host: krs.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://krs.microsoft.com/redirect?id=-crYd9Lj
Cookie: TiPMix=48.05188889805091; x-ms-routing-name=self
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:48:50 GMT
content-type: text/css
content-encoding: br
etag: "1da74a9701b8c2b"
last-modified: Tue, 12 Mar 2024 18:16:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:21c5cddf-c4b1-44ff-854e-6e2d0ac6af45
x-azure-ref: 20240329T004850Z-7efuu6q5mt33t53zm4z26yf3zw00000003g00000000044p8
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| krs.microsoft.com/images/GooglePlayStoreBadge.png | 13.107.213.53 | 200 OK | 9.4 kB |
URL GET HTTP/2krs.microsoft.com/images/GooglePlayStoreBadge.png IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://krs.microsoft.com/redirect?id=-crYd9Lj CertificateIssuerDigiCert Inc Subjectkrs.microsoft.com Fingerprint88:FC:F2:E9:6E:1F:57:EE:B9:9A:65:E8:8A:24:C6:F4:17:98:AB:F9 ValidityThu, 29 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 564 x 168, 8-bit colormap, non-interlaced Hash96e7da23073d7ffeb2b90fcef2570b2c 6aefac48244653fe982489338e70c5fb0d900fc2 89514515ca490c1e66e3298d91d74eaf1f760c0d4b21e4e9f18fdaf3996554f3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /images/GooglePlayStoreBadge.png HTTP/1.1
Host: krs.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://krs.microsoft.com/redirect?id=-crYd9Lj
Cookie: TiPMix=48.05188889805091; x-ms-routing-name=self
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:48:51 GMT
content-type: image/png
content-encoding: br
etag: "1da74a973af319b"
last-modified: Tue, 12 Mar 2024 18:16:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:21c5cddf-c4b1-44ff-854e-6e2d0ac6af45
x-azure-ref: 20240329T004850Z-7efuu6q5mt33t53zm4z26yf3zw00000003g00000000044p9
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| krs.microsoft.com/images/AppleAppStoreBadge.png | 13.107.213.53 | 200 OK | 6.4 kB |
URL GET HTTP/2krs.microsoft.com/images/AppleAppStoreBadge.png IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://krs.microsoft.com/redirect?id=-crYd9Lj CertificateIssuerDigiCert Inc Subjectkrs.microsoft.com Fingerprint88:FC:F2:E9:6E:1F:57:EE:B9:9A:65:E8:8A:24:C6:F4:17:98:AB:F9 ValidityThu, 29 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typePNG image data, 480 x 160, 8-bit colormap, non-interlaced Hashbaea015a2869c38653a857d46d227854 54d9f20ebe2369f3de5ff260e5660f54a550a247 b504dd0577136856d78114d514a13139f2d1fb8b05712787019a5d750c811a50
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /images/AppleAppStoreBadge.png HTTP/1.1
Host: krs.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://krs.microsoft.com/redirect?id=-crYd9Lj
Cookie: TiPMix=48.05188889805091; x-ms-routing-name=self
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 00:48:51 GMT
content-type: image/png
content-encoding: br
etag: "1da74a9701b96f7"
last-modified: Tue, 12 Mar 2024 18:16:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:21c5cddf-c4b1-44ff-854e-6e2d0ac6af45
x-azure-ref: 20240329T004850Z-7efuu6q5mt33t53zm4z26yf3zw00000003g00000000044pa
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|