urlscan.io logo urlscan.io
SecurityTrails logo

identity.flexipurchase.com Open in urlscan Pro
118.127.87.220  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://flexipurchase.com.mcas-df.ms/
Effective URL: https://identity.flexipurchase.com/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Dfraedom_w...
Submission: On July 24 via automatic, source rescanner — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 118.127.87.220, located in Sydney, Australia and belongs to HARBOURMSP-AU-AP NTT Communications ICT Solutions, AU. The main domain is identity.flexipurchase.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on May 31st 2022. Valid for: a year.
This is the only time identity.flexipurchase.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20.241.142.98 8075 (MICROSOFT...)
3 2a02:26f0:170... 20940 (AKAMAI-ASN1)
3 3 118.127.87.202 18117 (HARBOURMS...)
1 2 118.127.87.220 18117 (HARBOURMS...)
9 4
Apex Domain
Subdomains		 Transfer
5 flexipurchase.com
flexipurchase.com
identity.flexipurchase.com
18 KB
3 azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 51402
44 KB
1 mcas-df.ms
flexipurchase.com.mcas-df.ms
893 B
9 3
Domain Requested by
3 flexipurchase.com 3 redirects
3 mcasproxy.azureedge.net flexipurchase.com.mcas-df.ms
mcasproxy.azureedge.net
2 identity.flexipurchase.com 1 redirects identity.flexipurchase.com
1 flexipurchase.com.mcas-df.ms
9 4

This site contains no links.

Subject Issuer Validity Valid
*.com.mcas.ms
Microsoft Azure TLS Issuing CA 02		 2022-06-16 -
2023-06-11		 a year crt.sh
*.azureedge.net
Microsoft RSA TLS CA 01		 2021-10-28 -
2022-10-28		 a year crt.sh
identity.flexipurchase.com
Entrust Certification Authority - L1M		 2022-05-31 -
2023-06-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://identity.flexipurchase.com/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Dfraedom_website%26redirect_uri%3Dhttps%253A%252F%252Fflexipurchase.com%252Faccount%252Fcallback%26scope%3Dread%2520write%2520offline_access%26ui_locales%3Den-gb%26state%3DeyJJc1JldHJ5UmVkaXJlY3QiOmZhbHNlLCJVbmlxdWVJZCI6ImNkOTU2M2NmMzAwYzQzZWZiZTE5YTVhYzVlODk3YTMxIiwiWHNsTGFuZ3VhZ2VJZCI6Ik1QX0VOR18wMiJ9%26nonce%3Dd2df8a0a76f246f4b00b729948e4272a%26acr_values%3Dlanguage%253AFP_ENG_01%2520productSuffix%253AFP_FLEXI%2520browser%253AChrome%2520platform%253AWindows
Frame ID: 79351D048229FA9AA4A4F212707A0F30
Requests: 7 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.19.25/html/session-context-restore.html
Frame ID: 260670DE5FADD93B46EE7B476C326F4F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://flexipurchase.com.mcas-df.ms/ Page URL
  2. https://flexipurchase.com/ HTTP 302
    https://flexipurchase.com/account/login HTTP 302
    https://flexipurchase.com/account/loginredirect HTTP 302
    https://identity.flexipurchase.com/connect/authorize?response_type=code&client_id=fraedom_website&redirect_uri=... HTTP 302
    https://identity.flexipurchase.com/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26c... Page URL

Page Statistics

9
Requests

56 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

58 kB
Transfer

112 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://flexipurchase.com.mcas-df.ms/ Page URL
  2. https://flexipurchase.com/ HTTP 302
    https://flexipurchase.com/account/login HTTP 302
    https://flexipurchase.com/account/loginredirect HTTP 302
    https://identity.flexipurchase.com/connect/authorize?response_type=code&client_id=fraedom_website&redirect_uri=https%3A%2F%2Fflexipurchase.com%2Faccount%2Fcallback&scope=read+write+offline_access&ui_locales=en-gb&state=eyJJc1JldHJ5UmVkaXJlY3QiOmZhbHNlLCJVbmlxdWVJZCI6ImNkOTU2M2NmMzAwYzQzZWZiZTE5YTVhYzVlODk3YTMxIiwiWHNsTGFuZ3VhZ2VJZCI6Ik1QX0VOR18wMiJ9&nonce=d2df8a0a76f246f4b00b729948e4272a&acr_values=language%3AFP_ENG_01+productSuffix%3AFP_FLEXI+browser%3AChrome+platform%3AWindows HTTP 302
    https://identity.flexipurchase.com/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Dfraedom_website%26redirect_uri%3Dhttps%253A%252F%252Fflexipurchase.com%252Faccount%252Fcallback%26scope%3Dread%2520write%2520offline_access%26ui_locales%3Den-gb%26state%3DeyJJc1JldHJ5UmVkaXJlY3QiOmZhbHNlLCJVbmlxdWVJZCI6ImNkOTU2M2NmMzAwYzQzZWZiZTE5YTVhYzVlODk3YTMxIiwiWHNsTGFuZ3VhZ2VJZCI6Ik1QX0VOR18wMiJ9%26nonce%3Dd2df8a0a76f246f4b00b729948e4272a%26acr_values%3Dlanguage%253AFP_ENG_01%2520productSuffix%253AFP_FLEXI%2520browser%253AChrome%2520platform%253AWindows Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
flexipurchase.com.mcas-df.ms/ 		1 KB
893 B 		Document
General
Check archive.org
Download Go to
Full URL
https://flexipurchase.com.mcas-df.ms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.241.142.98 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
688225ad77a358208758a0aab237361c2e2502de6059665d98c093ca23df3da0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 24 Jul 2022 08:52:37 GMT
expires
Mon, 01-Jan-1990 00:00:00 GMT
pragma
no-cache
server
openresty
strict-transport-security
max-age=31536000
x-mcas-cache-status
MISS
x-mcas-processing-time
8
x-mcas-request-id
e4183a4b5976dde097b5acbd09ced462
x-mcas-upstream-time
n/a
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.19.25/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.19.25/js/session-context-store-helper.min.js
Requested by
Host: flexipurchase.com.mcas-df.ms
URL: https://flexipurchase.com.mcas-df.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c4b31737c5fe64db34abea57a13239f3439ba864b7b3831b4872b58e0c6d5fd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flexipurchase.com.mcas-df.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 24 Jul 2022 08:52:37 GMT
last-modified
Thu, 21 Jul 2022 15:42:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Qh6Fmc0rxdbvbMqaLfAfTQ==
etag
0x8DA6B2FA7EBE99A
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
947f3181-301e-0040-201b-9de6c5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31302636
x-ms-version
2009-09-19
content-length
4826
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.19.25/html/ Frame 2606 		209 B
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.19.25/html/session-context-restore.html
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.19.25/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451

Request headers

Referer
https://flexipurchase.com.mcas-df.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31302815
content-length
209
content-md5
xcQ/+x+i42xZPwR88wJc4A==
content-type
text/html
date
Sun, 24 Jul 2022 08:52:37 GMT
etag
0x8DA6B2FDBFC12A2
last-modified
Thu, 21 Jul 2022 15:44:12 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
ecdf0bd7-401e-0044-201b-9d1347000000
x-ms-version
2009-09-19
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.19.25/js/ Frame 2606 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.19.25/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.19.25/html/session-context-restore.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
73df8b41d68fa98929628cda242bfe3ae05925ab90225ba11306787c07c28fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.19.25/html/session-context-restore.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sun, 24 Jul 2022 08:52:37 GMT
last-modified
Thu, 21 Jul 2022 15:42:46 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
83JxX35aDdoDXy1+UVIW2w==
etag
0x8DA6B2FA878B478
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b97bf92d-001e-002e-541b-9d4fec000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31302762
x-ms-version
2009-09-19
content-length
38602
Primary Request login
identity.flexipurchase.com/
Redirect Chain
  • https://flexipurchase.com/?
  • https://flexipurchase.com/account/login
  • https://flexipurchase.com/account/loginredirect
  • https://identity.flexipurchase.com/connect/authorize?response_type=code&client_id=fraedom_website&redirect_uri=https%3A%2F%2Fflexipurchase.com%2Faccount%2Fcallback&scope=read+write+offline_access&u...
  • https://identity.flexipurchase.com/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Dfraedom_website%26redirect_uri%3Dhttps%253A%252F%252Fflexipurchase.com%252F...
68 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://identity.flexipurchase.com/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Dfraedom_website%26redirect_uri%3Dhttps%253A%252F%252Fflexipurchase.com%252Faccount%252Fcallback%26scope%3Dread%2520write%2520offline_access%26ui_locales%3Den-gb%26state%3DeyJJc1JldHJ5UmVkaXJlY3QiOmZhbHNlLCJVbmlxdWVJZCI6ImNkOTU2M2NmMzAwYzQzZWZiZTE5YTVhYzVlODk3YTMxIiwiWHNsTGFuZ3VhZ2VJZCI6Ik1QX0VOR18wMiJ9%26nonce%3Dd2df8a0a76f246f4b00b729948e4272a%26acr_values%3Dlanguage%253AFP_ENG_01%2520productSuffix%253AFP_FLEXI%2520browser%253AChrome%2520platform%253AWindows
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
118.127.87.220 Sydney, Australia, ASN18117 (HARBOURMSP-AU-AP NTT Communications ICT Solutions, AU),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a4e0c1d96c87385dc1db13e1ca464856ac0221cd20274af7c35854ca20fc21f6
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SameOrigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://flexipurchase.com.mcas-df.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
CorrelationId
4d23d342-7319-4dc6-bee2-e37b53a51d0e
Date
Sun, 24 Jul 2022 08:52:19 GMT
Keep-Alive
timeout=5
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
Server
Strict-Transport-Security
max-age=7776000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SameOrigin
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
CorrelationId
fe70cd59-56e3-4e18-b6ba-215b4d8c4dca
Date
Sun, 24 Jul 2022 08:52:19 GMT
Keep-Alive
timeout=5
Location
https://identity.flexipurchase.com/login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26client_id%3Dfraedom_website%26redirect_uri%3Dhttps%253A%252F%252Fflexipurchase.com%252Faccount%252Fcallback%26scope%3Dread%2520write%2520offline_access%26ui_locales%3Den-gb%26state%3DeyJJc1JldHJ5UmVkaXJlY3QiOmZhbHNlLCJVbmlxdWVJZCI6ImNkOTU2M2NmMzAwYzQzZWZiZTE5YTVhYzVlODk3YTMxIiwiWHNsTGFuZ3VhZ2VJZCI6Ik1QX0VOR18wMiJ9%26nonce%3Dd2df8a0a76f246f4b00b729948e4272a%26acr_values%3Dlanguage%253AFP_ENG_01%2520productSuffix%253AFP_FLEXI%2520browser%253AChrome%2520platform%253AWindows
Referrer-Policy
origin-when-cross-origin
Server
Strict-Transport-Security
max-age=7776000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SameOrigin
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
app.e78da30ac65436798a11.css
identity.flexipurchase.com/files/flexi/ 		0
0
angular.min.js
identity.flexipurchase.com/files/flexi/externals/ 		0
0
encoder.min.js
identity.flexipurchase.com/files/flexi/externals/ 		0
0
app.e78da30ac65436798a11.js
identity.flexipurchase.com/files/flexi/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
identity.flexipurchase.com
URL
https://identity.flexipurchase.com/files/flexi/app.e78da30ac65436798a11.css
Domain
identity.flexipurchase.com
URL
https://identity.flexipurchase.com/files/flexi/externals/angular.min.js
Domain
identity.flexipurchase.com
URL
https://identity.flexipurchase.com/files/flexi/externals/encoder.min.js
Domain
identity.flexipurchase.com
URL
https://identity.flexipurchase.com/files/flexi/app.e78da30ac65436798a11.js

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

3 Cookies

Domain/Path Name / Value
flexipurchase.com/ Name: SessionId
Value: l2gbr3dn2cyr1qykwiiiov03
flexipurchase.com/ Name: spv_sc
Value: !JH3k77bNZGfg/gJ4ymQkE0IPmk1IUAbSAavJmc4hQOkjsw/4BiPNpBmjTU/bXu5dCwj/MqyTcDA2Ejo=
identity.flexipurchase.com/ Name: spv_sc
Value: !IKgv4kvctOZnkO14ymQkE0IPmk1IUMfipaCnb9gH2XWZ18qjNlueQvI7BYIMhNQW/ZRPJE7aDuvBSos=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000