urlscan.io logo urlscan.io
SecurityTrails logo

assetsprod.microsoft.com Open in urlscan Pro
104.46.61.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://assets.microsoft.com/
Effective URL: https://assetsprod.microsoft.com/
Submission: On February 18 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 104.46.61.116, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is assetsprod.microsoft.com.
TLS certificate: Issued by Microsoft IT TLS CA 5 on February 6th 2020. Valid for: 2 years.
This is the only time assetsprod.microsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.40.129.89 8075 (MICROSOFT...)
1 2 104.46.61.116 8075 (MICROSOFT...)
5 18.195.42.228 16509 (AMAZON-02)
1 13.95.96.176 8075 (MICROSOFT...)
7 3
Domain Requested by
5 nexus.ensighten.com assetsprod.microsoft.com
nexus.ensighten.com
2 assetsprod.microsoft.com 1 redirects
1 msf7sstorwesteurope.blob.core.windows.net assetsprod.microsoft.com
1 assets.microsoft.com 1 redirects
7 4

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
go.microsoft.com
choice.microsoft.com
Subject Issuer Validity Valid
assetsprod.microsoft.com
Microsoft IT TLS CA 5		 2020-02-06 -
2022-02-06		 2 years crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2019-10-03 -
2020-10-02		 a year crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 1		 2020-01-22 -
2022-01-22		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://assetsprod.microsoft.com/
Frame ID: C8A8002C3DFC3B986B83B2CB1C2A24D8
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://assets.microsoft.com/ HTTP 301
    https://assetsprod.microsoft.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

31 kB
Transfer

84 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://assets.microsoft.com/ HTTP 301
    https://assetsprod.microsoft.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://assetsprod.microsoft.com/thumb/97fcc184522640359f5ef68d4e8dac4c HTTP 302
  • https://msf7sstorwesteurope.blob.core.windows.net/tenant1/97fcc184522640359f5ef68d4e8dac4c?sv=2014-02-14&sr=b&sig=MydWoqI8%2BLlAU2Q1FYHuakVlmlZ0YL4NnUnNmbDCbLA%3D&se=2020-02-18T23:03:12Z&sp=r

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
assetsprod.microsoft.com/
Redirect Chain
  • https://assets.microsoft.com/
  • https://assetsprod.microsoft.com/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assetsprod.microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.46.61.116 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26180995fa6619a2a092f14dda6a45ee5bfea0103d0d9d7994009d5b0ab55a12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
assetsprod.microsoft.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Length
1884
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Arr-Disable-Session-Affinity
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Tue, 18 Feb 2020 22:53:11 GMT

Redirect headers

Content-Length
156
Content-Type
text/html; charset=UTF-8
Location
https://assetsprod.microsoft.com/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Arr-Disable-Session-Affinity
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Tue, 18 Feb 2020 22:53:10 GMT
Bootstrap.js
nexus.ensighten.com/mspartner/assets_prod/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/mspartner/assets_prod/Bootstrap.js
Requested by
Host: assetsprod.microsoft.com
URL: https://assetsprod.microsoft.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
807c5be3e89bfb57b502796d0de89435223bf25a8b9d9f7960120465fa1011af

Request headers

Referer
https://assetsprod.microsoft.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 18 Feb 2020 22:53:12 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2016 00:11:01 GMT
server
nginx
etag
W/"582cf595-115cb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
97fcc184522640359f5ef68d4e8dac4c
msf7sstorwesteurope.blob.core.windows.net/tenant1/
Redirect Chain
  • https://assetsprod.microsoft.com/thumb/97fcc184522640359f5ef68d4e8dac4c
  • https://msf7sstorwesteurope.blob.core.windows.net/tenant1/97fcc184522640359f5ef68d4e8dac4c?sv=2014-02-14&sr=b&sig=MydWoqI8%2BLlAU2Q1FYHuakVlmlZ0YL4NnUnNmbDCbLA%3D&se=2020-02-18T23:03:12Z&sp=r
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://msf7sstorwesteurope.blob.core.windows.net/tenant1/97fcc184522640359f5ef68d4e8dac4c?sv=2014-02-14&sr=b&sig=MydWoqI8%2BLlAU2Q1FYHuakVlmlZ0YL4NnUnNmbDCbLA%3D&se=2020-02-18T23:03:12Z&sp=r
Requested by
Host: assetsprod.microsoft.com
URL: https://assetsprod.microsoft.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.96.176 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
627e8f6699eafe32c0e6c1945b10c71466f3f23433f51c36443a24b7b8b6bf8f

Request headers

Referer
https://assetsprod.microsoft.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Tue, 18 Feb 2020 22:53:11 GMT
Content-MD5
lxB5Pyu8i7eFbWhr2x0CVA==
x-ms-meta-Region
East US
x-ms-copy-progress
5053/5053
x-ms-copy-source
https://usecmpndst01.blob.core.windows.net/mpnassets/97fcc184522640359f5ef68d4e8dac4c?sv=2016-05-31&sr=b&sig=5D7Ui8BPVhcGmYPEZCwRLtBWkYQr3Xbcroz8qhJFxpw%3D&se=2017-06-21T09%3A31%3A55Z&sp=r&api-version=2016-05-31
Content-Disposition
attach; filename="Microsoft Header Logo.png"; filename*=utf-8''Microsoft%20Header%20Logo.png
x-ms-copy-status
success
x-ms-meta-Tenant
MPN
Content-Length
5053
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Wed, 14 Jun 2017 09:31:57 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D4B30833711850"
x-ms-copy-completion-time
Wed, 14 Jun 2017 09:31:57 GMT
x-ms-meta-Filename
Microsoft Header Logo.png
Content-Type
application/octet-stream
x-ms-request-id
1730f5f0-a01e-0134-06ae-e62991000000
x-ms-version
2014-02-14
x-ms-copy-id
ffe776b5-6e0d-4ce3-ae5f-a70172946e8c
Accept-Ranges
bytes

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Location
https://msf7sstorwesteurope.blob.core.windows.net/tenant1/97fcc184522640359f5ef68d4e8dac4c?sv=2014-02-14&sr=b&sig=MydWoqI8%2BLlAU2Q1FYHuakVlmlZ0YL4NnUnNmbDCbLA%3D&se=2020-02-18T23:03:12Z&sp=r
Arr-Disable-Session-Affinity
true
Cache-Control
private
Date
Tue, 18 Feb 2020 22:53:11 GMT
serverComponent.php
nexus.ensighten.com/mspartner/assets_prod/ 		497 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/mspartner/assets_prod/serverComponent.php?r=229.0324152199128&ClientID=740&PageID=https%3A%2F%2Fassetsprod.microsoft.com%2F
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/mspartner/assets_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e5bf07e1b06948a472e4699f4e7b043b3a1555f7f5c070e373a7a5e51437a70

Request headers

Referer
https://assetsprod.microsoft.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
200
date
Tue, 18 Feb 2020 22:53:12 GMT
cache-control
no-cache, no-store
expires
Tue, 18 Feb 2020 22:53:11 GMT
server
nginx
content-length
497
content-type
text/javascript
f885adf50ac1c351829ba161640f1c23.js
nexus.ensighten.com/mspartner/assets_prod/code/ 		176 B
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/mspartner/assets_prod/code/f885adf50ac1c351829ba161640f1c23.js?conditionId0=296736
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/mspartner/assets_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
485f9dcfef75b9c8dd8b786923caaeaa419ddace1ea6d164609b367b605b6945

Request headers

Referer
https://assetsprod.microsoft.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 18 Feb 2020 22:53:12 GMT
last-modified
Wed, 18 May 2016 17:53:02 GMT
server
nginx
etag
"573cabfe-b0"
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
accept-ranges
bytes
content-length
176
b1d71be213ebab2e789e9ced6639d4d2.js
nexus.ensighten.com/mspartner/assets_prod/code/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/mspartner/assets_prod/code/b1d71be213ebab2e789e9ced6639d4d2.js?conditionId0=422922
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/mspartner/assets_prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9bdc832836d3cb42a5d59c79c986147d24e928ed305dd0938967e53b7d0893d4

Request headers

Referer
https://assetsprod.microsoft.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 18 Feb 2020 22:53:12 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2016 00:11:01 GMT
server
nginx
etag
W/"582cf595-ec1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=jQuery%20is%20not%20defined&lnn=-1&fn=&cid=740&client=mspartner&publishPath=assets_prod&rid=1694706&did=410637&errorName=ReferenceError
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://assetsprod.microsoft.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
date
Tue, 18 Feb 2020 22:53:12 GMT
cache-control
no-cache, no-store
server
nginx
expires
Tue, 18 Feb 2020 22:53:11 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| ensBootstraps object| Bootstrapper string| MS_SCNUM string| MS_SCVALUE string| MS_SCNCT string| MS_SCN string| MS_AUTH string| MS_CMPGRP string| MS_CMPNM string| MS_CMPTYP string| MS_TITLE string| MS_INTERACTIONTYPE string| MS_PARTNER_ID string| MS_EA_OFFER string| MS_EA_ACTION string| MS_EA_NAME function| GetAttrValue function| FindElement function| AddTagging function| _log function| $data number| _delay object| analytics boolean| varAutoFirePV number| varClickTracking object| _enslog string| psj0 string| psj1

1 Cookies

Domain/Path Name / Value
assetsprod.microsoft.com/ Name: ASP.NET_SessionId
Value: 2fxz1nnje0flsgujvyrcvy53

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains