urlscan.io logo urlscan.io
SecurityTrails logo

testpayment.miat.com Open in urlscan Pro
20.212.64.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://testpayment.miat.com/
Effective URL: https://testpayment.miat.com/Ui/Login
Submission: On August 02 via api from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 20.212.64.12, located in Singapore, Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is testpayment.miat.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on August 2nd 2024. Valid for: 6 months.
This is the only time testpayment.miat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 20.212.64.12 8075 (MICROSOFT...)
1 2620:1ec:bdf::59 8075 (MICROSOFT...)
2 20.24.4.131 8075 (MICROSOFT...)
6 3
Apex Domain
Subdomains		 Transfer
5 miat.com
testpayment.miat.com
24 KB
3 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 1932
southeastasia-1.in.applicationinsights.azure.com — Cisco Umbrella Rank: 116875
57 KB
6 2
Domain Requested by
5 testpayment.miat.com 2 redirects testpayment.miat.com
2 southeastasia-1.in.applicationinsights.azure.com js.monitor.azure.com
1 js.monitor.azure.com testpayment.miat.com
6 3

This site contains no links.

Subject Issuer Validity Valid
testpayment.miat.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-08-02 -
2025-02-02		 6 months crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-05-22 -
2025-05-17		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-07-02 -
2025-06-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://testpayment.miat.com/Ui/Login
Frame ID: 23339D248B9A5173E13C6A8ECD3E839C
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MIAT service

Page URL History Show full URLs

  1. https://testpayment.miat.com/ HTTP 302
    https://testpayment.miat.com/Ui HTTP 302
    https://testpayment.miat.com/Ui/Login Page URL

Page Statistics

6
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

80 kB
Transfer

142 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://testpayment.miat.com/ HTTP 302
    https://testpayment.miat.com/Ui HTTP 302
    https://testpayment.miat.com/Ui/Login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
testpayment.miat.com/Ui/
Redirect Chain
  • https://testpayment.miat.com/
  • https://testpayment.miat.com/Ui
  • https://testpayment.miat.com/Ui/Login
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://testpayment.miat.com/Ui/Login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.212.64.12 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4ceeaad02523678f5c30707a3c1647b55cd3fc3e18481a75b202a10f9af7b952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Content-Type
text/html; charset=utf-8
Date
Fri, 02 Aug 2024 10:12:00 GMT
Pragma
no-cache
Request-Context
appId=cid-v1:8c1155fe-681c-464d-aa53-74614dd09864
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Content-Length
0
Date
Fri, 02 Aug 2024 10:11:59 GMT
Location
/Ui/Login
Request-Context
appId=cid-v1:8c1155fe-681c-464d-aa53-74614dd09864
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Login.css
testpayment.miat.com/view-resources/Views/Ui/ 		929 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://testpayment.miat.com/view-resources/Views/Ui/Login.css?v=sqSTTTnelzoNdLUHmlvpPxdqIn_3ZXurSKEUElv-48A
Requested by
Host: testpayment.miat.com
URL: https://testpayment.miat.com/Ui/Login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.212.64.12 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8c73cdf966965e71cc4d194025d8f111cc7dbaf9520e0c95948a94f882ff2ef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://testpayment.miat.com/Ui/Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 02 Aug 2024 10:12:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 12 Jun 2024 08:06:46 GMT
ETag
"1dabc9f7800eca1"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
929
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:8c1155fe-681c-464d-aa53-74614dd09864
ai.2.min.js
js.monitor.azure.com/scripts/b/ 		120 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: testpayment.miat.com
URL: https://testpayment.miat.com/Ui/Login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

Referer
https://testpayment.miat.com/
Origin
https://testpayment.miat.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 10:12:00 GMT
content-encoding
br
last-modified
Wed, 20 Mar 2024 17:31:27 GMT
x-ms-meta-aijssdkver
2.8.18
vary
Accept-Encoding
x-azure-ref
20240802T101200Z-16dbb9f4c995w2xtrgh0fgmf1400000005r0000000012sdt
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ab0cad60-501e-009d-3cd7-d30193000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.min.js
x-fd-int-roxy-purgeid
0
track
southeastasia-1.in.applicationinsights.azure.com//v2/ 		179 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://southeastasia-1.in.applicationinsights.azure.com//v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.24.4.131 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
4dc75cccf017a48271313258a83ef9651a39ed33976cc9494fdeee9d874bdc5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://testpayment.miat.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Fri, 02 Aug 2024 10:12:00 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
southeastasia-1.in.applicationinsights.azure.com//v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://southeastasia-1.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.24.4.131 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://testpayment.miat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Fri, 02 Aug 2024 10:12:00 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
favicon.ico
testpayment.miat.com/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://testpayment.miat.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.212.64.12 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
df68ddcb5d11929c9444eca2ba2939d03e200c765db747329219c4519e079c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://testpayment.miat.com/Ui/Login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Fri, 02 Aug 2024 10:12:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 12 Jun 2024 08:06:46 GMT
ETag
"1dabc9f7800d32e"
X-Frame-Options
SAMEORIGIN
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
15406
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:8c1155fe-681c-464d-aa53-74614dd09864

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| appInsights object| Microsoft object| __dynProto$Gbl

4 Cookies

Domain/Path Name / Value
testpayment.miat.com/ Name: .AspNetCore.Antiforgery.nixphHDAMN4
Value: CfDJ8GIznXjxHxZHmrJoVtYLzNa0NX8BZcLGRhu7WCpUEnIlR039Vo4EwW21c6leiegJDqE5ri8f-uUumBPKLIAoyjanVfVRfOS9YlyMt-QbTaTTj7c_xJ3nZH_EmWyhi_MImk4nFWl6fQPibMetF6gATKo
testpayment.miat.com/ Name: XSRF-TOKEN
Value: CfDJ8GIznXjxHxZHmrJoVtYLzNY-l7Z9d17k_4DP_P9j3TQP6osOZvEU8If-xRxvCKPioCxDx7-j6zXfmWizVIbqSYbNJEbqKHIhg_pshwhzdpozR2QxWFxq4pRUmwwSftmXyKskEDPdauZRgWLp9_SG8s0
testpayment.miat.com/ Name: ai_user
Value: zd5Y7vumF+mmTUnRMSG8QM|2024-08-02T10:12:01.008Z
testpayment.miat.com/ Name: ai_session
Value: H31ntOPii/wY2giwwAqbih|1722593521114|1722593521114

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://testpayment.miat.com/Ui/Login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://southeastasia-1.in.applicationinsights.azure.com//v2/track
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block