Page MenuHomeMy privacy DNS

aka.ms
Closed, ResolvedPublic

Description

It's a plain 'Redirector' that have to be blocked as..

  • Single Domain
  • Wild carded
aka.ms   CNAME . ; ReDirector, TrackWare
*.aka.ms   CNAME . ; ReDirector, TrackWare

Relevant logs and/or screenshots

Microsoft.com redirector to the unknown Spyware

https://answers.microsoft.com/en-us/protect/forum/protect_other-protect_start/has-this-microsoft-page-been-hijacked/b27f76d8-494d-434a-8d73-dd1f9cb1e554

+9login.microsoftonline.com3xhrhttps://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_a2qoeqtynfl-akwt7x_jvq2.js
+9login.microsoftonline.com3xhrhttps://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_5vz1lgudtctdponkgjfmwg2.css
+4login.microsoftonline.com1xhrhttps://login.microsoftonline.com/common/handlers/watson
+4login.microsoftonline.com3scripthttps://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watson.min_v4uqqpbimbulmncaz2jdxw2.js
+4login.microsoftonline.com3scripthttps://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/frameworksupport.min_zhg7it_lri4wqwee0pmhtg2.js
+4##.cc-containerlogin.microsoftonline.comdomhttps://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize?response_type=id_token&client_id=405e80fc-f8e6-40e6-b6b9-e5bcc7e6813e&redirect_uri=https%3A%2F%2Fredirectiontool.trafficmanager.net%2Fam%2Fredirection%2Fhome&state=a0e91ca1-af58-408f-8835-a5ed59a92200&client-request-id=51558c1a-ed7d-4211-907b-65fe1616c533&x-client-SKU=Js&x-client-Ver=1.0.15&nonce=451fef05-3a83-4f6e-aa04-a87190b69404
+4##.cc-bannerlogin.microsoftonline.comdomhttps://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize?response_type=id_token&client_id=405e80fc-f8e6-40e6-b6b9-e5bcc7e6813e&redirect_uri=https%3A%2F%2Fredirectiontool.trafficmanager.net%2Fam%2Fredirection%2Fhome&state=a0e91ca1-af58-408f-8835-a5ed59a92200&client-request-id=51558c1a-ed7d-4211-907b-65fe1616c533&x-client-SKU=Js&x-client-Ver=1.0.15&nonce=451fef05-3a83-4f6e-aa04-a87190b69404
+4###msccBannerlogin.microsoftonline.comdomhttps://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize?response_type=id_token&client_id=405e80fc-f8e6-40e6-b6b9-e5bcc7e6813e&redirect_uri=https%3A%2F%2Fredirectiontool.trafficmanager.net%2Fam%2Fredirection%2Fhome&state=a0e91ca1-af58-408f-8835-a5ed59a92200&client-request-id=51558c1a-ed7d-4211-907b-65fe1616c533&x-client-SKU=Js&x-client-Ver=1.0.15&nonce=451fef05-3a83-4f6e-aa04-a87190b69404
+4login.microsoftonline.com3scripthttps://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/watsonsupport.min_3z194vh3l5oibjd0ejgm-q2.js
+4login.microsoftonline.com3imagehttps://aadcdn.msftauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
+4login.microsoftonline.com3scripthttps://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_a2qoeqtynfl-akwt7x_jvq2.js
+4login.microsoftonline.com3scripthttps://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.old.converged.login.pcore.min_d63v-h3fsyflnxzbv_qemg2.js
+4behind-the-scene0,3xhrhttps://255.255.255.255/moz-extension://53cfdd28-130e-46ec-8607-995049ad51d9/?id=ca2506f89b.5f98%2Chttps%3A%2F%2Flogin.microsoftonline.com%2F72f988bf-86f1-41af-91ab-2d7cd011db47%2Foauth2%2Fauthorize%3Fresponse_type%3Did_token%26client_id%3D405e80fc-f8e6-40e6-b6b9-e5bcc7e6813e%26redirect_uri%3Dhttps%253A%252F%252Fredirectiontool.trafficmanager.net%252Fam%252Fredirection%252Fhome%26state%3Da0e91ca1-af58-408f-8835-a5ed59a92200%26client-request-id%3D51558c1a-ed7d-4211-907b-65fe1616c533%26x-client-SKU%3DJs%26x-client-Ver%3D1.0.15%26nonce%3D451fef05-3a83-4f6e-aa04-a87190b69404&url=https%3A%2F%2Flogin.microsoftonline.com%2F72f988bf-86f1-41af-91ab-2d7cd011db47%2Foauth2%2Fauthorize%3Fresponse_type%3Did_token%26client_id%3D405e80fc-f8e6-40e6-b6b9-e5bcc7e6813e%26redirect_uri%3Dhttps%253A%252F%252Fredirectiontool.trafficmanager.net%252Fam%252Fredirection%252Fhome%26state%3Da0e91ca1-af58-408f-8835-a5ed59a92200%26client-request-id%3D51558c1a-ed7d-4211-907b-65fe1616c533%26x-client-SKU%3DJs%26x-client-Ver%3D1.0.15%26nonce%3D451fef05-3a83-4f6e-aa04-a87190b69404&top=true&suspend=true
+4login.microsoftonline.com3csshttps://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_5vz1lgudtctdponkgjfmwg2.css
+4no-remote-fonts: * true--login.microsoftonline.com1inline-fonthttps://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize?response_type=id_token&client_id=405e80fc-f8e6-40e6-b6b9-e5bcc7e6813e&redirect_uri=https%3A%2F%2Fredirectiontool.trafficmanager.net%2Fam%2Fredirection%2Fhome&state=a0e91ca1-af58-408f-8835-a5ed59a92200&client-request-id=51558c1a-ed7d-4211-907b-65fe1616c533&x-client-SKU=Js&x-client-Ver=1.0.15&nonce=451fef05-3a83-4f6e-aa04-a87190b69404
+3/favicon.ico$image,3p,domain=~douban.com\~bahn.de\~winfuture.de\~bt.com\~ebay.com.au\~ebay.com\~ebay.co.uk\~go.com\~github.com\~stackexchange.com\~stackoverflow.com\~askubuntu.com\~reddit.com\~4chan.org\~twitter.com\~live.com\~espn.com\~yahoo.com--login.microsoftonline.com3imagehttps://redirectiontool.trafficmanager.net/favicon.ico
+3login.microsoftonline.com1dochttps://login.microsoftonline.com/72f988bf-86f1-41af-91ab-2d7cd011db47/oauth2/authorize?response_type=id_token&client_id=405e80fc-f8e6-40e6-b6b9-e5bcc7e6813e&redirect_uri=https%3A%2F%2Fredirectiontool.trafficmanager.net%2Fam%2Fredirection%2Fhome&state=a0e91ca1-af58-408f-8835-a5ed59a92200&client-request-id=51558c1a-ed7d-4211-907b-65fe1616c533&x-client-SKU=Js&x-client-Ver=1.0.15&nonce=451fef05-3a83-4f6e-aa04-a87190b69404
+3behind-the-scene0,3xhrhttps://255.255.255.255/moz-extension://53cfdd28-130e-46ec-8607-995049ad51d9/?id=16d47c0b95e.9df%2Chttps%3A%2F%2Fredirectiontool.trafficmanager.net%2Fam%2Fredirection%2Fhome&url=https%3A%2F%2Fredirectiontool.trafficmanager.net%2Fam%2Fredirection%2Fhome&top=true&suspend=true
+3redirectiontool.trafficmanager.net1scripthttps://redirectiontool.trafficmanager.net/ckeditor/ckeditor.js
+3redirectiontool.trafficmanager.net1scripthttps://redirectiontool.trafficmanager.net/monaco-editor/min/vs/editor/editor.main.js
+3redirectiontool.trafficmanager.net1scripthttps://redirectiontool.trafficmanager.net/monaco-editor/min/vs/editor/editor.main.nls.js
+3redirectiontool.trafficmanager.net1scripthttps://redirectiontool.trafficmanager.net/monaco-editor/min/vs/loader.js
+3redirectiontool.trafficmanager.net1scripthttps://redirectiontool.trafficmanager.net/jsll/CDN/jsll-4.2.5.js
+3redirectiontool.trafficmanager.net1scripthttps://redirectiontool.trafficmanager.net/bootstrap/dist/js/bootstrap.min.js
+3redirectiontool.trafficmanager.net1scripthttps://redirectiontool.trafficmanager.net/popper.js/dist/umd/popper.min.js
+3redirectiontool.trafficmanager.net1scripthttps://redirectiontool.trafficmanager.net/select2/dist/js/select2.min.js
+3redirectiontool.trafficmanager.net1csshttps://redirectiontool.trafficmanager.net/select2/dist/css/select2.min.css
+3redirectiontool.trafficmanager.net1scripthttps://redirectiontool.trafficmanager.net/jquery/dist/jquery.min.js
+3redirectiontool.trafficmanager.net3scripthttps://redirectionuxcdn.azureedge.net/cdnfiles/external/rttools/latest/init.877cb56ea22d9d70f7cd.bundle.js?78dd05ea375f90222bf4
+2no-remote-fonts: * true--redirectiontool.trafficmanager.net1inline-fonthttps://redirectiontool.trafficmanager.net/am/redirection/home
+1redirectiontool.trafficmanager.net1dochttps://redirectiontool.trafficmanager.net/am/redirection/home
+1no-remote-fonts: * true--aka.ms1inline-fonthttps://aka.ms/
+0aka.ms1dochttps://aka.ms/
+0aka.ms1dochttp://aka.ms/

Screenshots

All Submissions:

  • Have you followed the guidelines in our Contributing document?
  • Have you checked to ensure there aren't other open Merge Requests or issues for the same update/change?
  • Added ScreenDump for prove of False Negative
  • Have you added an explanation of what your submission do and why you'd like us to include them??

Testing face

  • Checked the internet for verification?
  • Have you successfully ran tests with your changes locally?

Todo:

  • RPZ Server (Team @Spirillen)
  • Added to Source file

Revisions and Commits

rMATRIX Matrix

Related Objects

StatusAssignedTask
ResolvedSpirillen
ResolvedSpirillen