{"report_id":"fd7b90b8-a777-4c01-bfaa-79f56f10c45c","version":6,"status":"done","tags":[],"date":"2026-05-12T11:10:35Z","url":{"schema":"http","addr":"microsoftmailsupports.com","fqdn":"microsoftmailsupports.com","domain":"microsoftmailsupports.com","tld":"com"},"ip":{"addr":"216.198.79.65","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"microsoftmailsupports.com/login","fqdn":"microsoftmailsupports.com","domain":"microsoftmailsupports.com","tld":"com"},"title":"Microsoft 365 admin center","dom":{"size":2047,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1476)","md5":"776399f484a38fd307c0b721d6dbb9ba","sha1":"2eff7645ccd34c61bf635bcafcc0b7fe6a10d7a5","sha256":"ec0524336c0bbed6bbae874dfefbfdf63c0188ed6ce6e044ec6e2b0d1efdcb7a","sha512":"1a62c4ba3c94b7791fd961eeafcc50e67e5ed49b6077d87c67ff45a3fbe4843cfb28325f229efee22a158ab0910c3b18c75a8ac504a29d8143ce9ed51cdea9bd","ssdeep":"","tlshash":"b941cd21a4948d1b42030d8965a57e1d74dec2aaca0a8f08f5f412a6dfd7fc3cc8a26d","dom_hash":"domhash1c4f32c4d253e1365dd4c84e667b1d80","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"microsoftmailsupports.com","fqdn":"microsoftmailsupports.com","domain":"microsoftmailsupports.com","tld":"com"},"ip":{"addr":"216.198.79.65","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-16T11:10:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-12","alert":"Phishing Block","trigger":"microsoftmailsupports.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"microsoftmailsupports.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-10T22:17:57.86744Z","alert_count":0,"request_count":1,"received_data":49367,"sent_data":565,"comment":"","tags":null,"fingerprints":null},{"fqdn":"microsoftmailsupports.com","ip":{"addr":"64.29.17.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-05-10","domain_rank":0,"first_seen":"2026-05-12T11:10:35.771024Z","last_seen":"2026-05-12T11:10:35.771024Z","alert_count":8,"request_count":4,"received_data":463280,"sent_data":1858,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-10T22:20:44.526759Z","alert_count":0,"request_count":1,"received_data":13321,"sent_data":529,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"microsoftmailsupports.com/assets/index-BEu_D-2j.js","fqdn":"microsoftmailsupports.com","domain":"microsoftmailsupports.com","tld":"com"},"ip":{"addr":"64.29.17.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"70f49888b7ebeccd4db5a50f87660812","sha1":"baf36f4e4422425fb068c4addb27d8ec92224e1a","sha256":"4005d79ef32007edb63f4ce155705504d0ed1aa613cf35749fe1407d56f0e3a1","sha512":"17ac8c92a7b8e17ec3c56c3977f1f0c2389f253a8022221609ce19f7bbd29f7dd28a58271b8503d6219faada888c2105a63fd94de1dd22229be64eea898b8127","ssdeep":"6144:PO6dKfPohmA8IkcpG9nk5owMHpnfnH80VZG19Re8GXoXxXZXPYP1VRY8EP1f/RPP:29fJAr5oFtLi","tlshash":"6a842998b1697ae9fd2709a5006fa40f722f84c6d90d4870b6b4fc6d29614c4b37bfc9","size":388738,"data":"","first_seen":"2026-05-12T11:10:39.41982Z","last_seen":"2026-05-12T11:12:11.328299Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"microsoftmailsupports.com/","fqdn":"microsoftmailsupports.com","domain":"microsoftmailsupports.com","tld":"com"},"ip":{"addr":"64.29.17.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-12T11:10:13.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.microsoftmailsupports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 00:49:57 GMT","end":"Sun, 09 Aug 2026 00:49:56 GMT"},"fingerprint":{"sha1":"58:F5:3C:19:2A:1C:AC:A0:14:F7:32:56:AD:D1:A5:49:E7:E8:21:52","sha256":"1F:27:C9:80:6B:26:44:11:FC:FA:81:89:DD:1A:53:8B:82:D2:47:01:01:DA:25:B9:57:A6:2C:52:1A:55:AD:BB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: microsoftmailsupports.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 47574\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline\r\ncontent-type: text/html; charset=utf-8\r\ndate: Tue, 12 May 2026 11:10:13 GMT\r\netag: \"be5c99a1e59e72e2a3189bc994296a74\"\r\nlast-modified: Mon, 11 May 2026 21:57:19 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-enable-rewrite-caching: 1\r\nx-vercel-id: arn1::xvq8j-1778584213768-51b2fa81c92a\r\ncontent-length: 614\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":614,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"be5c99a1e59e72e2a3189bc994296a74","sha1":"070348eb7df621abea59ff92f26034aa9462ab17","sha256":"1f8252c0da749625f24a84c1d82a8d607d1cb77e5e37e06f7eb2e5ec659a60f1","sha512":"849bd127bf38f761e4186c6ef30c52288dd6ad1b2d603381d73309d6566a5655ef20737dc3982f9cbc2d89175285531ca7cccd9a5c7f4ef02f8d2f51cac1ba30","ssdeep":"","tlshash":"b9f0a201e8608d06422016616fc1fc04ad69d387974cad0435bb507d5fc6bc5cedf6b8","first_seen":"2026-05-12T11:10:39.418418Z","last_seen":"2026-05-12T11:12:11.323262Z","times_seen":2,"resource_available":true,"data":null}},"time_used":145,"timings":{"blocked":60,"dns":32,"connect":1,"send":0,"wait":10,"receive":15,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-12","alert":"Phishing Block","trigger":"microsoftmailsupports.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"microsoftmailsupports.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftmailsupports.com/assets/index-BEu_D-2j.js","fqdn":"microsoftmailsupports.com","domain":"microsoftmailsupports.com","tld":"com"},"ip":{"addr":"64.29.17.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftmailsupports.com/","date":"2026-05-12T11:10:13.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.microsoftmailsupports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 00:49:57 GMT","end":"Sun, 09 Aug 2026 00:49:56 GMT"},"fingerprint":{"sha1":"58:F5:3C:19:2A:1C:AC:A0:14:F7:32:56:AD:D1:A5:49:E7:E8:21:52","sha256":"1F:27:C9:80:6B:26:44:11:FC:FA:81:89:DD:1A:53:8B:82:D2:47:01:01:DA:25:B9:57:A6:2C:52:1A:55:AD:BB"}}},"request":{"raw":"GET /assets/index-BEu_D-2j.js HTTP/1.1\r\nHost: microsoftmailsupports.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftmailsupports.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 47574\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"index-BEu_D-2j.js\"\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=utf-8\r\ndate: Tue, 12 May 2026 11:10:13 GMT\r\netag: W/\"70f49888b7ebeccd4db5a50f87660812\"\r\nlast-modified: Mon, 11 May 2026 21:57:19 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-enable-rewrite-caching: 1\r\nx-vercel-id: arn1::7p4m5-1778584213956-25c8f21316c6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":388738,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (43387)","md5":"70f49888b7ebeccd4db5a50f87660812","sha1":"baf36f4e4422425fb068c4addb27d8ec92224e1a","sha256":"4005d79ef32007edb63f4ce155705504d0ed1aa613cf35749fe1407d56f0e3a1","sha512":"17ac8c92a7b8e17ec3c56c3977f1f0c2389f253a8022221609ce19f7bbd29f7dd28a58271b8503d6219faada888c2105a63fd94de1dd22229be64eea898b8127","ssdeep":"6144:PO6dKfPohmA8IkcpG9nk5owMHpnfnH80VZG19Re8GXoXxXZXPYP1VRY8EP1f/RPP:29fJAr5oFtLi","tlshash":"6a842998b1697ae9fd2709a5006fa40f722f84c6d90d4870b6b4fc6d29614c4b37bfc9","first_seen":"2026-05-12T11:10:39.41982Z","last_seen":"2026-05-12T11:12:11.328299Z","times_seen":2,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-12","alert":"Phishing Block","trigger":"microsoftmailsupports.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"microsoftmailsupports.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftmailsupports.com/assets/index-BrqxWXcg.css","fqdn":"microsoftmailsupports.com","domain":"microsoftmailsupports.com","tld":"com"},"ip":{"addr":"64.29.17.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://microsoftmailsupports.com/","date":"2026-05-12T11:10:13.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.microsoftmailsupports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 00:49:57 GMT","end":"Sun, 09 Aug 2026 00:49:56 GMT"},"fingerprint":{"sha1":"58:F5:3C:19:2A:1C:AC:A0:14:F7:32:56:AD:D1:A5:49:E7:E8:21:52","sha256":"1F:27:C9:80:6B:26:44:11:FC:FA:81:89:DD:1A:53:8B:82:D2:47:01:01:DA:25:B9:57:A6:2C:52:1A:55:AD:BB"}}},"request":{"raw":"GET /assets/index-BrqxWXcg.css HTTP/1.1\r\nHost: microsoftmailsupports.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftmailsupports.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nage: 47574\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"index-BrqxWXcg.css\"\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=utf-8\r\ndate: Tue, 12 May 2026 11:10:13 GMT\r\netag: W/\"29e49ea67d6778b869bf455c38c81137\"\r\nlast-modified: Mon, 11 May 2026 21:57:19 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-enable-rewrite-caching: 1\r\nx-vercel-id: arn1::kpf7q-1778584213956-51fe03d29cb6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":66125,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"29e49ea67d6778b869bf455c38c81137","sha1":"2b9c587bd516b60c0f33aa9ec3316d8b36eb5dfb","sha256":"d10b88415df4caa72afb99f0dded1fa99f5178e812cc213cdad3979a8b161315","sha512":"de045c9066e6f9b12d8939bc36657f082fd5e9957e737dad6ca0e43ca226b860de8a5390179b8a787d8d43e1ce84d4030c277c6dc0dad94050be6ba82f6ceb6f","ssdeep":"768:4FCOo1Pg7NIMIoFRnJ1h+JcpCuNQpIN75V54/auv5XGFu:66Hor3e/j8M","tlshash":"74535372a394753dbc23e4b5aa849ade7044d953d4a3d7f9e8a0e124c4c76f36a30f48","first_seen":"2026-05-12T11:10:39.422094Z","last_seen":"2026-05-12T11:12:11.32722Z","times_seen":2,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"microsoftmailsupports.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-12","alert":"Phishing Block","trigger":"microsoftmailsupports.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Segoe+UI:wght@300;400;500;600;700\u0026family=Inter:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://microsoftmailsupports.com/","date":"2026-05-12T11:10:13.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /css2?family=Segoe+UI:wght@300;400;500;600;700\u0026family=Inter:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftmailsupports.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 12 May 2026 11:10:14 GMT\r\ndate: Tue, 12 May 2026 11:10:14 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12635,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"f04de8ad1ef740d940ec0f534a8f6474","sha1":"3b31756e84c8887867417c7d6cc64501c9d9193c","sha256":"2f1ac0c31bc3ede8317cf72e9d28051ec727c9a0014aa69cff495abd6256bb4e","sha512":"69afede137c125294044274e463f30c02594f379ec879285e0b3ee41097f503dfb8272487759870f547e4dc4cf8828a2c1efaa806deb2f3124b7f6d67c638783","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:8KYXuM0p2+4","tlshash":"28427892002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:44:19.218006Z","last_seen":"2026-05-12T15:58:55.428005Z","times_seen":21382,"resource_available":false,"data":null}},"time_used":261,"timings":{"blocked":114,"dns":1,"connect":21,"send":0,"wait":32,"receive":0,"ssl":90},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftmailsupports.com/favicon.png","fqdn":"microsoftmailsupports.com","domain":"microsoftmailsupports.com","tld":"com"},"ip":{"addr":"64.29.17.65","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoftmailsupports.com/","date":"2026-05-12T11:10:14.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.microsoftmailsupports.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 11 May 2026 00:49:57 GMT","end":"Sun, 09 Aug 2026 00:49:56 GMT"},"fingerprint":{"sha1":"58:F5:3C:19:2A:1C:AC:A0:14:F7:32:56:AD:D1:A5:49:E7:E8:21:52","sha256":"1F:27:C9:80:6B:26:44:11:FC:FA:81:89:DD:1A:53:8B:82:D2:47:01:01:DA:25:B9:57:A6:2C:52:1A:55:AD:BB"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: microsoftmailsupports.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftmailsupports.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nage: 47571\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-disposition: inline; filename=\"favicon.png\"\r\ncontent-type: image/png\r\ndate: Tue, 12 May 2026 11:10:14 GMT\r\netag: \"cc37dd573025d4b1bac008f654104e9a\"\r\nlast-modified: Mon, 11 May 2026 21:57:22 GMT\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: HIT\r\nx-vercel-enable-rewrite-caching: 1\r\nx-vercel-id: arn1::bz87b-1778584214246-0308e2cca37b\r\ncontent-length: 5598\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5598,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"cc37dd573025d4b1bac008f654104e9a","sha1":"24a79e793810129d22c50a7497b0ffac601a4a9c","sha256":"8bce8e49b9f0bebd190a1cc23eeaad3bb8ff503ff154116cacdb68f2a165aa79","sha512":"5cc0e9734bd8901a04eabc280b8b63e095ef7742d689558b67fa2b98124d01f99e9a73ee1a710b3a602464ea23537506c1ef451a5dfe75992ef7da73051874d5","ssdeep":"96:4000000000000000400000000000000n0000000000000000dddddddddddddoh0:4000000000000000400000000000000p","tlshash":"b4c1d681f12916e38e9d937d084b18e3aeb5480956f2c049691da71fdf8cd369e23fd4","first_seen":"2023-05-05T04:39:50Z","last_seen":"2026-05-12T11:12:11.330022Z","times_seen":25,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-12","alert":"Phishing Block","trigger":"microsoftmailsupports.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-12","alert":"Sinkholed","trigger":"microsoftmailsupports.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://microsoftmailsupports.com/","date":"2026-05-12T11:10:14.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"99:99:69:B2:FC:B4:4F:EA:18:FB:04:4C:0F:8D:3E:40:61:B5:31:00","sha256":"55:6F:9F:9F:5C:FF:31:03:79:C7:88:2B:89:0C:1A:2F:DE:0B:7B:1A:91:6E:BD:C8:7D:60:EF:5A:D9:C7:51:26"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://microsoftmailsupports.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 05 May 2026 18:06:56 GMT\r\nexpires: Wed, 05 May 2027 18:06:56 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 579798\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-05-12T16:20:04.853051Z","times_seen":175973,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":91,"dns":1,"connect":21,"send":0,"wait":22,"receive":29,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}