![](/screenshots/b2408474-a64f-4240-9d49-20d1f3ba5b53.png)
login.microsoftonline.us
Open in
urlscan Pro
2001:489a:3500:48::6
Public Scan
Effective URL: https://login.microsoftonline.us/apps.mil/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2...
Submission: On November 16 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 25th 2023. Valid for: a year.
This is the only time login.microsoftonline.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 4 | 2001:489a:220... 2001:489a:2200:548::2 | 8070 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
28 | 2600:141b:1c0... 2600:141b:1c00:19::17c8:581e | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2001:489a:350... 2001:489a:3500:48::6 | 8070 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 52.245.136.46 52.245.136.46 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2620:1ec:bdf::40 2620:1ec:bdf::40 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
11 | 2606:2800:21f... 2606:2800:21f:1b88:6342:f8de:86c:e98b | 15133 (EDGECAST) (EDGECAST) | |
45 | 6 |
ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pod51501.office365.us |
ASN20940 (AKAMAI-ASN1, NL)
res-dod.cdn.office.net |
ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.us |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
pf.events.data.microsoft.com |
ASN15133 (EDGECAST, US)
aadcdn.msftauth.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
office.net
res-dod.cdn.office.net — Cisco Umbrella Rank: 120977 |
1 MB |
11 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1018 |
199 KB |
4 |
office365.us
2 redirects
pod51501.office365.us — Cisco Umbrella Rank: 117805 |
11 KB |
2 |
microsoftonline.us
login.microsoftonline.us — Cisco Umbrella Rank: 11713 |
19 KB |
1 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 982 |
48 KB |
1 |
microsoft.com
pf.events.data.microsoft.com — Cisco Umbrella Rank: 62988 |
588 B |
45 | 6 |
Domain | Requested by | |
---|---|---|
28 | res-dod.cdn.office.net |
pod51501.office365.us
res-dod.cdn.office.net |
11 | aadcdn.msftauth.net |
login.microsoftonline.us
aadcdn.msftauth.net |
4 | pod51501.office365.us |
2 redirects
res-dod.cdn.office.net
|
2 | login.microsoftonline.us |
res-dod.cdn.office.net
aadcdn.msauth.net |
1 | aadcdn.msauth.net |
login.microsoftonline.us
|
1 | pf.events.data.microsoft.com |
res-dod.cdn.office.net
|
45 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.microsoft.com |
privacy.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
webmail.apps.mil Entrust Certification Authority - L1K |
2023-07-26 - 2024-07-26 |
a year | crt.sh |
*.res.outlook.com DigiCert SHA2 Secure Server CA |
2023-04-17 - 2024-04-17 |
a year | crt.sh |
login.microsoftonline.us DigiCert SHA2 Secure Server CA |
2023-08-25 - 2024-08-25 |
a year | crt.sh |
*.pipe.aria.microsoft.com Microsoft Azure RSA TLS Issuing CA 07 |
2023-09-15 - 2024-09-09 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-10-29 - 2024-10-29 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-01-31 - 2024-01-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.us/apps.mil/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fpod51501.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=a98caba1-018e-a6c6-71da-4717941897e5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=apps.mil&nonce=638357612201644114.96eeecde-7127-4e65-ac34-0ed9c31ad2c5&state=DYxLboMwAAWhvUt2JNgGUy9QpaaKUAVIoSAH7_yTmhYHBAYKV-vl6sU8zeaN73nes-PJ4YduvASjFxQnGEAYAhxFAERHgrXWUukgATAJIo3jgEsUBaFWRCLAFZSx775__qlf-el11LwzKR-G6Wju3WFR6aqF4U4ny61OwWHU6j5qaes-5VkVyqzA-UZWAa-gqJu1-IwXZtjQwmYvv5tZ3YpF0MsgzuQhDQHyTH4ErAZ-K2YBY8tpuQlULuxxnVtIbI6qntFyEfB35LTa851sjF4mUYMvmb3tuQGuxSB7B4jRD9vSbvoH&sso_reload=true
Frame ID: 890B54063C5B03A44CD5F70B8D9E300F
Requests: 45 HTTP requests in this frame
Screenshot
![](/screenshots/b2408474-a64f-4240-9d49-20d1f3ba5b53.png)
Page Title
Sign in to your accountPage URL History Show full URLs
- https://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/?realm=apps.mil&vd=webmail Page URL
-
https://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/?realm=apps.mil&vd=webmail&aut...
HTTP 302
https://pod51501.office365.us/owa/?realm=apps.mil&vd=webmail&state=1&redirectTo=aHR0cHM6Ly9wb2Q1MTUwMS5vZm... HTTP 302
https://login.microsoftonline.us/apps.mil/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&red... Page URL
- https://login.microsoftonline.us/apps.mil/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&red... Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Terms of use
Search URL Search Domain Scan URL
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/?realm=apps.mil&vd=webmail Page URL
-
https://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/?realm=apps.mil&vd=webmail&authRedirect=true&state=0
HTTP 302
https://pod51501.office365.us/owa/?realm=apps.mil&vd=webmail&state=1&redirectTo=aHR0cHM6Ly9wb2Q1MTUwMS5vZmZpY2UzNjUudXMvbWFpbC9ncm91cC9kb2RpaXMub25taWNyb3NvZnQuY29tL3RoZWNvb2xraWRzLz9yZWFsbT1hcHBzLm1pbCZ2ZD13ZWJtYWls HTTP 302
https://login.microsoftonline.us/apps.mil/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fpod51501.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=a98caba1-018e-a6c6-71da-4717941897e5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=apps.mil&nonce=638357612201644114.96eeecde-7127-4e65-ac34-0ed9c31ad2c5&state=DYxLboMwAAWhvUt2JNgGUy9QpaaKUAVIoSAH7_yTmhYHBAYKV-vl6sU8zeaN73nes-PJ4YduvASjFxQnGEAYAhxFAERHgrXWUukgATAJIo3jgEsUBaFWRCLAFZSx775__qlf-el11LwzKR-G6Wju3WFR6aqF4U4ny61OwWHU6j5qaes-5VkVyqzA-UZWAa-gqJu1-IwXZtjQwmYvv5tZ3YpF0MsgzuQhDQHyTH4ErAZ-K2YBY8tpuQlULuxxnVtIbI6qntFyEfB35LTa851sjF4mUYMvmb3tuQGuxSB7B4jRD9vSbvoH Page URL
- https://login.microsoftonline.us/apps.mil/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fpod51501.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=a98caba1-018e-a6c6-71da-4717941897e5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=apps.mil&nonce=638357612201644114.96eeecde-7127-4e65-ac34-0ed9c31ad2c5&state=DYxLboMwAAWhvUt2JNgGUy9QpaaKUAVIoSAH7_yTmhYHBAYKV-vl6sU8zeaN73nes-PJ4YduvASjFxQnGEAYAhxFAERHgrXWUukgATAJIo3jgEsUBaFWRCLAFZSx775__qlf-el11LwzKR-G6Wju3WFR6aqF4U4ny61OwWHU6j5qaes-5VkVyqzA-UZWAa-gqJu1-IwXZtjQwmYvv5tZ3YpF0MsgzuQhDQHyTH4ErAZ-K2YBY8tpuQlULuxxnVtIbI6qntFyEfB35LTa851sjF4mUYMvmb3tuQGuxSB7B4jRD9vSbvoH&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 30- https://pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/?realm=apps.mil&vd=webmail&authRedirect=true&state=0 HTTP 302
- https://pod51501.office365.us/owa/?realm=apps.mil&vd=webmail&state=1&redirectTo=aHR0cHM6Ly9wb2Q1MTUwMS5vZmZpY2UzNjUudXMvbWFpbC9ncm91cC9kb2RpaXMub25taWNyb3NvZnQuY29tL3RoZWNvb2xraWRzLz9yZWFsbT1hcHBzLm1pbCZ2ZD13ZWJtYWls HTTP 302
- https://login.microsoftonline.us/apps.mil/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fpod51501.office365.us%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=a98caba1-018e-a6c6-71da-4717941897e5&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=apps.mil&nonce=638357612201644114.96eeecde-7127-4e65-ac34-0ed9c31ad2c5&state=DYxLboMwAAWhvUt2JNgGUy9QpaaKUAVIoSAH7_yTmhYHBAYKV-vl6sU8zeaN73nes-PJ4YduvASjFxQnGEAYAhxFAERHgrXWUukgATAJIo3jgEsUBaFWRCLAFZSx775__qlf-el11LwzKR-G6Wju3WFR6aqF4U4ny61OwWHU6j5qaes-5VkVyqzA-UZWAa-gqJu1-IwXZtjQwmYvv5tZ3YpF0MsgzuQhDQHyTH4ErAZ-K2YBY8tpuQlULuxxnVtIbI6qntFyEfB35LTa851sjF4mUYMvmb3tuQGuxSB7B4jRD9vSbvoH
45 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
pod51501.office365.us/mail/group/dodiis.onmicrosoft.com/thecoolkids/ |
14 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-light.woff
res-dod.cdn.office.net/assets/mail/fonts/v1/fonts/ |
24 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-regular.woff
res-dod.cdn.office.net/assets/mail/fonts/v1/fonts/ |
34 KB 35 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-semibold.woff
res-dod.cdn.office.net/assets/mail/fonts/v1/fonts/ |
31 KB 32 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
segoeui-semilight.woff
res-dod.cdn.office.net/assets/mail/fonts/v1/fonts/ |
29 KB 29 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.mailindex.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
403 KB 160 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.ven.extframework.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
240 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.ven.graphql.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
393 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.ven.fluent.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
242 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.ven.fluentIcons.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
49 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.956337.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.342106.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.16025.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.18838.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
59 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.191538.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
30 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.309598.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.524889.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
33 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.862600.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.782831.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
28 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.436856.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.452772.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.344953.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.807402.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.348139.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.197777.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
51 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.MailBoot.m.css
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
127 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owa.MailBoot.m.js
res-dod.cdn.office.net/owamail/20231020006.27/scripts/ |
3 MB 800 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft.svg
res-dod.cdn.office.net/assets/framework/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
startupdata.ashx
pod51501.office365.us/owa/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics-ping.js
res-dod.cdn.office.net/owamail/20231020006.27/resources/ |
34 B 685 B |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authorize
login.microsoftonline.us/apps.mil/oauth2/ Redirect Chain
|
20 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
pf.events.data.microsoft.com/OneCollector/1.0/ |
0 588 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BssoInterrupt_Core_SuZwfHH8gwlE7gQ2a715Zg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
136 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
authorize
login.microsoftonline.us/apps.mil/oauth2/ |
21 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
converged.v2.login.min_ltjvsvk5aekta_kgibi0gg2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
109 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ConvergedError_Core_DQi2BEMXvNqjTvcStl7kuQ2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
344 KB 94 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ux.converged.error.strings-en.min_n8lrggxglna3se0_9oqipg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
30 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergederror_customizationloader_2f6c70bd81e8d08d2987.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
153 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check_small_48540c930333871c385fcba2c659ccdb.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close_790189870c9543725dc3f5a15fb25e46.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
270 B 355 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_564db913a7fa0ca42727161c6d031bef.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check_small_48540c930333871c385fcba2c659ccdb.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close_790189870c9543725dc3f5a15fb25e46.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
270 B 255 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
2 KB 825 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
convergederror_stringcustomizationhelper_f0f22200e8407b0cdb5c.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedError_Core boolean| __ object| Telemetry object| telemetry_webpackJsonp boolean| __convergederror_customizationloader_2f6c70bd81e8d08d2987 boolean| __convergederror_stringcustomizationhelper_f0f22200e8407b0cdb5c15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
pod51501.office365.us/ | Name: ClientId Value: 6A7BC226C1344CB7829DD75A54CFDF75 |
|
pod51501.office365.us/ | Name: OIDC Value: 1 |
|
pod51501.office365.us/ | Name: domainName Value: apps.mil |
|
pod51501.office365.us/ | Name: OpenIdConnect.nonce.v3.xEOwAFi8C2s2lRwaDN88_kwkvoV49ES6nOxMtsjj_cE Value: 638357612201644114.96eeecde-7127-4e65-ac34-0ed9c31ad2c5 |
|
pod51501.office365.us/ | Name: X-OWA-RedirectHistory Value: Ajrvj14BUhDyut3m2wg |
|
.microsoft.com/ | Name: MC1 Value: GUID=bb41c14e30564e029c324b3b45d4e627&HASH=bb41&LV=202311&V=4&LU=1700164420203 |
|
.microsoft.com/ | Name: MS0 Value: 2491a6fc97ad491db577835109c51f79 |
|
login.microsoftonline.us/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.us/ | Name: stsservicecookie Value: estsfd |
|
.login.microsoftonline.us/ | Name: AADSSO Value: NA|NoExtension |
|
login.microsoftonline.us/ | Name: SSOCOOKIEPULLED Value: 1 |
|
login.microsoftonline.us/ | Name: buid Value: 0.CwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.AQABAAEAAgAhOAwqV52nQZ3QnHiKUS5mcEK81XiqtF_6PGKAl_haJCh_xYclIhuRJ98b8CZxeViZrz05rrMOSjnQhFPE2rep6EbRklzOHmxD75Hd_2rYHgpZbUdiwPIuvx9Endf3pZAgAA |
|
.login.microsoftonline.us/ | Name: esctx-xUr36KgZwI Value: AQABAAEAAgAhOAwqV52nQZ3QnHiKUS5mBVKpuhSWlHrOjyv8VoRF26Cv3_ay0DM3Z5fPNJvPJ_JJTbsvfml4AczMRsrxA8Pegdun4pBtf3eKEOGqDFp5jh44XyrP5MCG5Ff5WuzxpqsF8RXTuKczZVTTcTHvYzdZa9szf1IClP8A0-TdJIMGayAA |
|
login.microsoftonline.us/ | Name: fpc Value: AivObxDFGGREqDh2177HynR1JoDsAQAAAEVq6NwOAAAA |
|
.login.microsoftonline.us/ | Name: esctx Value: PAQABAAEAAgAhOAwqV52nQZ3QnHiKUS5mVt2Tx_R8KplroCalTsvX48_oRVrdEpBQGa8NCSq1BOCcm_1g37zLLMJMniRueCtX_8yAoW8l8K3P95Tv58uX3NHtxxuAXZeVU1MCob9AWqdAXEpX_2anp618PoFcvRya6At2BXQoPFY7m1tdLkvHJod-4k28M5xz62EOVvIDOKggAA |
23 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net swx.cdn.skype.com 'self'; script-src 'nonce-mt5PuAg7DRkr5f3ueaBnCw==' *.res.office365.com *.fluidpreview.office.net *.cdn.office.net wss://*.delve.office.com:443 shellprod.msocdn.com amcdn.msauth.net amcdn.msftauth.net *.bing.com *.skype.com *.skypeassets.com *.delve.office.com *.cdn.office.net static.teams.microsoft.com teams.microsoft.com cdn.forms.office.net blob: 'report-sample' 'self' 'wasm-unsafe-eval' *.yammer.com; style-src *.res.office365.com *.fluidpreview.office.net *.cdn.office.net shellprod.msocdn.com *.skype.com 'self' 'report-sample' 'unsafe-inline' *.yammer.com; img-src * data: blob: filesystem: cid:; connect-src blob: data: *.res.office.com *.res.office365.com *.cdn.office.net *.services.web.outlook.com spoprod-a.akamaihd.net shellprod.msocdn.com *.bing.com *.office.net *.office.com *.office365.com *.dod.online.office365.us *.outlook.live.net *.spoppe.com *.onedrive.com substrate.office.us *.office365.us pf.pipe.aria.microsoft.com dev.virtualearth.net media.licdn.com onerm.olsvc.com *.qas.binginternal.com *.qas.bing.net wss://*.qas.bing.net:443 wss://*.platform.bing.com wss://*.botframework.com:443 wss://augloop.dod.online.office365.us wss://*.augloop.dod.online.office365.us dod-graph.microsoft.us d*.office.microsoft.com www.onenote.com *.storage.msn.com nleditor.osi.officeppe.net api.tenor.com pptservicescast.officeapps.live.com *.sharepoint.com *.sharepoint-mil.us wss://dod.loki.office365.us:443 dod.loki.office365.us web.vortex.data.microsoft.com *.events.data.microsoft.com *.oscs.protection.office365.us *.safelinks.protection.office365.us od.apps.mil attachments-dod.office365-net.us 'self' login.microsoftonline.com outlook.office365.com teams.microsoft.com *.teams.microsoft.com *.yammer.com *.svc.ms *.licdn.com o365auditrealtimeingestion.manage.officeppe.com o365auditrealtimeingestion.manage.officeppe.com:445 o365auditrealtimeingestion.manage.office.com o365auditrealtimeingestion.manage.office.com:445 files.yammerusercontent.com; base-uri pf.pipe.aria.microsoft.com 'self'; form-action *.officeapps.live.com *.sharepoint-df.com *.sharepoint.com *.odwebp.svc.ms login.microsoftonline.com od.apps.mil *.dod.online.office365.us; object-src *.office.net 'self' attachments-dod.office365-net.us; frame-ancestors 'self'; font-src data: *.res.office365.com *.fluidpreview.office.net *.cdn.office.net spoprod-a.akamaihd.net *.skype.com ms-appx-web: sharepointonline.com *.sharepointonline.com *.delve.office.com fs.microsoft.com 'self' *.yammer.com; media-src blob: *.res.office365.com *.cdn.office.net *.sharepoint-df.com *.skype.com *.office.net *.office365.net *.office365-net.us *.office.com 'self' *.yammer.com attachments-dod.office365-net.us; frame-src * data: mailto: blob:; manifest-src 'self'; worker-src 'self' blob: *.office.com; child-src 'self' blob: *.office.com; report-uri ; upgrade-insecure-requests; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msftauth.net
login.microsoftonline.us
pf.events.data.microsoft.com
pod51501.office365.us
res-dod.cdn.office.net
2001:489a:2200:548::2
2001:489a:3500:48::6
2600:141b:1c00:19::17c8:581e
2606:2800:21f:1b88:6342:f8de:86c:e98b
2620:1ec:bdf::40
52.245.136.46
0165b26bd1709b0dfee472d6572c09e9d06bc0775499990f6aa9ca32ac8e7e30
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
05a1bfab02c01fc0c870b6c12d51a76d0d70cb6129263dd763a86deb94548b94
07ec698b1036cdfbb8892f02d9510f5f671284fca9fa003b883996da040a444b
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
143d717a017b3c984a2f9002c7cbd3885205cb7a74e3bb50da53b2f76f77ed57
1a0ea89ae667420caeae29d594d53258e6ed157dab7e8dfe6f154f0054b0cf99
1a5ffa4351f1376bb2b201dc7110cf967a64a1f08c8887c79eea9db1c0681727
22d511adce8d3498f842b05df7281ce582fdc6817fe27606ecd21e72277857f3
264510057071e67c512debabde59ce953de552b0333a4891914213e3930524e2
27332e3ff8802c18556e306d6bfaa2f936689db1efba1dc7fc9ea43de81ebca9
2ccf8e0f95662c2a36d6d7a14c2481f9172c6a9a95312de1b37c006fff81a9fa
3711ba98ca34a5bc5ce6b79de62a1a2eee453f413d2123e912d1ae6b0b0c8b33
3f297da5a3a34d9f2ec41ed805ccd6bd2d711c7b36624f9edffdb589c5f535b6
502177b93dbe9413b0066ddf78602e8658b9a5b255a8a4a034cf076a4444ccef
5e01e9df61e28e86742abac18ac03b4690e769cc20a6189868dca5752f16b601
64c71c2065e451ac1e23464d89156e39f8c381f0ba8f56ddfccc2da2eea7f93c
702e945f65dcc2dc47c6a0a012e87dc0458b1520cdf14f3b9948c806c9e8c61b
765709425a5b9209e875dccf2217d3161429d2d48159fc1df7b253b77c1574f4
797bda35d13e5130fe5a14e0069c31b46ec1af6ea47f2d300309803bb4d2608c
806e93ee46c4b65ddda655220068bcbca6f65b0b2c74cc3a58eb9b0bcfc90e9b
811a0e3a506cf2715e80b8d904abeb94c767e5a730b9ef4c6ff2da8d199be54e
83227d13d34a72320045bd6cf123354019b7dbe4f4c3f5330ce00fa3dd64deb1
8358daa2520cdca1a5e2df51eed0becdfa8de3b61665528e4d9b9b7f663050cf
8d1764df6aaf8a9651e700228b001d2b3f8ef47c0750a8d87b346c3ecbd2eb39
92a77053f226a9069083a001f72a71199b6894cc275b4f50e1389ca570970121
96b2259b500096a26ec0ba5d67d0c4dcee535718be7494953ae823be6a2e535a
a5bd1269f9588405c402ab868596945a46bf19b7593c057dc0cf83963b463af1
a83e15dd25e7522fd1fac1d850abc1b3612851c84579af93635e3406591af928
b2b0bc9c8ce24c9222e4311641f4b3205d5bed668613e1220336284a4e656214
baca974e912500d33f871b452ac223aa3009d82bbd738858e9e75ded2f89bad7
c59bf03deddd5fee2363ffb0cabe59b16d8d6c9b0a6e31d8ebd277eb63a5e20f
c63a3930ec9dd26c24b4c62b83d8cf778416a0ded1d9aa83e0840a675155b71b
ce2c89ab531beb667fd622383175b9e730c5070813c048238723851d047badd5
cf9903d84fb8bf3da1935e4b92a0a5d2293b54fe1cd51be9d952cd154ae81d84
d1ba065fe841593a501a70496d94029b0cc6e46be7d6ff44c4014ebd93300d0a
ecd16cbd6210f8d47ed288a5f98f624f2a08a513d79a29d94dcc90d248e75bcf
f7869fd46fb3df86508937f479afccf436545f27130908aa70863804ecd57a20
f88aceef7846de91a575561c89d175839bdf1210e4a3963ed6c08f790bbefd5b