nihfsauth.nih.gov Open in urlscan Pro
156.40.55.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://outlook.com/owa/nihms.nih.gov/whitever
Effective URL:
https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequ...
Submission: On October 21 via manual (October 21st 2021, 2:44:32 pm UTC) from US — Scanned from DE

Summary HTTP 6 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 6 HTTP transactions. The main IP is 156.40.55.21, located in Bethesda, United States and belongs to NIH-NET, US. The main domain is nihfsauth.nih.gov.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 20th 2021. Valid for: 9 months.

This is the only time nihfsauth.nih.gov was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	40.97.128.194 40.97.128.194	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	52.98.208.82 52.98.208.82	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.190.151.132 20.190.151.132	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	165.112.15.164 165.112.15.164	3527 (NIH-NET) (NIH-NET)
4	156.40.55.21 156.40.55.21	3527 (NIH-NET) (NIH-NET)
6	3

1 40.97.128.194 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

outlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.98.208.82 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.outlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.190.151.132 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 165.112.15.164 (Bethesda, United States) 1 redirects

ASN3527 (NIH-NET, US)

sentry-iam.cit.nih.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 156.40.55.21 (Bethesda, United States)

ASN3527 (NIH-NET, US)

nihfsauth.nih.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	nih.gov 1 redirects sentry-iam.cit.nih.gov nihfsauth.nih.gov	195 KB
2	microsoftonline.com 1 redirects login.microsoftonline.com	57 KB
2	outlook.com 2 redirects outlook.com www.outlook.com	5 KB
0	googleapis.com Failed fonts.googleapis.com Failed
6	4

	Domain	Requested by
4	nihfsauth.nih.gov	login.microsoftonline.com nihfsauth.nih.gov
2	login.microsoftonline.com	1 redirects
1	sentry-iam.cit.nih.gov	1 redirects
1	www.outlook.com	1 redirects
1	outlook.com	1 redirects
0	fonts.googleapis.com Failed	nihfsauth.nih.gov
6	6

This site contains links to these domains. Also see Links.

Domain
myitsm.nih.gov
itservicedesk.nih.gov
www.nih.gov

Subject Issuer	Validity	Valid
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2021-08-27` - `2022-08-27`	a year	crt.sh
nihfsauth.nih.gov DigiCert TLS RSA SHA256 2020 CA1	`2021-04-20` - `2022-01-03`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp
Frame ID: D32723723D974BC58F7A0F00319F499C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Page URL History Show full URLs

http://outlook.com/owa/nihms.nih.gov/whitever HTTP 307
https://outlook.com/owa/nihms.nih.gov/whitever HTTP 301
https://www.outlook.com/owa/nihms.nih.gov/whitever HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... Page URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... HTTP 302
https://sentry-iam.cit.nih.gov/MobileIron/acc/99c72e41-4257-442c-816d-d41f10f05bda/idp?client-request-id=13... HTTP 302
https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsred... Page URL

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

3
IPs

1
Countries

248 kB
Transfer

341 kB
Size

13
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://myitsm.nih.gov/kb_view_customer.do?sysparm_article=KB0019105
Title: click here

Search URL Search Domain Scan URL

URL: http://itservicedesk.nih.gov/Support/
Title: HERE

Search URL Search Domain Scan URL

URL: http://www.nih.gov/
Title: www.nih.gov

Search URL Search Domain Scan URL

URL: http://www.nih.gov/about/privacy.htm
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://myitsm.nih.gov/sp
Title: NIH Service Desk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://outlook.com/owa/nihms.nih.gov/whitever HTTP 307
https://outlook.com/owa/nihms.nih.gov/whitever HTTP 301
https://www.outlook.com/owa/nihms.nih.gov/whitever HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fwww.outlook.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=nihms.nih.gov&nonce=637704242675022991.07793a13-fbc9-4301-b66a-ad8385048d82&state=DcvLEYAgDABR0DKsAQgJEigH_x7UGXWkfXPYd1utlGqlRtIgKI7EDAEDRu4BMWdvgTlT8WSWYcwmEHgzxFhMmRKlHkKaEmp5O3fV4s59Ox4r2vX6XN32d_7m-wc Page URL
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fwww.outlook.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=nihms.nih.gov&nonce=637704242675022991.07793a13-fbc9-4301-b66a-ad8385048d82&state=DcvLEYAgDABR0DKsAQgJEigH_x7UGXWkfXPYd1utlGqlRtIgKI7EDAEDRu4BMWdvgTlT8WSWYcwmEHgzxFhMmRKlHkKaEmp5O3fV4s59Ox4r2vX6XN32d_7m-wc&sso_reload=true HTTP 302
https://sentry-iam.cit.nih.gov/MobileIron/acc/99c72e41-4257-442c-816d-d41f10f05bda/idp?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0 HTTP 302
https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://outlook.com/owa/nihms.nih.gov/whitever HTTP 307
https://outlook.com/owa/nihms.nih.gov/whitever HTTP 301
https://www.outlook.com/owa/nihms.nih.gov/whitever HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fwww.outlook.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=nihms.nih.gov&nonce=637704242675022991.07793a13-fbc9-4301-b66a-ad8385048d82&state=DcvLEYAgDABR0DKsAQgJEigH_x7UGXWkfXPYd1utlGqlRtIgKI7EDAEDRu4BMWdvgTlT8WSWYcwmEHgzxFhMmRKlHkKaEmp5O3fV4s59Ox4r2vX6XN32d_7m-wc

6 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set authorize
login.microsoftonline.com/common/oauth2/
Redirect Chain

http://outlook.com/owa/nihms.nih.gov/whitever
https://outlook.com/owa/nihms.nih.gov/whitever
https://www.outlook.com/owa/nihms.nih.gov/whitever
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fwww.outlook.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0000000...

147 KB
53 KB

389ms
113ms

Document
text/html

20.190.151.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fwww.outlook.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=nihms.nih.gov&nonce=637704242675022991.07793a13-fbc9-4301-b66a-ad8385048d82&state=DcvLEYAgDABR0DKsAQgJEigH_x7UGXWkfXPYd1utlGqlRtIgKI7EDAEDRu4BMWdvgTlT8WSWYcwmEHgzxFhMmRKlHkKaEmp5O3fV4s59Ox4r2vX6XN32d_7m-wc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.151.132 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Host: login.microsoftonline.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: baba10e7-73bc-4572-89f1-02e1098b1401
x-ms-ests-server: 2.1.12108.11 - EUS ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+est"}]}
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: fpc=AtWvQNRwEjlKtzHe1k9-Epk; expires=Sat, 20-Nov-2021 14:44:27 GMT; path=/; secure; HttpOnly; SameSite=None x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Thu, 21 Oct 2021 14:44:27 GMT
Content-Length: 53729

Redirect headers

Content-Length: 837
Content-Type: text/html; charset=utf-8
Location: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fwww.outlook.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=nihms.nih.gov&nonce=637704242675022991.07793a13-fbc9-4301-b66a-ad8385048d82&state=DcvLEYAgDABR0DKsAQgJEigH_x7UGXWkfXPYd1utlGqlRtIgKI7EDAEDRu4BMWdvgTlT8WSWYcwmEHgzxFhMmRKlHkKaEmp5O3fV4s59Ox4r2vX6XN32d_7m-wc
Server: Microsoft-IIS/10.0
request-id: 135aeeb9-e320-3601-424a-1e6bcb2006f4
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-CalculatedFETarget: VI1PR06CU004.internal.outlook.com
X-BackEndHttpStatus: 302 302
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Set-Cookie: ClientId=74FA8E50DE3D4A3DB122AA58D9370079; expires=Fri, 21-Oct-2022 14:44:27 GMT; path=/;SameSite=None; secure ClientId=74FA8E50DE3D4A3DB122AA58D9370079; expires=Fri, 21-Oct-2022 14:44:27 GMT; path=/;SameSite=None; secure OIDC=1; expires=Thu, 21-Apr-2022 14:44:27 GMT; path=/;SameSite=None; secure; HttpOnly domainName=nihms.nih.gov; path=/;SameSite=None; secure; HttpOnly RoutingKeyCookie=; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.token.v1=; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.token.v1=; domain=www.outlook.com; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.id_token.v1=; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.code.v1=; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.idp_nonce.v1=; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.idp_correlation_id=; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.tokenPostPath=; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.id_token.v1=; domain=www.outlook.com; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.code.v1=; domain=www.outlook.com; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.idp_nonce.v1=; domain=www.outlook.com; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.idp_correlation_id=; domain=www.outlook.com; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.tokenPostPath=; domain=www.outlook.com; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OpenIdConnect.nonce.v3.CtfaYacC6FZzoDfnUX8geOibgAxih3Fb-aqcLQ4phzM=637704242675022991.07793a13-fbc9-4301-b66a-ad8385048d82; expires=Thu, 21-Oct-2021 15:44:27 GMT; path=/;SameSite=None; secure; HttpOnly HostSwitchPrg=; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure OptInPrg=; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure SuiteServiceProxyKey=; expires=Mon, 21-Oct-1991 14:44:27 GMT; path=/; secure
X-FEProxyInfo: VI1PR06CA0145.EURPRD06.PROD.OUTLOOK.COM
X-CalculatedBETarget: VE1PR06MB6174.eurprd06.prod.outlook.com
X-RUM-Validated: 1
X-Content-Type-Options: nosniff
X-BeSku: WCS5
X-OWA-DiagnosticsInfo: 1;0;0
X-IIDs: 0
X-BackEnd-Begin: 2021-10-21T14:44:27.501
X-BackEnd-End: 2021-10-21T14:44:27.503
X-DiagInfo: VE1PR06MB6174
X-BEServer: VE1PR06MB6174
X-UA-Compatible: IE=EmulateIE7
X-Proxy-RoutingCorrectness: 1
X-Proxy-BackendServerStatus: 302
X-FEServer: VI1PR06CA0145 AS9PR06CA0116
Report-To: {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=DHR"}],"include_subdomains":true}
NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
Date: Thu, 21 Oct 2021 14:44:26 GMT

GET
H/1.1

200
OK

Primary Request / Show response
nihfsauth.nih.gov/adfs/ls/
Redirect Chain

https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fwww.outlook.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-0000000...
https://sentry-iam.cit.nih.gov/MobileIron/acc/99c72e41-4257-442c-816d-d41f10f05bda/idp?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicr...
https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B...

48 KB
48 KB

780ms
150ms

Document
text/html

156.40.55.21
NIH-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp

Requested by

Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fwww.outlook.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=nihms.nih.gov&nonce=637704242675022991.07793a13-fbc9-4301-b66a-ad8385048d82&state=DcvLEYAgDABR0DKsAQgJEigH_x7UGXWkfXPYd1utlGqlRtIgKI7EDAEDRu4BMWdvgTlT8WSWYcwmEHgzxFhMmRKlHkKaEmp5O3fV4s59Ox4r2vX6XN32d_7m-wc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.40.55.21 Bethesda, United States, ASN3527 (NIH-NET, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

ab8162e8eb56dee07aa4dfb875ceaae6439b8ae5adf24db15eaffbdb2bcc7f3a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: nihfsauth.nih.gov
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://login.microsoftonline.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fwww.outlook.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=1&msaredir=1&client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=nihms.nih.gov&nonce=637704242675022991.07793a13-fbc9-4301-b66a-ad8385048d82&state=DcvLEYAgDABR0DKsAQgJEigH_x7UGXWkfXPYd1utlGqlRtIgKI7EDAEDRu4BMWdvgTlT8WSWYcwmEHgzxFhMmRKlHkKaEmp5O3fV4s59Ox4r2vX6XN32d_7m-wc

Response headers

Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Length: 48799
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age = 31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
X-Frame-Options: DENY
Date: Thu, 21 Oct 2021 14:44:30 GMT

Redirect headers

Connection: close
Cache-control: no-cache, no-store
Pragma: no-cache
Content-Encoding: UTF-8
Location: https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK style.css
nihfsauth.nih.gov/adfs/portal/css/ 21 KB
22 KB 246ms
119ms Stylesheet
text/css 156.40.55.21
NIH-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://nihfsauth.nih.gov/adfs/portal/css/style.css?id=8FDE9DDD63B88A35BF479B20C16D9B600824758EED57F0AFEC8CD6B42D2CF5DA

Requested by

Host: nihfsauth.nih.gov
URL: https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.40.55.21 Bethesda, United States, ASN3527 (NIH-NET, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

37ed531af4d36fcd81c7227dd552802fed0221dd159fa8d0687d310ad5483ee5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nihfsauth.nih.gov
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age = 31536000
X-Content-Type-Options: nosniff
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: 8FDE9DDD63B88A35BF479B20C16D9B600824758EED57F0AFEC8CD6B42D2CF5DA
Content-Type: text/css
Date: Thu, 21 Oct 2021 14:44:31 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Content-Length: 21602
X-XSS-Protection: 1; mode=block
Expires: Sat, 20 Nov 2021 15:44:31 GMT

GET
H/1.1 200
OK logo.png
nihfsauth.nih.gov/adfs/portal/logo/ 14 KB
15 KB 475ms
236ms Image
image/png 156.40.55.21
NIH-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nihfsauth.nih.gov/adfs/portal/logo/logo.png?id=C2B1D4585E0D1BC5E227CCDCD68F924F23BCD5D084648F774AD82ED172AA41E4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.40.55.21 Bethesda, United States, ASN3527 (NIH-NET, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

c2b1d4585e0d1bc5e227ccdcd68f924f23bcd5d084648f774ad82ed172aa41e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nihfsauth.nih.gov
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age = 31536000
X-Content-Type-Options: nosniff
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: C2B1D4585E0D1BC5E227CCDCD68F924F23BCD5D084648F774AD82ED172AA41E4
Content-Type: image/png
Date: Thu, 21 Oct 2021 14:44:31 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Content-Length: 14679
X-XSS-Protection: 1; mode=block
Expires: Sat, 20 Nov 2021 15:44:31 GMT

GET css2
fonts.googleapis.com/ 0
0

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a26533ae425bfd7f89f7b3b517ead714a5a79a44e28d05a103f9b8204f7b809

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 323 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a914e9556879fe0765e6a45eae910940a06a3321277e845479917659778fc610

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 407 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de05c4427071792155dabce4c8c1124cdf5ee2ff0580c496859c6484bd7b7fa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK illustration.png
nihfsauth.nih.gov/adfs/portal/illustration/ 109 KB
110 KB 124ms
124ms Image
image/png 156.40.55.21
NIH-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nihfsauth.nih.gov/adfs/portal/illustration/illustration.png?id=F96510FA7FE7677ECCFFBCB60B54383FD126AB89478D2C834FBB36203CABF92F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.40.55.21 Bethesda, United States, ASN3527 (NIH-NET, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

f96510fa7fe7677eccffbcb60b54383fd126ab89478d2c834fbb36203cabf92f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nihfsauth.nih.gov
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age = 31536000
X-Content-Type-Options: nosniff
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: F96510FA7FE7677ECCFFBCB60B54383FD126AB89478D2C834FBB36203CABF92F
Content-Type: image/png
Date: Thu, 21 Oct 2021 14:44:31 GMT
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Content-Length: 111879
X-XSS-Protection: 1; mode=block
Expires: Sat, 20 Nov 2021 15:44:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.outlook.com/	1970-01-20 06:52:43	Name: ClientId Value: 74FA8E50DE3D4A3DB122AA58D9370079
www.outlook.com/	1970-01-20 02:29:12	Name: OIDC Value: 1
www.outlook.com/	1969-12-31 23:59:59	Name: domainName Value: nihms.nih.gov
www.outlook.com/	1970-01-19 22:07:11	Name: OpenIdConnect.nonce.v3.CtfaYacC6FZzoDfnUX8geOibgAxih3Fb-aqcLQ4phzM Value: 637704242675022991.07793a13-fbc9-4301-b66a-ad8385048d82
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-19 22:07:07	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-19 22:50:19	Name: buid Value: 0.AQ4AMe_N-B6jSkuT5F9XHpElWgIAAAAAAPEPzgAAAAAAAAABAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrGiA4s5OzZUtFFWdu4QfoGo2OVSGK37iEZiUOJC88R_ZfifyuLEGtNd2N-1q6p8jZ5ERtEd7zWM63lBpA-TAHlWZHCre4F4ICsrnbsl-L7XIgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: ESTSWCTXFLOWTOKEN Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevrzW9SDW5peBrJINBJUEoLh-op0mPfJHNvH0OZl3RGb3kFhxyy9L8NUyuBavl89ackrqbObFPWL9Opm4z02e-2juVoMQ7NZ3Xfbb0lp5oq3rGYJDxWD8lM2j7TFKDgZ_1ydpVIEiAiIpsG229DfKRWukFreKxFSk2-n8r46VU7M5_TbUro3GNmlgaO8i3qvymmJv1aPM5O89beAUw9k_tDIM61KV5SgtW-lNwaHEfHa4iFiH_dFGtQ5eJRCCUuCi2XfB2D1O5RScUwcGOJcTq5X-U2yIk51vyZvrhOnch-cmC0ldTvcxtOM-uxFve9x841P9eLY0D7L57SSNORFs3Y-p9lb_nbBqBkQOQPzuf7tOcMx_zdM8Ri7OQKREjEaatwnRGGU_a2xs3Gd-SE_1X8sJqNx_tmOGwRkf7I-EFWb2E8YsPsZ4LKWd-sEhDUqd-UnLYbf4vIYk8p4aKs5CT8Q8DcU-Y-506j9phegbBKyObnefStY-K8e_R1xqrWrZtgMFvvlBgquESXViZB7GqJSSAA
login.microsoftonline.com/	1970-01-19 22:50:19	Name: fpc Value: AtWvQNRwEjlKtzHe1k9-EpmerOTJAQAAAMtzA9kOAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7Wevrrd4WFsjRTRS-0XRrBRPTyyArpwmga6fh5t58YfuCPY7pRt2HGCDEsejjoGNTstW6YNoHl228CLN1T7-jAeySZeoaUMvHTh8HoRnyTBgnnBsD61-gSCxzKrcTAXKqBiGCyO36TpcDpnnpwbN4oqfp2LAVZ5_CP_PLlybwXWl7I6cgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: cltm Value: CgAQABoAIgQIDBAF

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://nihfsauth.nih.gov/adfs/ls/?client-request-id=135aeeb9-e320-3601-424a-1e6bcb2006f4&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2Rv4_SYACG-1HoAedV9BwcjCHGSVPo97W0pYlDOQocP-REELgFSwstgVJsC0X8B3S7xeVGRybjYPQmR3MuLC43NXHw4nAxxsFRiIuT8R2evOOb572DwwQUb9N_gqgNKbrfh5Ta27S_Yl-Nxt5fHO7GvwAuU7w5_BQnfh6DnfHAMJ3Emgndmi3BDcN1J46YTHqel7Cm7siyhgnVMpOWpyTfAbAC4ByAZYDnGJ6nWcQijk_RCKXTMEHzfJpRIEP1u2qaYhkaUl2OUyhFExghRbOCJqCzwOWqNHUNtIFlDxa9H4FI37LNzsRy3GP8WVadleW2pGelTI3OlhzpgV6UB3qhM-cb-VZz2G8dtDW4HpZ_Mqq5-3ppn5ezkpytTdlMpanN9PqoLjQfNtuqZ8oFfTHPGRWzVhoVhiVFNiepKtN_xDqpdHXO2mjW4lr3GaR1eJPy1CX-XyLf4MRaiGmNT3HCmvTGA20VBH4QfAteonExHI7GsOtYHPsVBK9Ca-e7V5TPbz-WK68vvkqPX77ATkPJsfI05Rrzu7Y-nRtdu53JSsqe7C3y9WFu4dgO3yiWKzl6xlqNe0iERwQ4IogTIhLGY9gtfO8AnhPgOwGeb2EnkX8edha9hmgEKUhTCMYhK7KsiITD1Tb4sIP5JPDJgE_iPhn0yZBPEj655ZNhn4z4ZNQnt38D0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp# Message: Refused to load the stylesheet 'https://fonts.googleapis.com/css2?family=Roboto&display=swap' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'style-src-elem' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
login.microsoftonline.com
nihfsauth.nih.gov
outlook.com
sentry-iam.cit.nih.gov
www.outlook.com
fonts.googleapis.com
156.40.55.21
165.112.15.164
20.190.151.132
40.97.128.194
52.98.208.82
0a26533ae425bfd7f89f7b3b517ead714a5a79a44e28d05a103f9b8204f7b809
37ed531af4d36fcd81c7227dd552802fed0221dd159fa8d0687d310ad5483ee5
a914e9556879fe0765e6a45eae910940a06a3321277e845479917659778fc610
ab8162e8eb56dee07aa4dfb875ceaae6439b8ae5adf24db15eaffbdb2bcc7f3a
c2b1d4585e0d1bc5e227ccdcd68f924f23bcd5d084648f774ad82ed172aa41e4
de05c4427071792155dabce4c8c1124cdf5ee2ff0580c496859c6484bd7b7fa2
f96510fa7fe7677eccffbcb60b54383fd126ab89478d2c834fbb36203cabf92f

nihfsauth.nih.gov Open in urlscan Pro 156.40.55.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

3 IPs

1 Countries

248 kBTransfer

341 kBSize

13 Cookies

5 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

13 Cookies

1 Console Messages

Security Headers

Indicators

nihfsauth.nih.gov Open in urlscan Pro
156.40.55.21 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

3
IPs

1
Countries

248 kB
Transfer

341 kB
Size

13
Cookies

6 HTTP transactions
3 data transactions