urlscan.io logo urlscan.io
SecurityTrails logo

microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms Open in urlscan Pro
13.80.116.22  Public Scan

Go To Rescan Add Verdict Report
URL: https://microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms/
Submission: On May 20 via automatic, source ayashige — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 13.80.116.22, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms.
TLS certificate: Issued by Mcas Root CA on May 20th 2024. Valid for: a day.
This is the only time microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13.80.116.22 8075 (MICROSOFT...)
2 2606:2800:133... 15133 (EDGECAST)
6 3
Domain Requested by
2 mcasproxy.azureedge.net microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms
login.admin-rs-mcas-df.ms
1 login.admin-rs-mcas-df.ms mcasproxy.azureedge.net
1 microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms
0 login.windows-ppe.net Failed
6 4

This site contains no links.

Subject Issuer Validity Valid
MCAS
Mcas Root CA		 2024-05-20 -
2024-05-21		 a day crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2025-01-30		 a year crt.sh

This page contains 2 frames:

Frame: https://login.windows-ppe.net/common/oauth2/v2.0/authorize?response_type=code&response_mode=query&redirect_uri=https%3A%2F%2Flogin.admin-rs-mcas-df.ms%2Fopen_redirect_landing&client_id=9d6233f4-ab63-4916-91ca-a24b770a1c1b&scope=openid+profile+email&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22cp1%22%5D%7D%7D%7D&login_hint=unknown
Frame ID: E56EDC69C08962927E830FF5F60F6E55
Requests: 4 HTTP requests in this frame

Frame: https://login.admin-rs-mcas-df.ms/session-controls-context-restore&fragment=
Frame ID: 4C7336FC7B500F9F025E82B0931B3547
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Continue

Page Statistics

6
Requests

33 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

103 kB
Transfer

103 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.80.116.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
039e3712a1351aed8348bcb07c6bb501848d35d119da014c23fc25ba11d519e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 20 May 2024 07:26:18 GMT
expires
Mon, 01-Jan-1990 00:00:00 GMT
pragma
no-cache
server
openresty
strict-transport-security
max-age=31536000
x-mcas-cache-status
MISS
x-mcas-processing-time
5
x-mcas-request-id
b37756a07f9e0802210e9939b717bf89
x-mcas-upstream-time
n/a
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.56.7/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.56.7/js/session-context-store-helper.min.js
Requested by
Host: microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms
URL: https://microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
81daeb6de55c75d9bd5bde12fbe53815f5e85a3d1c465731317fd875b7b22f32

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 20 May 2024 07:26:18 GMT
last-modified
Mon, 20 May 2024 07:01:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
KezNU55O3jOwGVkquGMtvw==
etag
0x8DC789ABC0A5C30
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
37241080-901e-0063-7687-aa6c18000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
content-length
13873
session-controls-context-restore&fragment=
login.admin-rs-mcas-df.ms/ Frame 4C73 		254 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.admin-rs-mcas-df.ms/session-controls-context-restore&fragment=
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.56.7/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.80.116.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
83eb8ddcfe7c2bfd92dd0adf92f1201cef589488c545a22ad6ddbc52cddaef18

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com.admin-rs-mcas-df.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=60, public
content-encoding
gzip
content-type
text/html
date
Mon, 20 May 2024 07:26:20 GMT
server
openresty
x-mcas-cache-status
EXPIRED
x-mcas-processing-time
35
x-mcas-request-id
40f50cef5dd43522f7cb755164615556
x-mcas-upstream-time
n/a
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.56.7/js/ Frame 4C73 		87 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.56.7/js/session-context-restore.min.js
Requested by
Host: login.admin-rs-mcas-df.ms
URL: https://login.admin-rs-mcas-df.ms/session-controls-context-restore&fragment=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7d43efce393ffb55283a3c804abcb731c5ee5836e5a84bae580c2b8fed5dda74

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://login.admin-rs-mcas-df.ms/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 20 May 2024 07:26:20 GMT
last-modified
Mon, 20 May 2024 07:01:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
dGjHpNhDVMbdpSfhhtgebQ==
etag
0x8DC789ABC467202
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
be444b43-101e-0047-7687-aa5123000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
content-length
89283
authorize
login.windows-ppe.net/common/oauth2/v2.0/ 		0
0
authorize
login.windows-ppe.net/common/oauth2/v2.0/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
login.windows-ppe.net
URL
https://login.windows-ppe.net/common/oauth2/v2.0/authorize?response_type=code&response_mode=query&redirect_uri=https%3A%2F%2Flogin.admin-rs-mcas-df.ms%2Fopen_redirect_landing&client_id=9d6233f4-ab63-4916-91ca-a24b770a1c1b&scope=openid+profile+email&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22cp1%22%5D%7D%7D%7D&login_hint=unknown
Domain
login.windows-ppe.net
URL
https://login.windows-ppe.net/common/oauth2/v2.0/authorize?response_type=code&response_mode=query&redirect_uri=https%3A%2F%2Flogin.admin-rs-mcas-df.ms%2Fopen_redirect_landing&client_id=9d6233f4-ab63-4916-91ca-a24b770a1c1b&scope=openid+profile+email&claims=%7B%22access_token%22%3A%7B%22xms_cc%22%3A%7B%22values%22%3A%5B%22cp1%22%5D%7D%7D%7D&login_hint=unknown

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| OnBack function| DoSubmit object| SessionContextStoreHelper object| redirectForm

1 Cookies

Domain/Path Name / Value
.admin-rs-mcas-df.ms/ Name: mdaOpenRedUrl
Value: https://microsoft.73a3de6a-34ec-4ec7-9858-243614a27ff3.com/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000