accounts.qa1.carestackqa.com Open in urlscan Pro
20.119.8.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://accounts.qa1.carestackqa.com/
Submission: On August 25 via automatic, source certstream-suspicious (August 25th 2024, 1:53:50 pm UTC) — Scanned from IT

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 8 HTTP transactions. The main IP is 20.119.8.56, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is accounts.qa1.carestackqa.com.
TLS certificate: Issued by R10 on July 6th 2024. Valid for: 3 months.

This is the only time accounts.qa1.carestackqa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.119.8.56 20.119.8.56	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.199.19.161 152.199.19.161	15133 (EDGECAST) (EDGECAST)
2	20.50.88.244 20.50.88.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	4

4 20.119.8.56 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

accounts.qa1.carestackqa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.161 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.244 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	carestackqa.com accounts.qa1.carestackqa.com	12 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 853	201 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 5485	22 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	6 KB
8	4

	Domain	Requested by
4	accounts.qa1.carestackqa.com	accounts.qa1.carestackqa.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
1	az416426.vo.msecnd.net	accounts.qa1.carestackqa.com
1	cdnjs.cloudflare.com	accounts.qa1.carestackqa.com
8	4

This site contains no links.

Subject Issuer	Validity	Valid
*.qa1.carestackqa.com R10	`2024-07-06` - `2024-10-04`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 03	`2024-06-24` - `2025-06-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://accounts.qa1.carestackqa.com/
Frame ID: 966016675234BEB154633E98C5D15519
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Server up and runnning

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

40 kB
Transfer

159 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
accounts.qa1.carestackqa.com/ 2 KB
1 KB 1169ms
282ms Document
text/html 20.119.8.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.qa1.carestackqa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.119.8.56 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2ad6e7cf7902ced327e501f86879ffd8ca33af42fadb2da5b22ce59ac29d8de8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 1151
content-type: text/html; charset=utf-8
date: Sun, 25 Aug 2024 13:53:44 GMT
request-context: appId=cid-v1:f8093429-fe0a-451f-a37a-c9259257552f
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H2 200 site.css
accounts.qa1.carestackqa.com/css/ 31 KB
9 KB 308ms
305ms Stylesheet
text/css 20.119.8.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.qa1.carestackqa.com/css/site.css
Requested by: Host: accounts.qa1.carestackqa.com
URL: https://accounts.qa1.carestackqa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.119.8.56 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: caa9b16717eecfab2e808332ab744e5e3be810d67b730e11486631579ffb49a1

Request headers

Referer: https://accounts.qa1.carestackqa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:53:44 GMT
content-encoding: gzip
last-modified: Tue, 14 May 2024 15:47:58 GMT
server: Microsoft-IIS/10.0
etag: "1daa61617d2365a"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
request-context: appId=cid-v1:f8093429-fe0a-451f-a37a-c9259257552f

GET
H2 200 login-page-styles.css
accounts.qa1.carestackqa.com/css/ 313 B
417 B 305ms
303ms Stylesheet
text/css 20.119.8.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.qa1.carestackqa.com/css/login-page-styles.css
Requested by: Host: accounts.qa1.carestackqa.com
URL: https://accounts.qa1.carestackqa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.119.8.56 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 77dbb3faf6e1ee843ddf1ce33e7292d3a745f55644249c652fcca9dd081ec471

Request headers

Referer: https://accounts.qa1.carestackqa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:53:44 GMT
content-encoding: gzip
last-modified: Tue, 14 May 2024 15:47:58 GMT
server: Microsoft-IIS/10.0
etag: "1daa61617d24a39"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 310
request-context: appId=cid-v1:f8093429-fe0a-451f-a37a-c9259257552f

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 908ms
107ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: accounts.qa1.carestackqa.com
URL: https://accounts.qa1.carestackqa.com/css/site.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://accounts.qa1.carestackqa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:53:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 240188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5h0PVphcl%2Bc93KZ5u4VAyfXuDIvFgDpqc7eascPjsgMTP0LRmi2Vm4bBKpl2o5SUoZwe2biO1opDVp2Rbn09U%2BIFm%2BaSMONdX3C0NUqLKk469HB2e2oMYgRrFhZI%2BkKq5nEh%2BYrB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b8c11fa9c744c40-MXP
expires: Fri, 15 Aug 2025 13:53:46 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 524ms
56ms Script
application/x-javascript 152.199.19.161
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: accounts.qa1.carestackqa.com
URL: https://accounts.qa1.carestackqa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.161 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C34) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer: https://accounts.qa1.carestackqa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 25 Aug 2024 13:53:47 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 803
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (mil/6C34)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fa24388a-101e-0093-3ef4-f61bd5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Sun, 25 Aug 2024 14:23:47 GMT

GET
H2 200 favicon.ico
accounts.qa1.carestackqa.com/images/ 1 KB
1 KB 252ms
250ms Other
image/x-icon 20.119.8.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.qa1.carestackqa.com/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.119.8.56 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8e61fef624e9f5714f4b8e316c099bad6cc0d405fffc8dabb6332950fe5508d2

Request headers

Referer: https://accounts.qa1.carestackqa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 13:53:47 GMT
last-modified: Tue, 14 May 2024 15:47:58 GMT
server: Microsoft-IIS/10.0
etag: "1daa61617d24f7e"
x-powered-by: ASP.NET
content-type: image/x-icon
accept-ranges: bytes
content-length: 1150
request-context: appId=cid-v1:f8093429-fe0a-451f-a37a-c9259257552f

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 1866ms
351ms Preflight 20.50.88.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://accounts.qa1.carestackqa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Sun, 25 Aug 2024 13:53:48 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
201 B 526ms
525ms XHR
application/json 20.50.88.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a4425aa8a200e8ed475270c696d52a3b59733592c7112e7a40ecea076119f712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://accounts.qa1.carestackqa.com/
Sdk-Context: appId
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Sun, 25 Aug 2024 13:53:49 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			accounts.qa1.carestackqa.com/	1970-01-21 07:48:50	Name: ai_user Value: zlfI+\|2024-08-25T13:53:47.324Z
			accounts.qa1.carestackqa.com/	1970-01-20 23:03:15	Name: ai_session Value: R1h65\|1724594027427.6\|1724594027427.6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.qa1.carestackqa.com
az416426.vo.msecnd.net
cdnjs.cloudflare.com
dc.services.visualstudio.com
104.17.25.14
152.199.19.161
20.119.8.56
20.50.88.244
2ad6e7cf7902ced327e501f86879ffd8ca33af42fadb2da5b22ce59ac29d8de8
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
77dbb3faf6e1ee843ddf1ce33e7292d3a745f55644249c652fcca9dd081ec471
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8e61fef624e9f5714f4b8e316c099bad6cc0d405fffc8dabb6332950fe5508d2
a4425aa8a200e8ed475270c696d52a3b59733592c7112e7a40ecea076119f712
caa9b16717eecfab2e808332ab744e5e3be810d67b730e11486631579ffb49a1

accounts.qa1.carestackqa.com Open in urlscan Pro 20.119.8.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

40 kBTransfer

159 kBSize

2 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

2 Cookies

Indicators

accounts.qa1.carestackqa.com Open in urlscan Pro
20.119.8.56 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

40 kB
Transfer

159 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions