Report - aka.ms/o0ukef

Report Overview

Visited public
2025-04-24 14:14:12
Tags
URL
aka.ms/o0ukef
Finishing URL
krs.microsoft.com/redirect?id=-crYd9Lj
IP / ASN
95.101.174.86
#16625 AKAMAI-AS
Title
Outlook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
krs.microsoft.com	unknown	1991-05-02	2022-02-11	2025-04-23	2.3 kB	20 kB	13.107.246.53
aka.ms	5800	2011-01-20	2017-02-01	2025-04-23	971 B	4.4 kB	2.18.198.9
www.microsoft.com	302	1991-05-02	2012-05-21	2025-04-22	546 B	24 kB	184.24.45.163
play-lh.googleusercontent.com	407	2008-11-17	2019-09-30	2025-04-20	521 B	9.5 kB	142.250.178.54

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (8)

	URL	IP	Response	Size
	krs.microsoft.com/css/styles.css	13.107.246.53	200 OK	555 B
URL GET krs.microsoft.com/css/styles.css IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://krs.microsoft.com/redirect?id=-crYd9Lj Certificate IssuerDigiCert Inc Subjectkrs.microsoft.com Fingerprint45:3B:0B:CF:98:C9:CA:A0:0D:D7:2F:16:F9:67:8E:25:F0:02:68:CD ValiditySat, 29 Mar 2025 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT File type ASCII text, with CRLF line terminators Size 555 B (555 bytes) Hash 47d656e07852519a2707bbc8c051e572 13d3b798776d244afed2fe6c646bf1afec04d050 29bc5c3ddb3112ceeb177eb58119eae8aadedd3fb8bbbd361f68f6a09958e0d8 HTTP Headers GET /css/styles.css HTTP/1.1 Host: krs.microsoft.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://krs.microsoft.com/redirect?id=-crYd9Lj Cookie: MSCC=cid=qx7ft7mavj0leq4vylbl40vv-c1=1-c2=1-c3=1; TiPMix=69.46358921535877; x-ms-routing-name=self Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 24 Apr 2025 14:13:53 GMT content-type: text/css content-encoding: br etag: "1db92b921215a2b" last-modified: Tue, 11 Mar 2025 19:09:36 GMT vary: Accept-Encoding strict-transport-security: max-age=2592000 request-context: appId=cid-v1:21c5cddf-c4b1-44ff-854e-6e2d0ac6af45 x-azure-ref: 20250424T141353Z-16c476b87948bfvbhC1SVGg8ac00000004400000000000xr x-cache: CONFIG_NOCACHE X-Firefox-Spdy: h2`

	krs.microsoft.com/images/AppleAppStoreBadge.png	13.107.246.53	200 OK	6.4 kB
URL GET krs.microsoft.com/images/AppleAppStoreBadge.png IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://krs.microsoft.com/redirect?id=-crYd9Lj Certificate IssuerDigiCert Inc Subjectkrs.microsoft.com Fingerprint45:3B:0B:CF:98:C9:CA:A0:0D:D7:2F:16:F9:67:8E:25:F0:02:68:CD ValiditySat, 29 Mar 2025 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT File type PNG image data, 480 x 160, 8-bit colormap, non-interlaced Size 6.4 kB (6391 bytes) Hash baea015a2869c38653a857d46d227854 54d9f20ebe2369f3de5ff260e5660f54a550a247 b504dd0577136856d78114d514a13139f2d1fb8b05712787019a5d750c811a50 HTTP Headers GET /images/AppleAppStoreBadge.png HTTP/1.1 Host: krs.microsoft.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://krs.microsoft.com/redirect?id=-crYd9Lj Cookie: MSCC=cid=qx7ft7mavj0leq4vylbl40vv-c1=1-c2=1-c3=1; TiPMix=69.46358921535877; x-ms-routing-name=self Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 24 Apr 2025 14:13:53 GMT content-type: image/png content-encoding: br etag: "1db92b922529df7" last-modified: Tue, 11 Mar 2025 19:09:38 GMT vary: Accept-Encoding strict-transport-security: max-age=2592000 request-context: appId=cid-v1:21c5cddf-c4b1-44ff-854e-6e2d0ac6af45 x-azure-ref: 20250424T141353Z-16c476b87948bfvbhC1SVGg8ac00000004400000000000xt x-cache: CONFIG_NOCACHE X-Firefox-Spdy: h2`

	krs.microsoft.com/redirect?id=-crYd9Lj	13.107.246.53	200 OK	1.8 kB
URL User Request GET krs.microsoft.com/redirect?id=-crYd9Lj IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Certificate IssuerDigiCert Inc Subjectkrs.microsoft.com Fingerprint45:3B:0B:CF:98:C9:CA:A0:0D:D7:2F:16:F9:67:8E:25:F0:02:68:CD ValiditySat, 29 Mar 2025 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT File type HTML document, ASCII text, with CRLF line terminators Size 1.8 kB (1750 bytes) Hash 4dbea793bf9a6ab4ae2dde1840b3021f 403bf41e2f44ba9abcc4094f793337e932cf7709 6cb5f5f1ab9204c1f02f89e9a3f308d35433c4c5f3b58392e896f1a7e55e815e HTTP Headers GET /redirect?id=-crYd9Lj HTTP/1.1 Host: krs.microsoft.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: MSCC=cid=qx7ft7mavj0leq4vylbl40vv-c1=1-c2=1-c3=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Thu, 24 Apr 2025 14:13:52 GMT content-type: text/html; charset=utf-8 content-encoding: br set-cookie: TiPMix=69.46358921535877; path=/; HttpOnly; Domain=krs.microsoft.com; Max-Age=3600; Secure; SameSite=None x-ms-routing-name=self; path=/; HttpOnly; Domain=krs.microsoft.com; Max-Age=3600; Secure; SameSite=None vary: Accept-Encoding strict-transport-security: max-age=2592000 request-context: appId=cid-v1:21c5cddf-c4b1-44ff-854e-6e2d0ac6af45 x-azure-ref: 20250424T141352Z-16c476b87948bfvbhC1SVGg8ac00000004400000000000v6 x-cache: CONFIG_NOCACHE X-Firefox-Spdy: h2

	aka.ms/krs?id=-crYd9Lj	2.18.198.9	301 Moved Permanently	1.8 kB
URL User Request GET aka.ms/krs?id=-crYd9Lj IP 2.18.198.9:443 ASN #20940 Akamai International B.V. Certificate IssuerMicrosoft Corporation Subjectgo.microsoft.com Fingerprint98:34:56:4D:8B:86:48:AC:84:83:24:CC:F3:4E:31:E0:D3:63:03:64 ValidityThu, 29 Aug 2024 20:17:58 GMT - Sun, 24 Aug 2025 20:17:58 GMT File type Size 1.8 kB (1750 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /krs?id=-crYd9Lj HTTP/1.1 Host: aka.ms User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Content-Length: 0 Server: Kestrel Location: https://krs.microsoft.com/redirect?id=-crYd9Lj Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1 X-Response-Cache-Status: True Expires: Thu, 24 Apr 2025 14:13:51 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Thu, 24 Apr 2025 14:13:51 GMT Connection: keep-alive Strict-Transport-Security: max-age=31536000 ; includeSubDomains`

	www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2	184.24.45.163	200 OK	23 kB
URL GET www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2 IP 184.24.45.163:443 ASN #16625 AKAMAI-AS Requested by https://krs.microsoft.com/redirect?id=-crYd9Lj Certificate IssuerMicrosoft Corporation Subjectwww.microsoft.com FingerprintC0:CF:0C:15:80:E2:06:18:EA:15:35:7F:C1:02:86:22:51:8D:DC:4D ValidityMon, 26 Aug 2024 16:01:06 GMT - Thu, 21 Aug 2025 16:01:06 GMT File type Web Open Font Format (Version 2), TrueType, length 22904, version 0.0 Size 23 kB (22904 bytes) Hash c654a623ad90bb3dcd769dbbac34d863 8719de38f17d8e4d73e2a5e4e867d63dd3965baa deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432 HTTP Headers GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2 HTTP/1.1 Host: www.microsoft.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://krs.microsoft.com/ Origin: https://krs.microsoft.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: application/font-woff2 content-length: 22904 last-modified: Thu, 13 Mar 2025 03:57:53 GMT x-activity-id: 7a43ad42-0516-4319-99b1-6e35ee00c91f x-appversion: 1.0.9090.33347 x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2024-11-21T03:31:34.0000000Z} ms-operation-id: 6526c8687b5b184e47291edb572edd0d p3p: CP="CAO CONi OTR OUR DEM ONL" x-content-type-options: nosniff access-control-allow-origin: * access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS x-xss-protection: 1; mode=block x-azure-ref: 20250313T035753Z-15b95477c68lgrfthC1STO8k2n00000006d0000000005g2n accept-ranges: bytes cache-control: public, max-age=27870180 expires: Fri, 13 Mar 2026 03:56:53 GMT date: Thu, 24 Apr 2025 14:13:53 GMT tls_version: tls1.3 strict-transport-security: max-age=31536000 ms-cv: CASMicrosoftCV2e6e97ff.0 ms-cv-esi: CASMicrosoftCV2e6e97ff.0 x-rtag: RT X-Firefox-Spdy: h2

	krs.microsoft.com/images/GooglePlayStoreBadge.png	13.107.246.53	200 OK	9.4 kB
URL GET krs.microsoft.com/images/GooglePlayStoreBadge.png IP 13.107.246.53:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://krs.microsoft.com/redirect?id=-crYd9Lj Certificate IssuerDigiCert Inc Subjectkrs.microsoft.com Fingerprint45:3B:0B:CF:98:C9:CA:A0:0D:D7:2F:16:F9:67:8E:25:F0:02:68:CD ValiditySat, 29 Mar 2025 00:00:00 GMT - Mon, 29 Sep 2025 23:59:59 GMT File type PNG image data, 564 x 168, 8-bit colormap, non-interlaced Size 9.4 kB (9371 bytes) Hash 96e7da23073d7ffeb2b90fcef2570b2c 6aefac48244653fe982489338e70c5fb0d900fc2 89514515ca490c1e66e3298d91d74eaf1f760c0d4b21e4e9f18fdaf3996554f3 HTTP Headers GET /images/GooglePlayStoreBadge.png HTTP/1.1 Host: krs.microsoft.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://krs.microsoft.com/redirect?id=-crYd9Lj Cookie: MSCC=cid=qx7ft7mavj0leq4vylbl40vv-c1=1-c2=1-c3=1; TiPMix=69.46358921535877; x-ms-routing-name=self Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 24 Apr 2025 14:13:53 GMT content-type: image/png content-encoding: br etag: "1db92b921217c9b" last-modified: Tue, 11 Mar 2025 19:09:36 GMT vary: Accept-Encoding strict-transport-security: max-age=2592000 request-context: appId=cid-v1:21c5cddf-c4b1-44ff-854e-6e2d0ac6af45 x-azure-ref: 20250424T141353Z-16c476b87948bfvbhC1SVGg8ac00000004400000000000xs x-cache: CONFIG_NOCACHE X-Firefox-Spdy: h2`

	play-lh.googleusercontent.com/Zk9elS0eGXDr0L4W6-Ey7YwHbRNjkyezHC8iCc8rWp64lNIjlByS8TDF9qDSZbiEWY4=w240-h480-rw	142.250.178.54	200 OK	9.0 kB
URL GET play-lh.googleusercontent.com/Zk9elS0eGXDr0L4W6-Ey7YwHbRNjkyezHC8iCc8rWp64lNIjlByS8TDF9qDSZbiEWY4=w240-h480-rw IP 142.250.178.54:443 ASN #15169 GOOGLE Requested by https://krs.microsoft.com/redirect?id=-crYd9Lj Certificate IssuerGoogle Trust Services Subjectedgestatic.com FingerprintD2:40:D1:AF:57:63:B3:44:20:46:41:E2:6B:C5:B2:6E:24:90:F8:96 ValidityMon, 31 Mar 2025 08:54:28 GMT - Mon, 23 Jun 2025 08:54:27 GMT File type RIFF (little-endian) data, Web/P image Size 9.0 kB (8988 bytes) Hash 2e10aff7739b6a27789d49bd773e3600 6ef0181bc7deb264435cf5400d7e67f9aa562f6b 8154e61fa25aa4550aecb28472f84998d7b08f7b1f74353289c1a07cef2f70ef HTTP Headers GET /Zk9elS0eGXDr0L4W6-Ey7YwHbRNjkyezHC8iCc8rWp64lNIjlByS8TDF9qDSZbiEWY4=w240-h480-rw HTTP/1.1 Host: play-lh.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://krs.microsoft.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK access-control-allow-origin: * timing-allow-origin: * access-control-expose-headers: Content-Length content-disposition: inline;filename="unnamed.webp" x-content-type-options: nosniff server: fife content-length: 8988 x-xss-protection: 0 date: Thu, 24 Apr 2025 12:55:14 GMT expires: Fri, 25 Apr 2025 12:55:14 GMT cache-control: public, max-age=86400, no-transform age: 4720 etag: "v1" content-type: image/webp vary: Origin alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	aka.ms/o0ukef	2.18.198.9	301 Moved Permanently	1.8 kB
URL User Request GET aka.ms/o0ukef IP 2.18.198.9:443 ASN #20940 Akamai International B.V. Certificate IssuerMicrosoft Corporation Subjectgo.microsoft.com Fingerprint98:34:56:4D:8B:86:48:AC:84:83:24:CC:F3:4E:31:E0:D3:63:03:64 ValidityThu, 29 Aug 2024 20:17:58 GMT - Sun, 24 Aug 2025 20:17:58 GMT File type Size 1.8 kB (1750 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /o0ukef HTTP/1.1 Host: aka.ms User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Content-Length: 0 Server: Kestrel Location: https://aka.ms/krs?id=-crYd9Lj Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1 X-Response-Cache-Status: True Expires: Thu, 24 Apr 2025 14:13:51 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Thu, 24 Apr 2025 14:13:51 GMT Connection: keep-alive Strict-Transport-Security: max-age=31536000 ; includeSubDomains`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (8)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size