urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.us Open in urlscan Pro
52.126.195.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qos.microsoftfederal.com/
Effective URL: https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1af...
Submission Tags: @phishunt_io
Submission: On December 11 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 52.126.195.1, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.us.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 26th 2021. Valid for: a year.
This is the only time login.microsoftonline.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 20.140.90.160 8070 (MICROSOFT...)
1 2 20.190.160.8 8075 (MICROSOFT...)
2 52.126.195.1 8070 (MICROSOFT...)
1 20.190.160.129 8075 (MICROSOFT...)
6 152.199.23.37 15133 (EDGECAST)
20 5
10    20.140.90.160 (Boydton, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
qos.microsoftfederal.com
2    20.190.160.8 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
2    52.126.195.1 (San Antonio, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.us
1    20.190.160.129 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
6    152.199.23.37 (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
Domain Requested by
10 qos.microsoftfederal.com qos.microsoftfederal.com
6 aadcdn.msftauth.net login.microsoftonline.us
2 login.microsoftonline.us login.microsoftonline.com
login.microsoftonline.us
2 login.microsoftonline.com 1 redirects qos.microsoftfederal.com
1 login.live.com login.microsoftonline.us
20 5

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com
Subject Issuer Validity Valid
qos.microsoftfederal.com
Microsoft RSA TLS CA 01		 2021-12-10 -
2022-12-10		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-11-24		 a year crt.sh
login.microsoftonline.us
DigiCert SHA2 Secure Server CA		 2021-10-26 -
2022-10-26		 a year crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2021-11-16 -
2022-11-16		 a year crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2021-05-13 -
2022-05-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&sso_reload=true
Frame ID: 3709122D20752AA9D8ABE0CA371422BF
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bei Ihrem Konto anmelden

Page URL History Show full URLs

  1. https://qos.microsoftfederal.com/ Page URL
  2. https://login.microsoftonline.com/microsoftfederal.com/oauth2/authorize?response_type=id_token&client_id=eb947... Page URL
  3. https://login.microsoftonline.com/microsoftfederal.com/oauth2/authorize?response_type=id_token&client_id=eb947... HTTP 302
    https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823... Page URL
  4. https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823... Page URL

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1174 kB
Transfer

3689 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qos.microsoftfederal.com/ Page URL
  2. https://login.microsoftonline.com/microsoftfederal.com/oauth2/authorize?response_type=id_token&client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&redirect_uri=https%3A%2F%2Fqos.microsoftfederal.com%2Flogin&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=7e1e2e25-73df-454d-a21f-f4c3def49b0f Page URL
  3. https://login.microsoftonline.com/microsoftfederal.com/oauth2/authorize?response_type=id_token&client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&redirect_uri=https%3A%2F%2Fqos.microsoftfederal.com%2Flogin&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=7e1e2e25-73df-454d-a21f-f4c3def49b0f&sso_reload=true HTTP 302
    https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57 Page URL
  4. https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://login.microsoftonline.com/microsoftfederal.com/oauth2/authorize?response_type=id_token&client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&redirect_uri=https%3A%2F%2Fqos.microsoftfederal.com%2Flogin&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=7e1e2e25-73df-454d-a21f-f4c3def49b0f&sso_reload=true HTTP 302
  • https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
qos.microsoftfederal.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qos.microsoftfederal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.140.90.160 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5bf3f305bc1deb4e613948287387868555c623e8e7f3b3420b4630013b005e1f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Length
733
Content-Type
text/html
Content-Encoding
gzip
Expires
-1
Last-Modified
Thu, 15 Apr 2021 23:36:46 GMT
Accept-Ranges
bytes
ETag
"0bbb1325032d71:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Content-Type-Options
nosniff
ARRAffinity
strict
Date
Sat, 11 Dec 2021 06:05:43 GMT
jquery.min.js
qos.microsoftfederal.com/ 		85 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qos.microsoftfederal.com/jquery.min.js
Requested by
Host: qos.microsoftfederal.com
URL: https://qos.microsoftfederal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.140.90.160 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qos.microsoftfederal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Dec 2021 06:05:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 15 Apr 2021 23:36:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ARRAffinity
strict
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-cache,no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
38902
ETag
"0bbb1325032d71:0"
Expires
-1
bootstrap.min.js
qos.microsoftfederal.com/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qos.microsoftfederal.com/bootstrap.min.js
Requested by
Host: qos.microsoftfederal.com
URL: https://qos.microsoftfederal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.140.90.160 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qos.microsoftfederal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Dec 2021 06:05:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 15 Apr 2021 23:36:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ARRAffinity
strict
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-cache,no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
13045
ETag
"0bbb1325032d71:0"
Expires
-1
bootstrap.min.css
qos.microsoftfederal.com/ 		141 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qos.microsoftfederal.com/bootstrap.min.css
Requested by
Host: qos.microsoftfederal.com
URL: https://qos.microsoftfederal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.140.90.160 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c4b6ed2645519ec2c128badb2a2e7720052f8441ffa94c4f0bceca02311004da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qos.microsoftfederal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Dec 2021 06:05:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 15 Apr 2021 23:36:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ARRAffinity
strict
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache,no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
32230
ETag
"0bbb1325032d71:0"
Expires
-1
styles.b4e28f43361ec09d55ff.css
qos.microsoftfederal.com/ 		731 KB
226 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qos.microsoftfederal.com/styles.b4e28f43361ec09d55ff.css
Requested by
Host: qos.microsoftfederal.com
URL: https://qos.microsoftfederal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.140.90.160 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c67fa3b1bb9c327b0f5aea3de9c8c9b6bf1af800834c1ce3d39a1156afb6065
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qos.microsoftfederal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Dec 2021 06:05:43 GMT
Content-Encoding
gzip
ETag
"0bbb1325032d71:0"
Last-Modified
Thu, 15 Apr 2021 23:36:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ARRAffinity
strict
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
no-cache,no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
Expires
-1
runtime-es2015.e748bfeb478370a35d92.js
qos.microsoftfederal.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qos.microsoftfederal.com/runtime-es2015.e748bfeb478370a35d92.js
Requested by
Host: qos.microsoftfederal.com
URL: https://qos.microsoftfederal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.140.90.160 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://qos.microsoftfederal.com/
Origin
https://qos.microsoftfederal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Dec 2021 06:05:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 15 Apr 2021 23:36:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ARRAffinity
strict
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-cache,no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
940
ETag
"0bbb1325032d71:0"
Expires
-1
polyfills-es2015.ebc7b2de27cde3ac43ee.js
qos.microsoftfederal.com/ 		64 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qos.microsoftfederal.com/polyfills-es2015.ebc7b2de27cde3ac43ee.js
Requested by
Host: qos.microsoftfederal.com
URL: https://qos.microsoftfederal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.140.90.160 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c57b7c5d6d47a7b527bacfa3909f71864c48bf400caaa4926b95efc4a2f2968c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://qos.microsoftfederal.com/
Origin
https://qos.microsoftfederal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Dec 2021 06:05:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 15 Apr 2021 23:36:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ARRAffinity
strict
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-cache,no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
27767
ETag
"0bbb1325032d71:0"
Expires
-1
scripts.3dbb4db1f50cbe9dce14.js
qos.microsoftfederal.com/ 		143 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qos.microsoftfederal.com/scripts.3dbb4db1f50cbe9dce14.js
Requested by
Host: qos.microsoftfederal.com
URL: https://qos.microsoftfederal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.140.90.160 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d7c1a13eebd9c0c7fba6ea4f6e55e268412d9f335e445ee81b4d03d1c60e5243
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qos.microsoftfederal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Dec 2021 06:05:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 15 Apr 2021 23:36:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ARRAffinity
strict
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-cache,no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
60524
ETag
"0bbb1325032d71:0"
Expires
-1
main-es2015.d51440816efe70cc8323.js
qos.microsoftfederal.com/ 		1 MB
452 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qos.microsoftfederal.com/main-es2015.d51440816efe70cc8323.js
Requested by
Host: qos.microsoftfederal.com
URL: https://qos.microsoftfederal.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.140.90.160 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
91638e8c9ec59e3f7ed160f2b35642e9a7f2ed72460eb55081d6033eb779f96c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://qos.microsoftfederal.com/
Origin
https://qos.microsoftfederal.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Dec 2021 06:05:44 GMT
Content-Encoding
gzip
ETag
"0bbb1325032d71:0"
Last-Modified
Thu, 15 Apr 2021 23:36:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ARRAffinity
strict
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-cache,no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
Expires
-1
authorize
login.microsoftonline.com/microsoftfederal.com/oauth2/ 		147 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/microsoftfederal.com/oauth2/authorize?response_type=id_token&client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&redirect_uri=https%3A%2F%2Fqos.microsoftfederal.com%2Flogin&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=7e1e2e25-73df-454d-a21f-f4c3def49b0f
Requested by
Host: qos.microsoftfederal.com
URL: https://qos.microsoftfederal.com/main-es2015.d51440816efe70cc8323.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2df5baf7cd2f2074f730efd2467d6780b8197ae98b2620bd58d40ae01140d383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://qos.microsoftfederal.com/

Response headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
11830560-285b-4904-ac0f-cbb022137700
x-ms-ests-server
2.1.12249.17 - KRSLR1 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,50168,0,,
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Referrer-Policy
strict-origin-when-cross-origin
Date
Sat, 11 Dec 2021 06:05:45 GMT
Content-Length
53609
msicon1.png
qos.microsoftfederal.com/assets/ 		472 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qos.microsoftfederal.com/assets/msicon1.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.140.90.160 Boydton, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://qos.microsoftfederal.com/login?returnUrl=%2Fmonthdashboard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Dec 2021 06:05:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 15 Apr 2021 23:36:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ARRAffinity
strict
Content-Type
image/png
Cache-Control
no-cache,no-cache, no-store, must-revalidate
Accept-Ranges
bytes
Content-Length
472
ETag
"0bbb1325032d71:0"
Expires
-1
authorize
login.microsoftonline.us/microsoftfederal.com/OAuth2/
Redirect Chain
  • https://login.microsoftonline.com/microsoftfederal.com/oauth2/authorize?response_type=id_token&client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&redirect_uri=https%3A%2F%2Fqos.microsoftfederal.com%2Fl...
  • https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQ...
148 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/microsoftfederal.com/oauth2/authorize?response_type=id_token&client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&redirect_uri=https%3A%2F%2Fqos.microsoftfederal.com%2Flogin&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=7e1e2e25-73df-454d-a21f-f4c3def49b0f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.126.195.1 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f8c0a14099bf4fb42f5559bcb039745c6e7daa8142e5f3e3f02c3983b2662819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.com/microsoftfederal.com/oauth2/authorize?response_type=id_token&client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&redirect_uri=https%3A%2F%2Fqos.microsoftfederal.com%2Flogin&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&x-client-SKU=Js&x-client-Ver=1.0.17&nonce=7e1e2e25-73df-454d-a21f-f4c3def49b0f

Response headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
777e14fd-7895-4109-9423-bf2efb320200
x-ms-ests-server
2.1.12231.10 - UST1 ProdSlices
Referrer-Policy
strict-origin-when-cross-origin
Date
Sat, 11 Dec 2021 06:05:46 GMT
Content-Length
54063

Redirect headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Location
https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57#
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
11830560-285b-4904-ac0f-cbb034137700
x-ms-ests-server
2.1.12249.17 - KRSLR1 ProdSlices
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,0,0,,
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Referrer-Policy
strict-origin-when-cross-origin
Date
Sat, 11 Dec 2021 06:05:45 GMT
Content-Length
786
Primary Request authorize
login.microsoftonline.us/microsoftfederal.com/OAuth2/ 		199 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&sso_reload=true
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.126.195.1 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f166e32e7bfe47fff8975fd9a8c6e82a1854f6af59c7d0e0bbf4a09858ba3f9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57

Response headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Expires
-1
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Link
<https://aadcdn.msftauth.net>; rel=preconnect; crossorigin <https://aadcdn.msftauth.net>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control
on
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id
f903f569-fb9f-46a0-b64c-6a26d1af0300
x-ms-ests-server
2.1.12231.10 - UST1 ProdSlices
Referrer-Policy
strict-origin-when-cross-origin
Date
Sat, 11 Dec 2021 06:05:47 GMT
Content-Length
51535
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.129 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
ConvergedLogin_PCore_-crRrmu1fyxRq0drxsS_Tw2.js
aadcdn.msftauth.net/shared/1.0/content/js/ 		459 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_-crRrmu1fyxRq0drxsS_Tw2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FAF) /
Resource Hash
d0935ea27fa60c8c5bdac15e67cbb6552d3430784deb01a697b34c45c085a937

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Dec 2021 06:05:47 GMT
content-encoding
gzip
content-md5
cSOTM008HNknaxjvkwY68A==
age
3820145
x-cache
HIT
content-length
128562
x-ms-lease-status
unlocked
last-modified
Mon, 25 Oct 2021 18:33:32 GMT
server
ECAcc (frc/8FAF)
etag
0x8D997E5F285C459
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fb650e73-b01e-009a-0596-cbb3aa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FCC) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Dec 2021 06:05:47 GMT
content-encoding
gzip
content-md5
0O2H9juGYL0zkzcYWr0NIg==
age
5924921
x-cache
HIT
content-length
19877
x-ms-lease-status
unlocked
last-modified
Tue, 28 Sep 2021 21:42:58 GMT
server
ECAcc (frc/8FCC)
etag
0x8D982C8F03AF4D4
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ux.converged.login.strings-de.min_3vpk3xzqvz336ezzc9dpja2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-de.min_3vpk3xzqvz336ezzc9dpja2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/microsoftfederal.com/OAuth2/authorize?client_id=eb9471f0-716a-416e-9df7-5823ffbe50e2&state=ae1afb69-be1d-4131-b8be-d8a5f568e8e2&nc_proxy_request=1&nc_proxy_state=rQIIAW3OvUvDQBzG8VzTprUg1iri2KFKES7JXd4jDoX6PqiDVFDQpPmdrbZNm6QKXV06Ojs6ioOIgziJi1AHHcW_QFx0dLQuTi4PfKfnkxaIKIvEmOGJSOw8uJZqECZjg-gOVokO2PKYgTWTKoy5oMlAg2w600uoj1OzO6Wbz4_W1PNu-RahF4TeEbqI5Q0gQIFq2FA8hlVN9bBDCcNMrSgeMNVyZfYWG1krdqIq_R0_qHXhjM87QBzm6hZ2gXiDc4Vg13QBe6ajMU03wQR6zY83apXAD30WMfAgcOpixW-88ugljj7iEymU4SZHc1whKfN2KpUeFJfjvuPoPDFg7yVORrcL8eXLkacrdeyY6yekUjda3Cw3V6jjEHl1udTeWjpiB_ML1cMiXZC662ZLXy36JUmxNuY0m5wKwoOQ_SP4zXqtCWIn7AuxlfBLQL0kdzc0XY2iVmhLUtsPxf-4Ut3frzXvh7kf0&nc_client_reply_address=https%3a%2f%2fqos.microsoftfederal.com%2flogin&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fmicrosoftfederal.com%2fNationalCloudFederation&response_mode=form_post&client-request-id=c7340588-3b25-445c-b4ef-ea7025cf5f57&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FCE) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Dec 2021 06:05:47 GMT
content-encoding
gzip
content-md5
AoEVf/qg+0d/dfg43ZuybA==
age
4107158
x-cache
HIT
content-length
13731
x-ms-lease-status
unlocked
last-modified
Tue, 19 Oct 2021 04:06:56 GMT
server
ECAcc (frc/8FCE)
etag
0x8D992B5E407BA54
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d9f4a31e-201e-005a-48fa-c8b74d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FE5) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Dec 2021 06:05:47 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
13142384
x-cache
HIT
content-length
673
x-ms-lease-status
unlocked
last-modified
Wed, 12 Feb 2020 22:01:50 GMT
server
ECAcc (frc/8FE5)
etag
0x8D7B007297AE131
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
1528e04b-101e-0063-5ccd-76af16000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E9E) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Dec 2021 06:05:47 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
19356198
x-cache
HIT
content-length
1435
x-ms-lease-status
unlocked
last-modified
Thu, 16 Jan 2020 00:32:52 GMT
server
ECAcc (frc/8E9E)
etag
0x8D79A1B9F5E121A
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0c55977d-f01e-0098-2849-3ebec7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 		2 KB
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FFC) /
Resource Hash
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.microsoftonline.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 11 Dec 2021 06:05:48 GMT
content-encoding
gzip
content-md5
R2FAVxfpONfnQAuxVxXbHg==
age
11857666
x-cache
HIT
content-length
621
x-ms-lease-status
unlocked
last-modified
Tue, 10 Nov 2020 03:41:05 GMT
server
ECAcc (frc/8FFC)
etag
0x8D8852A740F01B9
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
a3f9aa36-901e-008e-257c-82e72e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ object| Telemetry object| telemetry_webpackJsonp

20 Cookies

Domain/Path Name / Value
.qos.microsoftfederal.com/ Name: ARRAffinity
Value: 860eb179970d14619ae998732c87c14f3e6db3c4e0f5dd2946de4ccf88833cce
.qos.microsoftfederal.com/ Name: ARRAffinitySameSite
Value: 860eb179970d14619ae998732c87c14f3e6db3c4e0f5dd2946de4ccf88833cce
qos.microsoftfederal.com/ Name: ai_user
Value: k2jhe|2021-12-11T06:05:45.049Z
login.microsoftonline.com/ Name: fpc
Value: AnMmRVQXRfVMl4B0zj6LLgI
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.AVMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr7cMN09RPBExyqAp0qq0RDUN2ODyWOg5n1PRAd0UsTMDA9UO-yOAx_edaAyLux8OEpbjs8o6hLPaIBI4JGNdTA7zmOOmXKJeMa2MF76xnx8MgAA
.login.microsoftonline.com/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrSOkQNjQhwVAIFBrOTxGhN8L4Qw-DT9IryBGsD6AVoNr6wdu4wVC2x0538utNeZtJl67t62HtSsL8qXB7-Hveev4v5P2DuaM7op5tv0QMXJRK4rySXftXwLcMoTA0zuqeD88kY6u3QsVsN5xlXXPwxPSmehZYECgQHjwyGweLH8ogAA
login.microsoftonline.us/ Name: x-ms-gateway-slice
Value: 001
login.microsoftonline.us/ Name: stsservicecookie
Value: estsusgov
.login.microsoftonline.us/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.us/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.us/ Name: buid
Value: 0.AAAA7d2xhkjVG06VhJAElBRXc_BxlOtqcW5BnfdYI_--UOIBAAA.AQABAAEAAgBXxJ9NxOLiQKGXj-vdb8BdHtHr2vM-0Ys6piOXxFiUPMfZ0NghFmQ5K5psR9lIw6aHNMiOq3baoNDgFLkxqiK9x-2xkV7CTBTb_JwFIFkk5eebPUOogqABNIzckNvj4ucgAA
login.microsoftonline.us/ Name: fpc
Value: Ahr1XD_I21lArC84kOUs-9H7b2wKAQAAALs2RtkOAAAA
.login.microsoftonline.us/ Name: esctx
Value: AQABAAAAAgBXxJ9NxOLiQKGXj-vdb8BdHNqntlLA1OU_T4a81wurbO0Lg2S_ASRx-IuE3_NYwmd8ynIjLR7wmhF4i9UlvghYZvFu7R_djutouV0NBk-Y4nfcXsAVSlHjWEATPzaiX1D8JS0pMMB0NTQYaQbS0r8oPsgY04eNQqbJ7cKm8b3Wkef4vmfXMn2RW2nVb9zxItEgAA
.login.microsoftonline.us/ Name: brcap
Value: 0
.login.live.com/ Name: uaid
Value: e2de98b3ee194320b5b512d1da38a31b
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1639202747&co=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff