Report - aka.ms/AAb9ysg

Report Overview

Visitedpublic

2025-07-24 08:25:47

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aka.ms	5800	2011-01-20	2017-02-01	2025-07-21	972 B	4.4 kB	2.18.198.9
www.microsoft.com	302	1991-05-02	2012-05-21	2025-07-18	546 B	24 kB	96.6.17.223
krs.microsoft.com	unknown	1991-05-02	2022-02-11	2025-07-17	2.3 kB	20 kB	13.107.246.53
play-lh.googleusercontent.com	407	2008-11-17	2019-09-30	2025-07-22	521 B	9.5 kB	142.250.74.54

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (8)

	URL	IP	Response	Size
	GET aka.ms/AAb9ysg	2.18.198.9	301 Moved Permanently	1.8 kB
URL aka.ms/AAb9ysg IP / ASN 2.18.198.9 #20940 Akamai International B.V. Requested byN/A Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5606118 Size1.8 kB (1750 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerMicrosoft Corporation Subjectgo.microsoft.com Fingerprint98:34:56:4D:8B:86:48:AC:84:83:24:CC:F3:4E:31:E0:D3:63:03:64 ValidityThu, 29 Aug 2024 20:17:58 GMT - Sun, 24 Aug 2025 20:17:58 GMT HTTP Headers `GET /AAb9ysg HTTP/1.1 Host: aka.ms User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Content-Length: 0 Server: Kestrel Location: https://aka.ms/krs?id=lxDNVZKK Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1 X-Response-Cache-Status: True Expires: Thu, 24 Jul 2025 08:25:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Thu, 24 Jul 2025 08:25:25 GMT Connection: keep-alive Strict-Transport-Security: max-age=31536000 ; includeSubDomains`

	GET aka.ms/krs?id=lxDNVZKK	2.18.198.9	301 Moved Permanently	1.8 kB
URL aka.ms/krs?id=lxDNVZKK IP / ASN 2.18.198.9 #20940 Akamai International B.V. Requested byN/A Resource Info File typeN/A First Seen0001-01-01 Last Seen2025-08-02 Times Seen5606118 Size1.8 kB (1750 bytes) MD5d41d8cd98f00b204e9800998ecf8427e SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Certificate Info IssuerMicrosoft Corporation Subjectgo.microsoft.com Fingerprint98:34:56:4D:8B:86:48:AC:84:83:24:CC:F3:4E:31:E0:D3:63:03:64 ValidityThu, 29 Aug 2024 20:17:58 GMT - Sun, 24 Aug 2025 20:17:58 GMT HTTP Headers `GET /krs?id=lxDNVZKK HTTP/1.1 Host: aka.ms User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Content-Length: 0 Server: Kestrel Location: https://krs.microsoft.com/redirect?id=lxDNVZKK Request-Context: appId=cid-v1:d94c0f68-64bf-4036-8409-a0e761bb7ee1 X-Response-Cache-Status: True Expires: Thu, 24 Jul 2025 08:25:25 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Thu, 24 Jul 2025 08:25:25 GMT Connection: keep-alive Strict-Transport-Security: max-age=31536000 ; includeSubDomains`

	GET www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2	96.6.17.223	200 OK	23 kB
URL www.microsoft.com/mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2 IP / ASN 96.6.17.223 #16625 AKAMAI-AS Requested byhttps://krs.microsoft.com/redirect?id=lxDNVZKK Resource Info File typeWeb Open Font Format (Version 2), TrueType, length 22904, version 0.0 First Seen2023-04-06 Last Seen2025-07-25 Times Seen719 Size23 kB (22904 bytes) MD5c654a623ad90bb3dcd769dbbac34d863 SHA18719de38f17d8e4d73e2a5e4e867d63dd3965baa SHA256deec787cca1b9436e080478742a0299e0db1a9712543a72d2cdc8373fc45a432 Certificate Info IssuerMicrosoft Corporation Subjectwww.microsoft.com FingerprintC0:CF:0C:15:80:E2:06:18:EA:15:35:7F:C1:02:86:22:51:8D:DC:4D ValidityMon, 26 Aug 2024 16:01:06 GMT - Thu, 21 Aug 2025 16:01:06 GMT HTTP Headers GET /mwf/_h/v3.54/mwf.app/fonts/mwfmdl2-v3.54.woff2 HTTP/1.1 Host: www.microsoft.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://krs.microsoft.com/ Origin: https://krs.microsoft.com DNT: 1 Connection: keep-alive Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: application/font-woff2 content-length: 22904 last-modified: Thu, 13 Mar 2025 03:57:53 GMT x-activity-id: 7a43ad42-0516-4319-99b1-6e35ee00c91f x-appversion: 1.0.9090.33347 x-az: {did:92e7dc58ca2143cfb2c818b047cc5cd1, rid: OneDeployContainer, sn: marketingsites-prod-odnortheurope, dt: 2018-05-03T20:14:23.4188992Z, bt: 2024-11-21T03:31:34.0000000Z} ms-operation-id: 6526c8687b5b184e47291edb572edd0d p3p: CP="CAO CONi OTR OUR DEM ONL" x-content-type-options: nosniff access-control-allow-origin: * access-control-allow-methods: HEAD,GET,POST,PATCH,PUT,OPTIONS x-xss-protection: 1; mode=block x-azure-ref: 20250313T035753Z-15b95477c68lgrfthC1STO8k2n00000006d0000000005g2n accept-ranges: bytes cache-control: public, max-age=20028799 expires: Fri, 13 Mar 2026 03:58:46 GMT date: Thu, 24 Jul 2025 08:25:27 GMT tls_version: tls1.3 strict-transport-security: max-age=31536000; includeSubDomains ms-cv: CASMicrosoftCV1185564b.0 ms-cv-esi: CASMicrosoftCV1185564b.0 x-rtag: OneRoute_Default X-Firefox-Spdy: h2

	GET krs.microsoft.com/css/styles.css	13.107.246.53	200 OK	555 B
URL krs.microsoft.com/css/styles.css IP / ASN 13.107.246.53 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested byhttps://krs.microsoft.com/redirect?id=lxDNVZKK Resource Info File typeASCII text, with CRLF line terminators First Seen2025-04-11 Last Seen2025-07-25 Times Seen57 Size555 B (555 bytes) MD547d656e07852519a2707bbc8c051e572 SHA113d3b798776d244afed2fe6c646bf1afec04d050 SHA25629bc5c3ddb3112ceeb177eb58119eae8aadedd3fb8bbbd361f68f6a09958e0d8 Certificate Info IssuerDigiCert Inc Subjectkrs.microsoft.com FingerprintBE:7D:98:0A:FA:A4:C9:97:7A:B1:9C:55:AF:8A:82:32:9B:98:AD:FC ValidityTue, 13 May 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT HTTP Headers GET /css/styles.css HTTP/1.1 Host: krs.microsoft.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://krs.microsoft.com/redirect?id=lxDNVZKK Cookie: MSCC=cid=qx7ft7mavj0leq4vylbl40vv-c1=1-c2=1-c3=1; TiPMix=9.357149470571724; x-ms-routing-name=self Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 24 Jul 2025 08:25:27 GMT content-type: text/css content-encoding: br etag: "1dbfbf69c47312b" last-modified: Wed, 23 Jul 2025 17:24:14 GMT vary: Accept-Encoding strict-transport-security: max-age=2592000 request-context: appId=cid-v1:21c5cddf-c4b1-44ff-854e-6e2d0ac6af45 x-azure-ref: 20250724T082526Z-r187858789bj6gsrhC1SVG8a1w0000000drg000000006ubm x-cache: CONFIG_NOCACHE X-Firefox-Spdy: h2`

	GET krs.microsoft.com/redirect?id=lxDNVZKK	13.107.246.53	200 OK	1.8 kB
URL krs.microsoft.com/redirect?id=lxDNVZKK IP / ASN 13.107.246.53 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested byN/A Resource Info File typeHTML document, ASCII text, with CRLF line terminators First Seen2025-07-24 Last Seen2025-07-24 Times Seen1 Size1.8 kB (1750 bytes) MD5c5fd8f18c7346c6b6fb8ddcb8d173daf SHA1417958e189c47d9ce5701eb924c8fe398f9d4436 SHA2564536ca31d2ce0312f1cb6f388355a7db965e06b65f660559116e60196afc37b1 Certificate Info IssuerDigiCert Inc Subjectkrs.microsoft.com FingerprintBE:7D:98:0A:FA:A4:C9:97:7A:B1:9C:55:AF:8A:82:32:9B:98:AD:FC ValidityTue, 13 May 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT HTTP Headers GET /redirect?id=lxDNVZKK HTTP/1.1 Host: krs.microsoft.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: MSCC=cid=qx7ft7mavj0leq4vylbl40vv-c1=1-c2=1-c3=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Thu, 24 Jul 2025 08:25:26 GMT content-type: text/html; charset=utf-8 content-encoding: br set-cookie: TiPMix=9.357149470571724; path=/; HttpOnly; Domain=krs.microsoft.com; Max-Age=3600; Secure; SameSite=None x-ms-routing-name=self; path=/; HttpOnly; Domain=krs.microsoft.com; Max-Age=3600; Secure; SameSite=None vary: Accept-Encoding strict-transport-security: max-age=2592000 request-context: appId=cid-v1:21c5cddf-c4b1-44ff-854e-6e2d0ac6af45 x-azure-ref: 20250724T082526Z-r187858789bj6gsrhC1SVG8a1w0000000drg000000006uak x-cache: CONFIG_NOCACHE X-Firefox-Spdy: h2

	GET krs.microsoft.com/images/AppleAppStoreBadge.png	13.107.246.53	200 OK	6.4 kB
URL krs.microsoft.com/images/AppleAppStoreBadge.png IP / ASN 13.107.246.53 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested byhttps://krs.microsoft.com/redirect?id=lxDNVZKK Resource Info File typePNG image data, 480 x 160, 8-bit colormap, non-interlaced First Seen2023-05-09 Last Seen2025-07-25 Times Seen486 Size6.4 kB (6391 bytes) MD5baea015a2869c38653a857d46d227854 SHA154d9f20ebe2369f3de5ff260e5660f54a550a247 SHA256b504dd0577136856d78114d514a13139f2d1fb8b05712787019a5d750c811a50 Certificate Info IssuerDigiCert Inc Subjectkrs.microsoft.com FingerprintBE:7D:98:0A:FA:A4:C9:97:7A:B1:9C:55:AF:8A:82:32:9B:98:AD:FC ValidityTue, 13 May 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT HTTP Headers GET /images/AppleAppStoreBadge.png HTTP/1.1 Host: krs.microsoft.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://krs.microsoft.com/redirect?id=lxDNVZKK Cookie: MSCC=cid=qx7ft7mavj0leq4vylbl40vv-c1=1-c2=1-c3=1; TiPMix=9.357149470571724; x-ms-routing-name=self Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 24 Jul 2025 08:25:27 GMT content-type: image/png content-encoding: br etag: "1dbfbf69d7878f7" last-modified: Wed, 23 Jul 2025 17:24:16 GMT vary: Accept-Encoding strict-transport-security: max-age=2592000 request-context: appId=cid-v1:21c5cddf-c4b1-44ff-854e-6e2d0ac6af45 x-azure-ref: 20250724T082526Z-r187858789bj6gsrhC1SVG8a1w0000000drg000000006ubp x-cache: CONFIG_NOCACHE X-Firefox-Spdy: h2`

	GET krs.microsoft.com/images/GooglePlayStoreBadge.png	13.107.246.53	200 OK	9.4 kB
URL krs.microsoft.com/images/GooglePlayStoreBadge.png IP / ASN 13.107.246.53 #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested byhttps://krs.microsoft.com/redirect?id=lxDNVZKK Resource Info File typePNG image data, 564 x 168, 8-bit colormap, non-interlaced First Seen2023-06-05 Last Seen2025-07-25 Times Seen483 Size9.4 kB (9371 bytes) MD596e7da23073d7ffeb2b90fcef2570b2c SHA16aefac48244653fe982489338e70c5fb0d900fc2 SHA25689514515ca490c1e66e3298d91d74eaf1f760c0d4b21e4e9f18fdaf3996554f3 Certificate Info IssuerDigiCert Inc Subjectkrs.microsoft.com FingerprintBE:7D:98:0A:FA:A4:C9:97:7A:B1:9C:55:AF:8A:82:32:9B:98:AD:FC ValidityTue, 13 May 2025 00:00:00 GMT - Tue, 14 Apr 2026 23:59:59 GMT HTTP Headers GET /images/GooglePlayStoreBadge.png HTTP/1.1 Host: krs.microsoft.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://krs.microsoft.com/redirect?id=lxDNVZKK Cookie: MSCC=cid=qx7ft7mavj0leq4vylbl40vv-c1=1-c2=1-c3=1; TiPMix=9.357149470571724; x-ms-routing-name=self Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Thu, 24 Jul 2025 08:25:27 GMT content-type: image/png content-encoding: br etag: "1dbfbf69d78449b" last-modified: Wed, 23 Jul 2025 17:24:16 GMT vary: Accept-Encoding strict-transport-security: max-age=2592000 request-context: appId=cid-v1:21c5cddf-c4b1-44ff-854e-6e2d0ac6af45 x-azure-ref: 20250724T082526Z-r187858789bj6gsrhC1SVG8a1w0000000drg000000006ubn x-cache: CONFIG_NOCACHE X-Firefox-Spdy: h2`

	GET play-lh.googleusercontent.com/Zk9elS0eGXDr0L4W6-Ey7YwHbRNjkyezHC8iCc8rWp64lNIjlByS8TDF9qDSZbiEWY4=w240-h480-rw	142.250.74.54	200 OK	9.0 kB
URL play-lh.googleusercontent.com/Zk9elS0eGXDr0L4W6-Ey7YwHbRNjkyezHC8iCc8rWp64lNIjlByS8TDF9qDSZbiEWY4=w240-h480-rw IP / ASN 142.250.74.54 #15169 GOOGLE Requested byhttps://krs.microsoft.com/redirect?id=lxDNVZKK Resource Info File typeRIFF (little-endian) data, Web/P image First Seen2024-11-03 Last Seen2025-07-25 Times Seen163 Size9.0 kB (8988 bytes) MD52e10aff7739b6a27789d49bd773e3600 SHA16ef0181bc7deb264435cf5400d7e67f9aa562f6b SHA2568154e61fa25aa4550aecb28472f84998d7b08f7b1f74353289c1a07cef2f70ef Certificate Info IssuerGoogle Trust Services Subjectedgestatic.com FingerprintA8:12:90:04:31:41:9F:DD:B7:99:52:51:A1:0C:CA:99:A6:9D:9C:B3 ValidityMon, 23 Jun 2025 08:40:15 GMT - Mon, 15 Sep 2025 08:40:14 GMT HTTP Headers GET /Zk9elS0eGXDr0L4W6-Ey7YwHbRNjkyezHC8iCc8rWp64lNIjlByS8TDF9qDSZbiEWY4=w240-h480-rw HTTP/1.1 Host: play-lh.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://krs.microsoft.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK access-control-allow-origin: * timing-allow-origin: * access-control-expose-headers: Content-Length content-disposition: inline;filename="unnamed.webp" x-content-type-options: nosniff server: fife content-length: 8988 x-xss-protection: 0 date: Thu, 24 Jul 2025 08:08:45 GMT expires: Fri, 25 Jul 2025 08:08:45 GMT cache-control: public, max-age=86400, no-transform age: 1002 etag: "v1" content-type: image/webp vary: Origin alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Detections

Host Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (8)

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers

HTTP Headers