blob.edproxy.gcch01.ediscovery.office365.us.admin-mcas-gov.us Open in urlscan Pro
13.72.27.220  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response blob.edproxy.gcch01.ediscovery.office365.us.admin-mcas-gov.us/	1 KB 1 KB	1008ms 40ms	Document text/html	13.72.27.220 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL http://blob.edproxy.gcch01.ediscovery.office365.us.admin-mcas-gov.us/ Protocol HTTP/1.1 Server 13.72.27.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software openresty / Resource Hash 3c2cc01fbc8a53f62cf45859dae33210c34a81b34f8193fd45bcc576da2cbd89 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Wed, 19 Oct 2022 15:07:41 GMT Expires Mon, 01-Jan-1990 00:00:00 GMT Pragma no-cache Server openresty Strict-Transport-Security max-age=31536000 Transfer-Encoding chunked X-MCAS-Cache-Status MISS X-MCAS-Processing-Time 2 X-MCAS-Request-Id 0e4c5e81540e9a496809afd3b5830cde X-MCAS-Upstream-Time n/a
GET H2	200	session-context-store-helper.min.js Show response mcasproxy.azureedge.net/proxyweb/1.21.24/js/	5 KB 5 KB	149ms 35ms	Script application/javascript	2600:141b:5000::173f:4d90 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcasproxy.azureedge.net/proxyweb/1.21.24/js/session-context-store-helper.min.js Requested by Host: blob.edproxy.gcch01.ediscovery.office365.us.admin-mcas-gov.us URL: http://blob.edproxy.gcch01.ediscovery.office365.us.admin-mcas-gov.us/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:5000::173f:4d90 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash c4b31737c5fe64db34abea57a13239f3439ba864b7b3831b4872b58e0c6d5fd3 Request headers accept-language en-US,en;q=0.9 Referer http://blob.edproxy.gcch01.ediscovery.office365.us.admin-mcas-gov.us/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Wed, 19 Oct 2022 15:07:41 GMT last-modified Thu, 01 Sep 2022 09:50:59 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 content-md5 Qh6Fmc0rxdbvbMqaLfAfTQ== etag 0x8DA8BFF79836705 content-type application/javascript access-control-allow-origin * x-ms-request-id f91bb029-901e-0002-6b29-c0cdd1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31492048 x-ms-version 2009-09-19 content-length 4826
GET H2	200	session-context-restore.html Show response mcasproxy.azureedge.net/proxyweb/1.21.24/html/ Frame 7484	209 B 660 B	32ms 31ms	Document text/html	2600:141b:5000::173f:4d90 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcasproxy.azureedge.net/proxyweb/1.21.24/html/session-context-restore.html Requested by Host: mcasproxy.azureedge.net URL: https://mcasproxy.azureedge.net/proxyweb/1.21.24/js/session-context-store-helper.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:5000::173f:4d90 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451 Request headers Referer http://blob.edproxy.gcch01.ediscovery.office365.us.admin-mcas-gov.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=30845020 content-length 209 content-md5 xcQ/+x+i42xZPwR88wJc4A== content-type text/html date Wed, 19 Oct 2022 15:07:41 GMT etag 0x8DA8BFF78C1383D last-modified Thu, 01 Sep 2022 09:50:58 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-blob-type BlockBlob x-ms-lease-status unlocked x-ms-request-id c7dbf696-601e-001c-1929-c0173c000000 x-ms-version 2009-09-19
GET H2	200	session-context-restore.min.js Show response mcasproxy.azureedge.net/proxyweb/1.21.24/js/ Frame 7484	38 KB 38 KB	41ms 41ms	Script application/javascript	2600:141b:5000::173f:4d90 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mcasproxy.azureedge.net/proxyweb/1.21.24/js/session-context-restore.min.js Requested by Host: mcasproxy.azureedge.net URL: https://mcasproxy.azureedge.net/proxyweb/1.21.24/html/session-context-restore.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:5000::173f:4d90 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 73df8b41d68fa98929628cda242bfe3ae05925ab90225ba11306787c07c28fa7 Request headers accept-language en-US,en;q=0.9 Referer https://mcasproxy.azureedge.net/proxyweb/1.21.24/html/session-context-restore.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Wed, 19 Oct 2022 15:07:41 GMT last-modified Thu, 01 Sep 2022 09:50:59 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 content-md5 83JxX35aDdoDXy1+UVIW2w== etag 0x8DA8BFF7969EDA4 content-type application/javascript access-control-allow-origin * x-ms-request-id c7dbf81f-601e-001c-7f29-c0173c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31492048 x-ms-version 2009-09-19 content-length 38602
GET H2	403	/ Show response blob.edproxy.gcch01.ediscovery.office365.us/	0 217 B	411ms 38ms	Document text/plain	52.227.138.79 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://blob.edproxy.gcch01.ediscovery.office365.us/? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.227.138.79 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://blob.edproxy.gcch01.ediscovery.office365.us.admin-mcas-gov.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-cache content-length 0 date Wed, 19 Oct 2022 15:07:41 GMT expires -1 originalurl https://blob.edproxy.gcch01.ediscovery.office365.us/ pragma no-cache reason service name is invalid; service=gcch01 server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://blob.edproxy.gcch01.ediscovery.office365.us/? Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blob.edproxy.gcch01.ediscovery.office365.us
blob.edproxy.gcch01.ediscovery.office365.us.admin-mcas-gov.us
mcasproxy.azureedge.net
13.72.27.220
2600:141b:5000::173f:4d90
52.227.138.79
3c2cc01fbc8a53f62cf45859dae33210c34a81b34f8193fd45bcc576da2cbd89
73df8b41d68fa98929628cda242bfe3ae05925ab90225ba11306787c07c28fa7
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451
c4b31737c5fe64db34abea57a13239f3439ba864b7b3831b4872b58e0c6d5fd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855