microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms
Open in
urlscan Pro
13.80.116.22
Public Scan
Submission: On May 20 via automatic, source ayashige — Scanned from NL
Summary
TLS certificate: Issued by Mcas Root CA on May 20th 2024. Valid for: a day.
This is the only time microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 13.80.116.22 13.80.116.22 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd | 15133 (EDGECAST) (EDGECAST) | |
6 | 3 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms | |
login.admin-rs-mcas-df.ms |
ASN15133 (EDGECAST, US)
mcasproxy.azureedge.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 414908 |
101 KB |
2 |
admin-rs-mcas-df.ms
microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms login.admin-rs-mcas-df.ms |
2 KB |
0 |
windows-ppe.net
Failed
login.windows-ppe.net Failed |
|
6 | 3 |
Domain | Requested by | |
---|---|---|
2 | mcasproxy.azureedge.net |
microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms
login.admin-rs-mcas-df.ms |
1 | login.admin-rs-mcas-df.ms |
mcasproxy.azureedge.net
|
1 | microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms | |
0 | login.windows-ppe.net Failed | |
6 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
MCAS Mcas Root CA |
2024-05-20 - 2024-05-21 |
a day | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2024-01-30 - 2025-01-30 |
a year | crt.sh |
This page contains 2 frames:
Frame:
https://login.windows-ppe.net/common/oauth2/v2.0/authorize?response_type=code&response_mode=query&redirect_uri=https%3A%2F%2Flogin.admin-rs-mcas-df.ms%2Fopen_redirect_landing&client_id=9d6233f4-ab63-4916-91ca-a24b770a1c1b&scope=openid+profile+email&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22cp1%22%5D%7D%7D%7D&login_hint=unknown
Frame ID: E56EDC69C08962927E830FF5F60F6E55
Requests: 4 HTTP requests in this frame
Frame:
https://login.admin-rs-mcas-df.ms/session-controls-context-restore&fragment=
Frame ID: 4C7336FC7B500F9F025E82B0931B3547
Requests: 2 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.56.7/js/ |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-controls-context-restore&fragment=
login.admin-rs-mcas-df.ms/ Frame 4C73 |
254 B 427 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.56.7/js/ Frame 4C73 |
87 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
authorize
login.windows-ppe.net/common/oauth2/v2.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
authorize
login.windows-ppe.net/common/oauth2/v2.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.windows-ppe.net
- URL
- https://login.windows-ppe.net/common/oauth2/v2.0/authorize?response_type=code&response_mode=query&redirect_uri=https%3A%2F%2Flogin.admin-rs-mcas-df.ms%2Fopen_redirect_landing&client_id=9d6233f4-ab63-4916-91ca-a24b770a1c1b&scope=openid+profile+email&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22cp1%22%5D%7D%7D%7D&login_hint=unknown
- Domain
- login.windows-ppe.net
- URL
- https://login.windows-ppe.net/common/oauth2/v2.0/authorize?response_type=code&response_mode=query&redirect_uri=https%3A%2F%2Flogin.admin-rs-mcas-df.ms%2Fopen_redirect_landing&client_id=9d6233f4-ab63-4916-91ca-a24b770a1c1b&scope=openid+profile+email&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22cp1%22%5D%7D%7D%7D&login_hint=unknown
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| OnBack function| DoSubmit object| SessionContextStoreHelper object| redirectForm1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.admin-rs-mcas-df.ms/ | Name: mdaOpenRedUrl Value: https://microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com/ |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.admin-rs-mcas-df.ms
login.windows-ppe.net
mcasproxy.azureedge.net
microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms
login.windows-ppe.net
13.80.116.22
2606:2800:133:206e:1315:22a5:2006:24fd
039e3712a1351aed8348bcb07c6bb501848d35d119da014c23fc25ba11d519e8
7d43efce393ffb55283a3c804abcb731c5ee5836e5a84bae580c2b8fed5dda74
81daeb6de55c75d9bd5bde12fbe53815f5e85a3d1c465731317fd875b7b22f32
83eb8ddcfe7c2bfd92dd0adf92f1201cef589488c545a22ad6ddbc52cddaef18