urlscan.io logo urlscan.io
SecurityTrails logo

chinanorth-dsts.dsts.core.chinacloudapi.cn Open in urlscan Pro
139.217.4.15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://management.partner.microsoftonline.cn/
Effective URL: https://chinanorth-dsts.dsts.core.chinacloudapi.cn/v2/wsfederation?wa=wsignin1.0&wtrealm=svc%3a%2f%2fdms%40management.partner.microsoftonline.cn%2f...
Submission: On March 17 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 139.217.4.15, located in Beijing, China and belongs to BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN. The main domain is chinanorth-dsts.dsts.core.chinacloudapi.cn.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 18th 2018. Valid for: 2 years.
This is the only time chinanorth-dsts.dsts.core.chinacloudapi.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 42.159.37.148 58593 (BLUECLOUD...)
3 139.217.4.15 58593 (BLUECLOUD...)
3 1
Domain Requested by
2 chinanorth-dsts.dsts.core.chinacloudapi.cn chinanorth-dsts.dsts.core.chinacloudapi.cn
1 chinanorth-passive-dsts.dsts.core.chinacloudapi.cn chinanorth-dsts.dsts.core.chinacloudapi.cn
1 management.partner.microsoftonline.cn 1 redirects
3 3

This site contains links to these domains. Also see Links.

Domain
msdpn.azurewebsites.net
Subject Issuer Validity Valid
*.dsts.core.chinacloudapi.cn
DigiCert SHA2 Secure Server CA		 2018-10-18 -
2020-10-18		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://chinanorth-dsts.dsts.core.chinacloudapi.cn/v2/wsfederation?wa=wsignin1.0&wtrealm=svc%3a%2f%2fdms%40management.partner.microsoftonline.cn%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2020-03-17T00%3a17%3a36Z
Frame ID: CABC34368F9211EC7FA737D491D72F02
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://management.partner.microsoftonline.cn/ HTTP 302
    https://chinanorth-dsts.dsts.core.chinacloudapi.cn/v2/wsfederation?wa=wsignin1.0&wtrealm=svc%3a%2f%2fdms%40management.partner.m... Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

10 kB
Transfer

30 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://management.partner.microsoftonline.cn/ HTTP 302
    https://chinanorth-dsts.dsts.core.chinacloudapi.cn/v2/wsfederation?wa=wsignin1.0&wtrealm=svc%3a%2f%2fdms%40management.partner.microsoftonline.cn%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2020-03-17T00%3a17%3a36Z Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wsfederation
chinanorth-dsts.dsts.core.chinacloudapi.cn/v2/
Redirect Chain
  • https://management.partner.microsoftonline.cn/
  • https://chinanorth-dsts.dsts.core.chinacloudapi.cn/v2/wsfederation?wa=wsignin1.0&wtrealm=svc%3a%2f%2fdms%40management.partner.microsoftonline.cn%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2020-...
21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chinanorth-dsts.dsts.core.chinacloudapi.cn/v2/wsfederation?wa=wsignin1.0&wtrealm=svc%3a%2f%2fdms%40management.partner.microsoftonline.cn%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2020-03-17T00%3a17%3a36Z
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.217.4.15 Beijing, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software
/
Resource Hash
6ad4430c8091ab4908184a7f5c47e69e3094da7b380bd4a295268653474d2c4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
chinanorth-dsts.dsts.core.chinacloudapi.cn
:scheme
https
:path
/v2/wsfederation?wa=wsignin1.0&wtrealm=svc%3a%2f%2fdms%40management.partner.microsoftonline.cn%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2020-03-17T00%3a17%3a36Z
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
cache-control
no-cache, no-store
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
request-id
57ce3e1e-d1f7-4ebd-8390-47085273f020
x-content-type-options
nosniff
date
Tue, 17 Mar 2020 00:17:37 GMT
content-length
6330

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://chinanorth-dsts.dsts.core.chinacloudapi.cn/v2/wsfederation?wa=wsignin1.0&wtrealm=svc%3a%2f%2fdms%40management.partner.microsoftonline.cn%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2020-03-17T00%3a17%3a36Z
Server
Microsoft-IIS/8.5
Access-Control-Allow-Origin
*
X-Powered-By
ASP.NET
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Date
Tue, 17 Mar 2020 00:17:36 GMT
Content-Length
345
acs.css
chinanorth-dsts.dsts.core.chinacloudapi.cn/Areas/SSOManagement2/Theme/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chinanorth-dsts.dsts.core.chinacloudapi.cn/Areas/SSOManagement2/Theme/acs.css
Requested by
Host: chinanorth-dsts.dsts.core.chinacloudapi.cn
URL: https://chinanorth-dsts.dsts.core.chinacloudapi.cn/v2/wsfederation?wa=wsignin1.0&wtrealm=svc%3a%2f%2fdms%40management.partner.microsoftonline.cn%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2020-03-17T00%3a17%3a36Z
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.217.4.15 Beijing, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software
/
Resource Hash
0d4114b2236127f8e365bca8163e0e4aff1ea8cede0206d5c37a8ce5bfb8e496
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://chinanorth-dsts.dsts.core.chinacloudapi.cn/v2/wsfederation?wa=wsignin1.0&wtrealm=svc%3a%2f%2fdms%40management.partner.microsoftonline.cn%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2020-03-17T00%3a17%3a36Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 17 Mar 2020 00:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 27 Feb 2020 16:39:28 GMT
etag
"77cf547a8cedd51:0"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
request-id
6fa7252f-79c7-4e9f-9e8b-3b590fcd8da7
content-length
2689
IdentityProviders.js
chinanorth-passive-dsts.dsts.core.chinacloudapi.cn/v2/metadata/ 		2 KB
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chinanorth-passive-dsts.dsts.core.chinacloudapi.cn/v2/metadata/IdentityProviders.js?protocol=wsfederation&realm=svc%3a%2f%2fdms%40management.partner.microsoftonline.cn%2f&reply_to=&context=rm%3d0%26id%3dpassive%26ru%3d%252f&request_id=&version=1.0&callback=ShowSigninPage
Requested by
Host: chinanorth-dsts.dsts.core.chinacloudapi.cn
URL: https://chinanorth-dsts.dsts.core.chinacloudapi.cn/v2/wsfederation?wa=wsignin1.0&wtrealm=svc%3a%2f%2fdms%40management.partner.microsoftonline.cn%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2020-03-17T00%3a17%3a36Z
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.217.4.15 Beijing, China, ASN58593 (BLUECLOUD Shanghai Blue Cloud Technology Co.,Ltd, CN),
Reverse DNS
Software
/
Resource Hash
1495450553a4f66f91544d2f1255ddcd7c18ad7473b9468c799dcac351e22f2b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://chinanorth-dsts.dsts.core.chinacloudapi.cn/v2/wsfederation?wa=wsignin1.0&wtrealm=svc%3a%2f%2fdms%40management.partner.microsoftonline.cn%2f&wctx=rm%3d0%26id%3dpassive%26ru%3d%252f&wct=2020-03-17T00%3a17%3a36Z
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Tue, 17 Mar 2020 00:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store
request-id
86b75210-5f1c-457c-b7e0-02a02f3108f4
content-length
621
expires
-1

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| on_body_load object| identityProviders string| cookieName string| localDstsAuthentication number| cookieExpiration number| cookieExpirationLocalDstsAuth number| maxImageWidth number| maxImageHeight object| provider function| ShowSigninPage function| ShowIdProvidersPage function| ShowDefaultSigninPage function| ShowSigninControls function| CreateIdentityProviderButton function| GetDisplayName function| GetHRDCookieName function| SetCookie function| SAWContinueAnywaysButtonClicked function| IdentityProviderButtonClicked function| CheckBoxClicked function| SetEmailError function| EmailAddressEntered function| ResizeImage

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff