Submitted URL: https://6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/t/t/7cCQZPIBP93zKLYE0I7JWapAAxxkuR98VJlxSqTExecx/ElapfKGiufqdzrNrHNPW0t3P8iKuIlh3n4Hx8S0WI60x
Effective URL: https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
Submission: On February 11 via manual from US

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 7 HTTP transactions.
The main IP is 40.70.27.35, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is wins.microsoftcrmportals.com.
TLS certificate: Issued by Microsoft IT TLS CA 2 on March 29th 2018. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 6 52.183.87.159 8075 (MICROSOFT...)
1 2 40.70.27.35 8075 (MICROSOFT...)
1 2606:2800:133... 15133 (EDGECAST)
7 3
Domain
Subdomains
Transfer
6 dynamics.com
5 KB
2 microsoftcrmportals.com
2 KB
1 azureedge.net
6 KB
7 3
Domain Requested by
6 6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com 1 redirects wins.microsoftcrmportals.com
mktdplp102cdn.azureedge.net
2 wins.microsoftcrmportals.com 1 redirects
1 mktdplp102cdn.azureedge.net wins.microsoftcrmportals.com
7 3

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
*.microsoftcrmportals.com
Microsoft IT TLS CA 2
2018-03-29 -
2020-03-29
2 years
*.vo.msecnd.net
Microsoft IT TLS CA 2
2018-03-30 -
2020-03-30
2 years
*.svc.dynamics.com
Microsoft IT TLS CA 5
2018-01-11 -
2020-01-11
2 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set ?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
/manageSubscriptions
Redirect Chain
  • https://6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/t/t/7cCQZPIBP93zKLYE0I7JWapAAxxkuR98VJlxSqTExecx/ElapfKGiufqdzrNrHNPW0t3P8iKuIlh3n4Hx8S0WI60x
  • https://wins.microsoftcrmportals.com/manageSubscriptions?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
  • https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
2 KB
1 KB
Document
General
Full URL
https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.27.35 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
013e272cb5bc2a0fbf50ff400ecf7611922e2156c9dd602d83ccd83ad4710170
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Host
wins.microsoftcrmportals.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Cookie
Dynamics365PortalAnalytics=tvPSEvDFK-B4nYM_pfHoNWJMJYPLUfPzDAMC405ohaGkjCvHWnVbT-Yl1mW-tByJFRS9fOdT9ce6T1bLxTlcji4cmlks6DAbsgicwhLAqOkOmRwhsq8NfXrdAeS5h-I18XnhZ_NEPo2qszVWSkWmiw2; ARRAffinity=dd716a6def04e48f4e433f7740cecb7f8a4f1c77d318c5480b769fc5157ad936
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Length
955
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Set-Cookie
ASP.NET_SessionId=wt03fnwbbrcwsju4a0lkabit; path=/; secure; HttpOnly
x-ms-request-id
94a932a4-ac01-4368-bc61-5da38ff8aca5
x-ms-portal-app
site-4b7da222-751a-46c8-957d-3fc34601b2cf-USe2
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 11 Feb 2019 16:51:53 GMT

Redirect headers

Location
/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
Set-Cookie
Dynamics365PortalAnalytics=tvPSEvDFK-B4nYM_pfHoNWJMJYPLUfPzDAMC405ohaGkjCvHWnVbT-Yl1mW-tByJFRS9fOdT9ce6T1bLxTlcji4cmlks6DAbsgicwhLAqOkOmRwhsq8NfXrdAeS5h-I18XnhZ_NEPo2qszVWSkWmiw2; expires=Sun, 12-May-2019 16:51:53 GMT; path=/; secure; HttpOnly ARRAffinity=dd716a6def04e48f4e433f7740cecb7f8a4f1c77d318c5480b769fc5157ad936;Path=/;HttpOnly;Domain=wins.microsoftcrmportals.com
x-ms-request-id
5accad15-342e-41ea-8f03-0c74aa5647c1
x-ms-portal-app
site-4b7da222-751a-46c8-957d-3fc34601b2cf-USe2
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 11 Feb 2019 16:51:53 GMT
Content-Length
0
loader.js
mktdplp102cdn.azureedge.net/public/1.30.1027.0/static/js
35 KB
6 KB
Script
General
Full URL
https://mktdplp102cdn.azureedge.net/public/1.30.1027.0/static/js/loader.js
Requested by
Host: wins.microsoftcrmportals.com
URL: https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F88) /
Resource Hash
b8e87fe7b88cd65399af64b0e8f8f2b0b1561112b3b145c1072e37c30d362e6a

Request headers

Referer
https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 11 Feb 2019 16:51:54 GMT
content-encoding
gzip
content-md5
O/2VNMd7g0ov6b+Q1qvFJQ==
x-cache
HIT
status
200
content-length
5833
x-ms-lease-status
unlocked
last-modified
Sun, 03 Feb 2019 14:27:31 GMT
server
ECAcc (frc/8F88)
etag
0x8D689E3BB9967C6
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9d033e80-c01e-006d-1413-c2e7e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version
x-ms-version
2009-09-19
w
6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/t
2 KB
3 KB
Script
General
Full URL
https://6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/t/w
Requested by
Host: wins.microsoftcrmportals.com
URL: https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.183.87.159 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b5c1d2872603dfd727db143dd27c08431ea78c40318694075d59aaa8ed7d4b1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
date
Mon, 11 Feb 2019 16:51:54 GMT
content-type
text/plain; charset=utf-8
status
200
x-ms-activity-id
d04895c4-055f-4d4c-9766-02b3a5ebb3df
x-activity-id
d04895c4-055f-4d4c-9766-02b3a5ebb3df
content-length
2545
api-deprecated
False
GEuFbpT1_UPSrWQyVOgZe7Lkw8Df0oMhGVisrrlZpok?ad=https%3A%2F%2Fwins.microsoftcrmportals.com%2FmanageSubscriptions%2F%3Fmsdynttrid%3D2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q&rf=&id=4178514675
6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/t/v
49 B
347 B
Image
General
Full URL
https://6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/t/v/GEuFbpT1_UPSrWQyVOgZe7Lkw8Df0oMhGVisrrlZpok?ad=https%3A%2F%2Fwins.microsoftcrmportals.com%2FmanageSubscriptions%2F%3Fmsdynttrid%3D2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q&rf=&id=4178514675
Requested by
Host: wins.microsoftcrmportals.com
URL: https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.183.87.159 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
date
Mon, 11 Feb 2019 16:51:54 GMT
content-type
image/jpeg
status
200
x-ms-activity-id
924cbf1b-f3e8-4d46-a2b2-fba28df57b10
x-activity-id
924cbf1b-f3e8-4d46-a2b2-fba28df57b10
content-length
49
api-deprecated
False
GEuFbpT1_UPSrWQyVOgZe7Lkw8Df0oMhGVisrrlZpok
6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/t/c
0
0
Document
General
Full URL
https://6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/t/c/GEuFbpT1_UPSrWQyVOgZe7Lkw8Df0oMhGVisrrlZpok
Requested by
Host: mktdplp102cdn.azureedge.net
URL: https://mktdplp102cdn.azureedge.net/public/1.30.1027.0/static/js/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.183.87.159 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com
:scheme
https
:path
/t/c/GEuFbpT1_UPSrWQyVOgZe7Lkw8Df0oMhGVisrrlZpok
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
accept-encoding
gzip, deflate, br
cookie
79f08280-5c63-4331-b04d-fb6f39afda51=j88MRtJYotxYHIbbprm1_Oz5HOOUQ744e6ZGJ9H1q9A; 319af4c0-e197-4de9-8a9b-fe98c8a2ca04=QDK7foNWj83BTvako3eZ3KW4mm51OI_r0GBGD0Cvecw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q

Response headers

status
200
content-length
1160
content-type
text/html; charset=utf-8
server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
set-cookie
79f08280-5c63-4331-b04d-fb6f39afda51=j88MRtJYotxYHIbbprm1_Oz5HOOUQ744e6ZGJ9H1q9A; expires=Wed, 10 Feb 2021 16:51:55 GMT; path=/; secure; httponly 319af4c0-e197-4de9-8a9b-fe98c8a2ca04=pDJJvtfn8MxL2y_uk_wtp4A8_4rz34Gpwqcs6U7v8Ac; path=/; secure; httponly
x-activity-id
3b4c0fff-7a27-43e5-a40d-358d6fd2b5af
x-ms-activity-id
3b4c0fff-7a27-43e5-a40d-358d6fd2b5af
api-deprecated
False
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 11 Feb 2019 16:51:55 GMT
qayTMk0vfS1n8v6KzSf5W1dzkEmHNPN6txPeYHMpc6o
6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/f/formpage/35381b66-1ce2-e811-a981-000d3a1bee29/correlation
4 KB
2 KB
XHR
General
Full URL
https://6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/f/formpage/35381b66-1ce2-e811-a981-000d3a1bee29/correlation/qayTMk0vfS1n8v6KzSf5W1dzkEmHNPN6txPeYHMpc6o
Requested by
Host: mktdplp102cdn.azureedge.net
URL: https://mktdplp102cdn.azureedge.net/public/1.30.1027.0/static/js/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.183.87.159 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aa02ae571503e8ca7024d0a7b6f17ab3080ed28fedeb8130fee713a579a63a62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
Origin
https://wins.microsoftcrmportals.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
date
Mon, 11 Feb 2019 16:51:57 GMT
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ms-activity-id
7627ec77-5f10-41f1-9d9c-ab9c2c066a4c
x-activity-id
7627ec77-5f10-41f1-9d9c-ab9c2c066a4c
api-deprecated
False
35381b66-1ce2-e811-a981-000d3a1bee29
6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/f/m
0
85 B
XHR
General
Full URL
https://6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/f/m/35381b66-1ce2-e811-a981-000d3a1bee29
Requested by
Host: mktdplp102cdn.azureedge.net
URL: https://mktdplp102cdn.azureedge.net/public/1.30.1027.0/static/js/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.183.87.159 Redmond, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
Origin
https://wins.microsoftcrmportals.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
date
Mon, 11 Feb 2019 16:51:57 GMT
status
200
access-control-allow-origin
*
x-ms-activity-id
e54cbe96-9f28-488c-ae28-6ab12762f573
x-activity-id
e54cbe96-9f28-488c-ae28-6ab12762f573
content-length
0
api-deprecated
False

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/t/t/7cCQZPIBP93zKLYE0I7JWapAAxxkuR98VJlxSqTExecx/ElapfKGiufqdzrNrHNPW0t3P8iKuIlh3n4Hx8S0WI60x
  • https://wins.microsoftcrmportals.com/manageSubscriptions?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q
  • https://wins.microsoftcrmportals.com/manageSubscriptions/?msdynttrid=2yp8PLdgs-56FQUECHP_LCvPiDTYEEJlP5fd-h7Gl4Q

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| MsCrmMkt function| ms_tr_il_08 object| w

2 Cookies

Domain/Path Name / Value
6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/ Name: 319af4c0-e197-4de9-8a9b-fe98c8a2ca04
Value: pDJJvtfn8MxL2y_uk_wtp4A8_4rz34Gpwqcs6U7v8Ac
6d4fab4205ed490c85767785ddd4f841.svc.dynamics.com/ Name: 79f08280-5c63-4331-b04d-fb6f39afda51
Value: j88MRtJYotxYHIbbprm1_Oz5HOOUQ744e6ZGJ9H1q9A

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN