urlscan.io logo urlscan.io
SecurityTrails logo

mso.ascisoft.com Open in urlscan Pro
178.21.10.8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protection.greathorn.com/services/v2/lookupUrl/cf2ebc1f-2dfb-4822-bc0e-df84e10c93de/1132/949529f8c73167a9244dfab08781b426...
Effective URL: https://mso.ascisoft.com/?username=mkatzoff@janney.com&sso_reload=true
Submission: On July 05 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 12 HTTP transactions. The main IP is 178.21.10.8, located in Russian Federation and belongs to AS-REG, RU. The main domain is mso.ascisoft.com.
TLS certificate: Issued by R3 on July 5th 2022. Valid for: 3 months.
This is the only time mso.ascisoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:223... 16509 (AMAZON-02)
1 1 208.75.122.11 40444 (ASN-CC)
1 197.242.144.175 37611 (Afrihost)
5 178.21.10.8 197695 (AS-REG)
12 3
1    2600:9000:223d:8600:16:ad5f:7f80:93a1 (United States)

ASN16509 (AMAZON-02, US)
protection.greathorn.com
1    208.75.122.11 (United States)

ASN40444 (ASN-CC, US)
PTR: rs6.net
r20.rs6.net
1    197.242.144.175 (Johannesburg, South Africa)

ASN37611 (Afrihost, ZA)
PTR: quintus.aserv.co.za
rrnpci.9bj4sy3.wine-ways.co.za
5    178.21.10.8 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: 178-21-10-8.cloudvps.regruhosting.ru
mso.ascisoft.com
login.ascisoft.com
aadcdn-msauth-2ce12e98.ascisoft.com
Apex Domain
Subdomains		 Transfer
5 ascisoft.com
mso.ascisoft.com
login.ascisoft.com
aadcdn-msauth-2ce12e98.ascisoft.com
portal-microsoftonline-2ce12e98.ascisoft.com Failed
298 KB
1 wine-ways.co.za
rrnpci.9bj4sy3.wine-ways.co.za
2 KB
1 rs6.net
r20.rs6.net — Cisco Umbrella Rank: 6207
377 B
1 greathorn.com
protection.greathorn.com — Cisco Umbrella Rank: 239071
670 B
12 4
Domain Requested by
3 mso.ascisoft.com rrnpci.9bj4sy3.wine-ways.co.za
mso.ascisoft.com
1 aadcdn-msauth-2ce12e98.ascisoft.com mso.ascisoft.com
aadcdn-msauth-2ce12e98.ascisoft.com
1 login.ascisoft.com mso.ascisoft.com
1 rrnpci.9bj4sy3.wine-ways.co.za
1 r20.rs6.net 1 redirects
1 protection.greathorn.com 1 redirects
0 portal-microsoftonline-2ce12e98.ascisoft.com Failed aadcdn-msauth-2ce12e98.ascisoft.com
12 7

This site contains no links.

Subject Issuer Validity Valid
ascisoft.com
R3		 2022-07-05 -
2022-10-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mso.ascisoft.com/?username=mkatzoff@janney.com&sso_reload=true
Frame ID: ADF55E8C156C0A3DCBE49F28FB2580BE
Requests: 11 HTTP requests in this frame

Frame: https://portal-microsoftonline-2ce12e98.ascisoft.com/Prefetch/Prefetch.aspx
Frame ID: 1D10D7956C6024E5BAD821D5D2B958F7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://protection.greathorn.com/services/v2/lookupUrl/cf2ebc1f-2dfb-4822-bc0e-df84e10c93de/1132/949529f8c731... HTTP 302
    https://r20.rs6.net/tn.jsp?t=3Dqcuzd54ab.0.0.sqy9yutab.0&1d=preview&r=3&p=http://RRnPci.9BJ4Sy3.... HTTP 302
    http://rrnpci.9bj4sy3.wine-ways.co.za/?=mkatzoff@janney.com Page URL
  2. https://mso.ascisoft.com/?username=mkatzoff@janney.com Page URL
  3. https://mso.ascisoft.com/?username=mkatzoff@janney.com Page URL
  4. https://mso.ascisoft.com/?username=mkatzoff@janney.com&sso_reload=true Page URL

Page Statistics

12
Requests

42 %
HTTPS

25 %
IPv6

4
Domains

7
Subdomains

3
IPs

3
Countries

300 kB
Transfer

1086 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protection.greathorn.com/services/v2/lookupUrl/cf2ebc1f-2dfb-4822-bc0e-df84e10c93de/1132/949529f8c73167a9244dfab08781b426896b431a?domain=r20.rs6.net&path=/tn.jsp HTTP 302
    https://r20.rs6.net/tn.jsp?t=3Dqcuzd54ab.0.0.sqy9yutab.0&1d=preview&r=3&p=http://RRnPci.9BJ4Sy3.wine-ways.co.za/?=mkatzoff@janney.com HTTP 302
    http://rrnpci.9bj4sy3.wine-ways.co.za/?=mkatzoff@janney.com Page URL
  2. https://mso.ascisoft.com/?username=mkatzoff@janney.com Page URL
  3. https://mso.ascisoft.com/?username=mkatzoff@janney.com Page URL
  4. https://mso.ascisoft.com/?username=mkatzoff@janney.com&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://protection.greathorn.com/services/v2/lookupUrl/cf2ebc1f-2dfb-4822-bc0e-df84e10c93de/1132/949529f8c73167a9244dfab08781b426896b431a?domain=r20.rs6.net&path=/tn.jsp HTTP 302
  • https://r20.rs6.net/tn.jsp?t=3Dqcuzd54ab.0.0.sqy9yutab.0&1d=preview&r=3&p=http://RRnPci.9BJ4Sy3.wine-ways.co.za/?=mkatzoff@janney.com HTTP 302
  • http://rrnpci.9bj4sy3.wine-ways.co.za/?=mkatzoff@janney.com

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
rrnpci.9bj4sy3.wine-ways.co.za/
Redirect Chain
  • https://protection.greathorn.com/services/v2/lookupUrl/cf2ebc1f-2dfb-4822-bc0e-df84e10c93de/1132/949529f8c73167a9244dfab08781b426896b431a?domain=r20.rs6.net&path=/tn.jsp
  • https://r20.rs6.net/tn.jsp?t=3Dqcuzd54ab.0.0.sqy9yutab.0&1d=preview&r=3&p=http://RRnPci.9BJ4Sy3.wine-ways.co.za/?=mkatzoff@janney.com
  • http://rrnpci.9bj4sy3.wine-ways.co.za/?=mkatzoff@janney.com
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rrnpci.9bj4sy3.wine-ways.co.za/?=mkatzoff@janney.com
Protocol
HTTP/1.1
Server
197.242.144.175 Johannesburg, South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
quintus.aserv.co.za
Software
nginx /
Resource Hash
70a5fa257d235f79af6c08e3207a7bfd2539224749cbf3f14528fa9e2b7a3617
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Jul 2022 17:35:08 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Nginx-Upstream-Cache-Status
MISS
X-Server-Powered-By
nginx-ah
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection
close
Content-Length
0
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 05 Jul 2022 17:35:05 GMT
Location
http://RRnPci.9BJ4Sy3.wine-ways.co.za/?=mkatzoff@janney.com
P3P
CP="CAO DSP TAIa OUR NOR UNI"
Pragma
no-cache
Server
Apache
/
mso.ascisoft.com/ 		72 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mso.ascisoft.com/?username=mkatzoff@janney.com
Requested by
Host: rrnpci.9bj4sy3.wine-ways.co.za
URL: http://rrnpci.9bj4sy3.wine-ways.co.za/?=mkatzoff@janney.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.21.10.8 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
178-21-10-8.cloudvps.regruhosting.ru
Software
nginx/1.21.6 /
Resource Hash
8b317992b863b6ab0968245557ac10c0e4cc0e791fadc944b0244706791bf427

Request headers

Referer
http://rrnpci.9bj4sy3.wine-ways.co.za/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 05 Jul 2022 17:35:08 GMT
server
nginx/1.21.6
vary
Accept-Encoding
/
mso.ascisoft.com/ 		290 KB
84 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mso.ascisoft.com/?username=mkatzoff@janney.com
Requested by
Host: mso.ascisoft.com
URL: https://mso.ascisoft.com/?username=mkatzoff@janney.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.21.10.8 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
178-21-10-8.cloudvps.regruhosting.ru
Software
nginx/1.21.6 /
Resource Hash
a2c83e09b935d7ab853385a1fa11a966d8e5507588d621b34e18086fc568ed22

Request headers

Referer
https://mso.ascisoft.com/?username=mkatzoff@janney.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 05 Jul 2022 17:35:10 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity-nel-measure-office-2ce12e98.ascisoft.com/api/report?catId=GW+estsfd+ams2"}]}
server
nginx/1.21.6
vary
Accept-Encoding Accept-Encoding
x-ms-ests-server
2.1.13081.9 - NEULR2 ProdSlices
x-ms-request-id
73f05880-5ce9-4730-b8a5-0485a5f23901
Primary Request /
mso.ascisoft.com/ 		337 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mso.ascisoft.com/?username=mkatzoff@janney.com&sso_reload=true
Requested by
Host: mso.ascisoft.com
URL: https://mso.ascisoft.com/?username=mkatzoff@janney.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.21.10.8 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
178-21-10-8.cloudvps.regruhosting.ru
Software
nginx/1.21.6 /
Resource Hash
678373f3b64875b2d85150ccdccf3d1128304c33e3a0a2080d59f0c8245fdcdb

Request headers

Referer
https://mso.ascisoft.com/?username=mkatzoff@janney.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 05 Jul 2022 17:35:11 GMT
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity-nel-measure-office-2ce12e98.ascisoft.com/api/report?catId=GW+estsfd+ams2"}]}
server
nginx/1.21.6
vary
Accept-Encoding Accept-Encoding
x-ms-ests-server
2.1.13006.6 - SCUS ProdSlices
x-ms-request-id
08ac5a1b-dcf6-4106-85ba-4ddc8aa5b801
Me.htm
login.ascisoft.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.ascisoft.com/Me.htm?v=3
Requested by
Host: mso.ascisoft.com
URL: https://mso.ascisoft.com/?username=mkatzoff@janney.com&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.21.10.8 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
178-21-10-8.cloudvps.regruhosting.ru
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mso.ascisoft.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
ConvergedLogin_PCore_UbUmcyGu3AmHaoehHvoQJA2.js
aadcdn-msauth-2ce12e98.ascisoft.com/shared/1.0/content/js/ 		379 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn-msauth-2ce12e98.ascisoft.com/shared/1.0/content/js/ConvergedLogin_PCore_UbUmcyGu3AmHaoehHvoQJA2.js
Requested by
Host: mso.ascisoft.com
URL: https://mso.ascisoft.com/?username=mkatzoff@janney.com&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.21.10.8 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
178-21-10-8.cloudvps.regruhosting.ru
Software
nginx/1.21.6 /
Resource Hash
fcc498f0f98adeb958f7530d0a9b121fbcf457c6fdf9e8a9c419cf01c4efdf77

Request headers

Referer
https://mso.ascisoft.com/
Origin
https://mso.ascisoft.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 05 Jul 2022 17:35:13 GMT
content-encoding
gzip
vary
Accept-Encoding
x-azure-ref-originshield
0dlC9YgAAAADvWgicVTyWS4/5FxqKj3axRlJBMjMxMDUwNDE3MDUzADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 26 May 2022 23:21:53 GMT
server
nginx/1.21.6
x-azure-ref
0UHbEYgAAAADjT4idRt0/R6+goKfs5XPrRlJBMjMxMDUwNDE5MDI3ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1e4c0ce0-a01e-0071-7740-8aee71000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
Prefetch.aspx
portal-microsoftonline-2ce12e98.ascisoft.com/Prefetch/ Frame 1D10 		0
0
converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css
aadcdn-msauth-2ce12e98.ascisoft.com/ests/2.1/content/cdnbundles/ 		0
0
ux.converged.login.strings-de.min_dleyhmk9dgvufebxr4oyiq2.js
aadcdn-msauth-2ce12e98.ascisoft.com/ests/2.1/content/cdnbundles/ 		0
0
convergedlogin_pfetchsessionsprogress_c517f0e3ce9f4c448e6f.js
aadcdn-msauth-2ce12e98.ascisoft.com/shared/1.0/content/js/asyncchunk/ 		0
0
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn-msauth-2ce12e98.ascisoft.com/shared/1.0/content/images/ 		0
0
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn-msauth-2ce12e98.ascisoft.com/shared/1.0/content/images/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
portal-microsoftonline-2ce12e98.ascisoft.com
URL
https://portal-microsoftonline-2ce12e98.ascisoft.com/Prefetch/Prefetch.aspx
Domain
aadcdn-msauth-2ce12e98.ascisoft.com
URL
https://aadcdn-msauth-2ce12e98.ascisoft.com/ests/2.1/content/cdnbundles/converged.v2.login.min_ziytf8dzt9eg1s6-ohhleg2.css
Domain
aadcdn-msauth-2ce12e98.ascisoft.com
URL
https://aadcdn-msauth-2ce12e98.ascisoft.com/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_dleyhmk9dgvufebxr4oyiq2.js
Domain
aadcdn-msauth-2ce12e98.ascisoft.com
URL
https://aadcdn-msauth-2ce12e98.ascisoft.com/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_c517f0e3ce9f4c448e6f.js
Domain
aadcdn-msauth-2ce12e98.ascisoft.com
URL
https://aadcdn-msauth-2ce12e98.ascisoft.com/shared/1.0/content/images/marching_ants_white_166de53471265253ab3a456defe6da23.gif
Domain
aadcdn-msauth-2ce12e98.ascisoft.com
URL
https://aadcdn-msauth-2ce12e98.ascisoft.com/shared/1.0/content/images/marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

3 Cookies

Domain/Path Name / Value
.ascisoft.com/ Name: __7P5L
Value: MmNlMTJlOTgtYjlmMi00NzBmLTg0NjMtNDYyZGE4N2IyMmUyOjcwMWE4NzVhLWU0YWMtNGQzNi05MmFmLWNjNTUyMDhmZjM2Yw==
.mso.ascisoft.com/ Name: AADSSO
Value: NA|NoExtension
mso.ascisoft.com/ Name: SSOCOOKIEPULLED
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block