urlscan.io logo urlscan.io
SecurityTrails logo

public-usa.mkt.dynamics.com Open in urlscan Pro
52.146.76.30  Public Scan

Go To Rescan Add Verdict Report
URL: https://public-usa.mkt.dynamics.com/api/orgs/f3f5b353-c4d8-4a0a-955b-85b5e13c5f09/r/7yT10kpndEStZZSmYc2-6wQAAAA?target=%7B%22TargetU...
Submission Tags: falconsandbox
Submission: On October 31 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 52.146.76.30, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is public-usa.mkt.dynamics.com. The Cisco Umbrella rank of the primary domain is 48102.
TLS certificate: Issued by Microsoft Azure RSA TLS Issuing CA 03 on October 28th 2024. Valid for: a year.
This is the only time public-usa.mkt.dynamics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Nonprofit-offers-guide_DE-DE.pdf 562 KB application/pdf
MIME: PDF document, version 1.7
Size: 562 KB (575369 bytes, 100% done)
Downloaded from: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE55ipN#msdynmkt_trackingcontext=d2f524ef-674a-4474-ad65-94a661cdbeeb

Domain & IP information

IP Address AS Autonomous System
2 52.146.76.30 8075 (MICROSOFT...)
1 20.209.75.97 8075 (MICROSOFT...)
1 1 23.218.210.69 16625 (AKAMAI-AS)
1 1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
4 4
2    52.146.76.30 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public-usa.mkt.dynamics.com
1    20.209.75.97 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cxppusa1rdrect01sa02cdn.blob.core.windows.net
1    23.218.210.69 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-69.deploy.static.akamaitechnologies.com
aka.ms
1    2a02:26f0:3500:c8d::2c1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
go.microsoft.com
1    2a02:26f0:7100:9ae::2b3e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
query.prod.cms.rt.microsoft.com
Apex Domain
Subdomains		 Transfer
2 microsoft.com
go.microsoft.com — Cisco Umbrella Rank: 172
query.prod.cms.rt.microsoft.com — Cisco Umbrella Rank: 6187
476 B
2 dynamics.com
public-usa.mkt.dynamics.com — Cisco Umbrella Rank: 48102
1 KB
1 aka.ms
aka.ms — Cisco Umbrella Rank: 5590
460 B
1 windows.net
cxppusa1rdrect01sa02cdn.blob.core.windows.net — Cisco Umbrella Rank: 213771
32 KB
4 4
Domain Requested by
2 public-usa.mkt.dynamics.com cxppusa1rdrect01sa02cdn.blob.core.windows.net
1 query.prod.cms.rt.microsoft.com cxppusa1rdrect01sa02cdn.blob.core.windows.net
1 go.microsoft.com 1 redirects
1 aka.ms 1 redirects
1 cxppusa1rdrect01sa02cdn.blob.core.windows.net public-usa.mkt.dynamics.com
4 5

This site contains no links.

Subject Issuer Validity Valid
prdia888eus0aks.mkt.dynamics.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-10-28 -
2025-10-23		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-10-23 -
2025-04-21		 6 months crt.sh
*.prod.cms.rt.microsoft.com
Microsoft Azure ECC TLS Issuing CA 07		 2024-05-23 -
2025-05-18		 a year crt.sh

This page contains 1 frames:

Frame: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE55ipN
Frame ID: C7F5F603BA9C44374957F9C790B1AA7F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

4
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

33 kB
Transfer

33 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://aka.ms/MicrosoftNonprofitOffers HTTP 301
  • https://go.microsoft.com/fwlink/p/?linkid=2203717 HTTP 301
  • https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE55ipN

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 7yT10kpndEStZZSmYc2-6wQAAAA
public-usa.mkt.dynamics.com/api/orgs/f3f5b353-c4d8-4a0a-955b-85b5e13c5f09/r/ 		752 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public-usa.mkt.dynamics.com/api/orgs/f3f5b353-c4d8-4a0a-955b-85b5e13c5f09/r/7yT10kpndEStZZSmYc2-6wQAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Faka.ms%252FMicrosoftNonprofitOffers%22%2C%22RedirectOptions%22%3A%7B%225%22%3Anull%2C%221%22%3Anull%7D%7D&digest=lfO2faJB6%2BSog%2F6BZdxvXk8%2BCMJkAxPqnaGbN9sfpqM%3D&secretVersion=a587597bbd2d4ba3bb4334f6d8be15ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.146.76.30 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e4186069baf8813c0cad215d5d853be0ac8236bce7375ade0db8331abbdf5f1c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
752
Content-Type
text/html
Date
Thu, 31 Oct 2024 19:17:21 GMT
Server
nginx
Strict-Transport-Security
max-age=2592000; preload
x-content-type-options
nosniff
x-ms-trace-id
f2790bf36575f8639785c4ac12301a26
BotDetection.bundle.js
cxppusa1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cxppusa1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js
Requested by
Host: public-usa.mkt.dynamics.com
URL: https://public-usa.mkt.dynamics.com/api/orgs/f3f5b353-c4d8-4a0a-955b-85b5e13c5f09/r/7yT10kpndEStZZSmYc2-6wQAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Faka.ms%252FMicrosoftNonprofitOffers%22%2C%22RedirectOptions%22%3A%7B%225%22%3Anull%2C%221%22%3Anull%7D%7D&digest=lfO2faJB6%2BSog%2F6BZdxvXk8%2BCMJkAxPqnaGbN9sfpqM%3D&secretVersion=a587597bbd2d4ba3bb4334f6d8be15ee
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.209.75.97 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e9c05b187c2fc087941c89378813b7c179df17d5ef2ec3e22316b98b08a48e9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://public-usa.mkt.dynamics.com/

Response headers

Content-MD5
2Gf+JwfY1OVHdaK9ZYWxDw==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DCCDA76DA30FBC
x-ms-request-id
5d593f19-401e-0048-32c9-2b4728000000
Access-Control-Allow-Origin
*
Content-Length
32500
Date
Thu, 31 Oct 2024 19:17:20 GMT
Content-Type
application/javascript
Last-Modified
Thu, 05 Sep 2024 12:36:56 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
7yT10kpndEStZZSmYc2-67OgpG5JIN1MgF9oz9m-550
public-usa.mkt.dynamics.com/api/orgs/f3f5b353-c4d8-4a0a-955b-85b5e13c5f09/cp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://public-usa.mkt.dynamics.com/api/orgs/f3f5b353-c4d8-4a0a-955b-85b5e13c5f09/cp/7yT10kpndEStZZSmYc2-67OgpG5JIN1MgF9oz9m-550
Requested by
Host: cxppusa1rdrect01sa02cdn.blob.core.windows.net
URL: https://cxppusa1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.146.76.30 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://public-usa.mkt.dynamics.com/api/orgs/f3f5b353-c4d8-4a0a-955b-85b5e13c5f09/r/7yT10kpndEStZZSmYc2-6wQAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Faka.ms%252FMicrosoftNonprofitOffers%22%2C%22RedirectOptions%22%3A%7B%225%22%3Anull%2C%221%22%3Anull%7D%7D&digest=lfO2faJB6%2BSog%2F6BZdxvXk8%2BCMJkAxPqnaGbN9sfpqM%3D&secretVersion=a587597bbd2d4ba3bb4334f6d8be15ee

Response headers

x-ms-trace-id
92f4b05a1e5d11ab868c3a8cc93d2a34
Strict-Transport-Security
max-age=2592000; preload
Access-Control-Allow-Origin
*
Content-Length
0
Date
Thu, 31 Oct 2024 19:17:22 GMT
Server
nginx
Connection
keep-alive
RE55ipN
query.prod.cms.rt.microsoft.com/cms/api/am/binary/
Redirect Chain
  • https://aka.ms/MicrosoftNonprofitOffers
  • https://go.microsoft.com/fwlink/p/?linkid=2203717
  • https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE55ipN
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE55ipN
Requested by
Host: cxppusa1rdrect01sa02cdn.blob.core.windows.net
URL: https://cxppusa1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:9ae::2b3e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://public-usa.mkt.dynamics.com/api/orgs/f3f5b353-c4d8-4a0a-955b-85b5e13c5f09/r/7yT10kpndEStZZSmYc2-6wQAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Faka.ms%252FMicrosoftNonprofitOffers%22%2C%22RedirectOptions%22%3A%7B%225%22%3Anull%2C%221%22%3Anull%7D%7D&digest=lfO2faJB6%2BSog%2F6BZdxvXk8%2BCMJkAxPqnaGbN9sfpqM%3D&secretVersion=a587597bbd2d4ba3bb4334f6d8be15ee
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

AppEx-Activity-Id
4761b57d-4888-4a8f-99d1-e9c54c3cd815
Cache-Control
public, must-revalidate, max-age=263107
Connection
keep-alive
Content-Disposition
attachment; filename=Nonprofit-offers-guide_DE-DE.pdf
Content-Encoding
gzip
Content-Length
418605
Content-Type
application/pdf
Date
Thu, 31 Oct 2024 19:17:22 GMT
ETag
W/"22"
Last-Modified
Mon, 23 Sep 2024 15:48:21 GMT
MS-CV
VAn6sH5O0EivwdrUK9ttCQ.0
Server
Microsoft-HTTPAPI/2.0
Vary
Accept-Encoding
X-CMS-Alias
default
X-CMS-DocumentId
RE55ipN
X-CMS-ExecutionTimeInMilliseconds
137
X-CMS-ServiceLocation
northeu:0
X-CMS-State
Published
X-CMS-Tenant
am
X-CMS-Type
binary
X-CMS-Version
10
X-Trace-Context
{"ActivityId":"4761b57d-4888-4a8f-99d1-e9c54c3cd815"}

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 31 Oct 2024 19:17:22 GMT
Expires
Thu, 31 Oct 2024 19:17:22 GMT
Location
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE55ipN
Pragma
no-cache
Request-Context
appId=cid-v1:26ef1154-5995-4d24-ad78-ef0b04f11587
Server
Kestrel
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Response-Cache-Status
True

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| d365mktbp

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://cxppusa1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js(Line 1)
Message:
WebSocket connection to 'wss://public-usa.mkt.dynamics.com/api/orgs/f3f5b353-c4d8-4a0a-955b-85b5e13c5f09/r/test' failed: Error during WebSocket handshake: Unexpected response code: 404

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff