sts1.auth.ecuf.deas.mil

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 5 HTTP transactions. The main IP is 52.244.37.227, located in Phoenix, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is sts1.auth.ecuf.deas.mil. The Cisco Umbrella rank of the primary domain is 218869.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on June 27th 2024. Valid for: a year.

This is the only time sts1.auth.ecuf.deas.mil was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	40.66.31.162 40.66.31.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	52.126.194.134 52.126.194.134	8070 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	52.244.37.227 52.244.37.227	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.227.5.10 52.227.5.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2

1 40.66.31.162 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

webmail.apps.mil	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.126.194.134 (Phoenix, United States) 1 redirects

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.244.37.227 (Phoenix, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sts1.auth.ecuf.deas.mil	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.227.5.10 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

public.content.deas.ecs.mil	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	deas.mil sts1.auth.ecuf.deas.mil — Cisco Umbrella Rank: 218869	173 KB
2	ecs.mil public.content.deas.ecs.mil — Cisco Umbrella Rank: 606670	23 KB
1	microsoftonline.us 1 redirects login.microsoftonline.us — Cisco Umbrella Rank: 10956	2 KB
1	apps.mil 1 redirects webmail.apps.mil — Cisco Umbrella Rank: 87262	4 KB
5	4

	Domain	Requested by
3	sts1.auth.ecuf.deas.mil	sts1.auth.ecuf.deas.mil
2	public.content.deas.ecs.mil	sts1.auth.ecuf.deas.mil
1	login.microsoftonline.us	1 redirects
1	webmail.apps.mil	1 redirects
5	4

This site contains links to these domains. Also see Links.

Domain
go.mil
go.deas.mil

Subject Issuer	Validity	Valid
sts1.auth.ecuf.deas.mil GeoTrust TLS RSA CA G1	`2024-06-27` - `2025-07-12`	a year	crt.sh
public.content.deas.ecs.mil E6	`2024-10-02` - `2024-12-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=a6741036-8420-3af4-24db-874a07e19e66&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLgEzgZJlCi1frFRut3uxP5yXNouRIzcxM0cvNzNnFaNsRklJQbGVvn55ahJYNLGgoBgkpZ9fnqi_g5HxAiPjKiZzM2MLM1MTc0NLMzNjc0NzC3MTPSMTA5OUFGMjXbOk1DRdk2QDQ12LJOMU3WSj5LSkZGNL82Qjk1tM_P6OpSUZRiAivyizKvUTE2daflFufEF-ccks5hyX5BIfl3zHdBdHpyADnzAPk5SyxPI89_RgV0_n5NQ8w6g0t1w_w_yClHBzj4IyI__IfC9XP2MfzyBfZydXM38_Mx9Xw0zPpEKDciNvl8qosETXxExL58LA8GCfwvgw89L4yIKkqNBK84qycqdVzEQF2SZmePCcYmbLL0jNy0y5wML4ioXJgOMHC-MiVmCQLorxX5R267rfxOMmwtt_mTKcYtUPzjI2cAwuTYoM8igMMsg2D3IO9gmNdDQMTXIO8I0Kc_FzjzTTL4kM8dCPtLW0MpzAxjiBjW0XGycHswCDErNzgOELNsYPbIwd7Ay7OPFHygVuxls8JlxsyTmJmbnFQlrVSpkp8SX52al5SlbVShW5xfHJySBWWWJOaWqxklW0EtB0pdja2toDvAw_-N527jx7fdHedx4bBBgA0
Frame ID: 316FF757780F0EB1BD4A82846C24CB93
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

כניסה

Page URL History Show full URLs

https://webmail.apps.mil/owa/mail.mil. HTTP 302
https://login.microsoftonline.us/mail.mil/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&red... HTTP 302
https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=a6741036-8420-3af4-24db-874a07e19e66&username=&wa... Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

196 kB
Transfer

193 kB
Size

11
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://go.mil/tac
Title: Information Systems User Agreement

Search URL Search Domain Scan URL

URL: https://go.mil/dod
Title: DoD Home

Search URL Search Domain Scan URL

URL: https://go.mil/privacy
Title: DEAS Privacy

Search URL Search Domain Scan URL

URL: https://go.deas.mil/help
Title: Sign-In Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://webmail.apps.mil/owa/mail.mil. HTTP 302
https://login.microsoftonline.us/mail.mil/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fwebmail.apps.mil%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&msaredir=0&client-request-id=a6741036-8420-3af4-24db-874a07e19e66&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=mail.mil&nonce=638654719663717874.2404dd32-6bef-4c01-8b3d-c2cfbc397c24&state=DctLDoAgDABR0LVH4dvawnGgSEICcen1ZfFmN1opdW7Hpv2OYoJEN3LIRMCBE6ON6LE1iIbq0w2KDyZVaEai9CqQWSLq_V7u_YpbZUy7xvwB HTTP 302
https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=a6741036-8420-3af4-24db-874a07e19e66&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLgEzgZJlCi1frFRut3uxP5yXNouRIzcxM0cvNzNnFaNsRklJQbGVvn55ahJYNLGgoBgkpZ9fnqi_g5HxAiPjKiZzM2MLM1MTc0NLMzNjc0NzC3MTPSMTA5OUFGMjXbOk1DRdk2QDQ12LJOMU3WSj5LSkZGNL82Qjk1tM_P6OpSUZRiAivyizKvUTE2daflFufEF-ccks5hyX5BIfl3zHdBdHpyADnzAPk5SyxPI89_RgV0_n5NQ8w6g0t1w_w_yClHBzj4IyI__IfC9XP2MfzyBfZydXM38_Mx9Xw0zPpEKDciNvl8qosETXxExL58LA8GCfwvgw89L4yIKkqNBK84qycqdVzEQF2SZmePCcYmbLL0jNy0y5wML4ioXJgOMHC-MiVmCQLorxX5R267rfxOMmwtt_mTKcYtUPzjI2cAwuTYoM8igMMsg2D3IO9gmNdDQMTXIO8I0Kc_FzjzTTL4kM8dCPtLW0MpzAxjiBjW0XGycHswCDErNzgOELNsYPbIwd7Ay7OPFHygVuxls8JlxsyTmJmbnFQlrVSpkp8SX52al5SlbVShW5xfHJySBWWWJOaWqxklW0EtB0pdja2toDvAw_-N527jx7fdHedx4bBBgA0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
sts1.auth.ecuf.deas.mil/adfs/ls/
Redirect Chain

https://webmail.apps.mil/owa/mail.mil.
https://login.microsoftonline.us/mail.mil/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2fwebmail.apps.mil%2fowa%2f&resource=00000002-0000-0ff1-ce00-00000...
https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=a6741036-8420-3af4-24db-874a07e19e66&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.micr...

27 KB
28 KB

2914ms
555ms

Document
text/html

52.244.37.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=a6741036-8420-3af4-24db-874a07e19e66&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLgEzgZJlCi1frFRut3uxP5yXNouRIzcxM0cvNzNnFaNsRklJQbGVvn55ahJYNLGgoBgkpZ9fnqi_g5HxAiPjKiZzM2MLM1MTc0NLMzNjc0NzC3MTPSMTA5OUFGMjXbOk1DRdk2QDQ12LJOMU3WSj5LSkZGNL82Qjk1tM_P6OpSUZRiAivyizKvUTE2daflFufEF-ccks5hyX5BIfl3zHdBdHpyADnzAPk5SyxPI89_RgV0_n5NQ8w6g0t1w_w_yClHBzj4IyI__IfC9XP2MfzyBfZydXM38_Mx9Xw0zPpEKDciNvl8qosETXxExL58LA8GCfwvgw89L4yIKkqNBK84qycqdVzEQF2SZmePCcYmbLL0jNy0y5wML4ioXJgOMHC-MiVmCQLorxX5R267rfxOMmwtt_mTKcYtUPzjI2cAwuTYoM8igMMsg2D3IO9gmNdDQMTXIO8I0Kc_FzjzTTL4kM8dCPtLW0MpzAxjiBjW0XGycHswCDErNzgOELNsYPbIwd7Ay7OPFHygVuxls8JlxsyTmJmbnFQlrVSpkp8SX52al5SlbVShW5xfHJySBWWWJOaWqxklW0EtB0pdja2toDvAw_-N527jx7fdHedx4bBBgA0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.37.227 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

b76202b1f7d19d7e49142615354992b34e2bd96353cbafafcdab0d63616e1f5b

Security Headers

Name	Value
Content-Security-Policy	default-src .mil 'self' 'unsafe-inline' 'unsafe-eval'; img-src data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache,no-store
Content-Length: 27653
Content-Security-Policy: default-src *.mil 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline';
Content-Type: text/html; charset=utf-8
Date: Fri, 25 Oct 2024 16:52:58 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 846
Content-Type: text/html; charset=utf-8
Date: Fri, 25 Oct 2024 16:52:56 GMT
Expires: -1
Location: https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=a6741036-8420-3af4-24db-874a07e19e66&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLgEzgZJlCi1frFRut3uxP5yXNouRIzcxM0cvNzNnFaNsRklJQbGVvn55ahJYNLGgoBgkpZ9fnqi_g5HxAiPjKiZzM2MLM1MTc0NLMzNjc0NzC3MTPSMTA5OUFGMjXbOk1DRdk2QDQ12LJOMU3WSj5LSkZGNL82Qjk1tM_P6OpSUZRiAivyizKvUTE2daflFufEF-ccks5hyX5BIfl3zHdBdHpyADnzAPk5SyxPI89_RgV0_n5NQ8w6g0t1w_w_yClHBzj4IyI__IfC9XP2MfzyBfZydXM38_Mx9Xw0zPpEKDciNvl8qosETXxExL58LA8GCfwvgw89L4yIKkqNBK84qycqdVzEQF2SZmePCcYmbLL0jNy0y5wML4ioXJgOMHC-MiVmCQLorxX5R267rfxOMmwtt_mTKcYtUPzjI2cAwuTYoM8igMMsg2D3IO9gmNdDQMTXIO8I0Kc_FzjzTTL4kM8dCPtLW0MpzAxjiBjW0XGycHswCDErNzgOELNsYPbIwd7Ay7OPFHygVuxls8JlxsyTmJmbnFQlrVSpkp8SX52al5SlbVShW5xfHJySBWWWJOaWqxklW0EtB0pdja2toDvAw_-N527jx7fdHedx4bBBgA0#
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
x-ms-ests-server: 2.1.19184.6 - USGTX ProdSlices
x-ms-request-id: a24f5ca2-da66-4ed7-91c7-3413b7fa3500

GET
H/1.1 200
OK style.rtl.css
sts1.auth.ecuf.deas.mil/adfs/portal/css/ 30 KB
31 KB 325ms
323ms Stylesheet
text/css 52.244.37.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sts1.auth.ecuf.deas.mil/adfs/portal/css/style.rtl.css?id=63F65FCCEDD0B2E7C3C0BF37F3A5877B0C3B24FF3BAF7849D1DE67EC515B773C

Requested by

Host: sts1.auth.ecuf.deas.mil
URL: https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=a6741036-8420-3af4-24db-874a07e19e66&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLgEzgZJlCi1frFRut3uxP5yXNouRIzcxM0cvNzNnFaNsRklJQbGVvn55ahJYNLGgoBgkpZ9fnqi_g5HxAiPjKiZzM2MLM1MTc0NLMzNjc0NzC3MTPSMTA5OUFGMjXbOk1DRdk2QDQ12LJOMU3WSj5LSkZGNL82Qjk1tM_P6OpSUZRiAivyizKvUTE2daflFufEF-ccks5hyX5BIfl3zHdBdHpyADnzAPk5SyxPI89_RgV0_n5NQ8w6g0t1w_w_yClHBzj4IyI__IfC9XP2MfzyBfZydXM38_Mx9Xw0zPpEKDciNvl8qosETXxExL58LA8GCfwvgw89L4yIKkqNBK84qycqdVzEQF2SZmePCcYmbLL0jNy0y5wML4ioXJgOMHC-MiVmCQLorxX5R267rfxOMmwtt_mTKcYtUPzjI2cAwuTYoM8igMMsg2D3IO9gmNdDQMTXIO8I0Kc_FzjzTTL4kM8dCPtLW0MpzAxjiBjW0XGycHswCDErNzgOELNsYPbIwd7Ay7OPFHygVuxls8JlxsyTmJmbnFQlrVSpkp8SX52al5SlbVShW5xfHJySBWWWJOaWqxklW0EtB0pdja2toDvAw_-N527jx7fdHedx4bBBgA0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.37.227 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

63f65fccedd0b2e7c3c0bf37f3a5877b0c3b24ff3baf7849d1de67ec515b773c

Security Headers

Name	Value
Content-Security-Policy	default-src .mil 'self' 'unsafe-inline' 'unsafe-eval'; img-src data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=a6741036-8420-3af4-24db-874a07e19e66&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLgEzgZJlCi1frFRut3uxP5yXNouRIzcxM0cvNzNnFaNsRklJQbGVvn55ahJYNLGgoBgkpZ9fnqi_g5HxAiPjKiZzM2MLM1MTc0NLMzNjc0NzC3MTPSMTA5OUFGMjXbOk1DRdk2QDQ12LJOMU3WSj5LSkZGNL82Qjk1tM_P6OpSUZRiAivyizKvUTE2daflFufEF-ccks5hyX5BIfl3zHdBdHpyADnzAPk5SyxPI89_RgV0_n5NQ8w6g0t1w_w_yClHBzj4IyI__IfC9XP2MfzyBfZydXM38_Mx9Xw0zPpEKDciNvl8qosETXxExL58LA8GCfwvgw89L4yIKkqNBK84qycqdVzEQF2SZmePCcYmbLL0jNy0y5wML4ioXJgOMHC-MiVmCQLorxX5R267rfxOMmwtt_mTKcYtUPzjI2cAwuTYoM8igMMsg2D3IO9gmNdDQMTXIO8I0Kc_FzjzTTL4kM8dCPtLW0MpzAxjiBjW0XGycHswCDErNzgOELNsYPbIwd7Ay7OPFHygVuxls8JlxsyTmJmbnFQlrVSpkp8SX52al5SlbVShW5xfHJySBWWWJOaWqxklW0EtB0pdja2toDvAw_-N527jx7fdHedx4bBBgA0

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *.mil 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline';
ETag: 63F65FCCEDD0B2E7C3C0BF37F3A5877B0C3B24FF3BAF7849D1DE67EC515B773C
X-Content-Type-Options: nosniff
Expires: Sun, 24 Nov 2024 16:52:59 GMT
Content-Length: 31202
X-XSS-Protection: 1; mode=block
Date: Fri, 25 Oct 2024 16:52:59 GMT
Content-Type: text/css
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0

GET
H2 200 primary-logo.png
public.content.deas.ecs.mil/content/adfs/shared/img/ 21 KB
21 KB 1802ms
226ms Image
image/png 52.227.5.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public.content.deas.ecs.mil/content/adfs/shared/img/primary-logo.png

Requested by

Host: sts1.auth.ecuf.deas.mil
URL: https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=a6741036-8420-3af4-24db-874a07e19e66&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLgEzgZJlCi1frFRut3uxP5yXNouRIzcxM0cvNzNnFaNsRklJQbGVvn55ahJYNLGgoBgkpZ9fnqi_g5HxAiPjKiZzM2MLM1MTc0NLMzNjc0NzC3MTPSMTA5OUFGMjXbOk1DRdk2QDQ12LJOMU3WSj5LSkZGNL82Qjk1tM_P6OpSUZRiAivyizKvUTE2daflFufEF-ccks5hyX5BIfl3zHdBdHpyADnzAPk5SyxPI89_RgV0_n5NQ8w6g0t1w_w_yClHBzj4IyI__IfC9XP2MfzyBfZydXM38_Mx9Xw0zPpEKDciNvl8qosETXxExL58LA8GCfwvgw89L4yIKkqNBK84qycqdVzEQF2SZmePCcYmbLL0jNy0y5wML4ioXJgOMHC-MiVmCQLorxX5R267rfxOMmwtt_mTKcYtUPzjI2cAwuTYoM8igMMsg2D3IO9gmNdDQMTXIO8I0Kc_FzjzTTL4kM8dCPtLW0MpzAxjiBjW0XGycHswCDErNzgOELNsYPbIwd7Ay7OPFHygVuxls8JlxsyTmJmbnFQlrVSpkp8SX52al5SlbVShW5xfHJySBWWWJOaWqxklW0EtB0pdja2toDvAw_-N527jx7fdHedx4bBBgA0

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

52.227.5.10 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

deas-geoaks1-ing1-aps1-npm3.geo.aps.svc.deas.enc.usgovdod.mil. / ECS-MIL

Resource Hash

d151510809ba97ed0f390da4ca9a62223cc3be44c22ed2138c96e6e9417dad07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://sts1.auth.ecuf.deas.mil/

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; preload
x-served-by: public.content.deas.ecs.mil
etag: "66eb2f39-52ee"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 21230
date: Fri, 25 Oct 2024 16:53:01 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 18 Sep 2024 19:51:21 GMT
server: deas-geoaks1-ing1-aps1-npm3.geo.aps.svc.deas.enc.usgovdod.mil.
x-powered-by: ECS-MIL

GET
H/1.1 200
OK illustration.png
sts1.auth.ecuf.deas.mil/adfs/portal/illustration/ 114 KB
114 KB 329ms
328ms Image
image/png 52.244.37.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sts1.auth.ecuf.deas.mil/adfs/portal/illustration/illustration.png?id=183128A3C941EDE3D9199FA37D6AA90E0A7DFE101B37D10B4FEDA0CF35E11AFD

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.244.37.227 Phoenix, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

183128a3c941ede3d9199fa37d6aa90e0a7dfe101b37d10b4feda0cf35e11afd

Security Headers

Name	Value
Content-Security-Policy	default-src .mil 'self' 'unsafe-inline' 'unsafe-eval'; img-src data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=a6741036-8420-3af4-24db-874a07e19e66&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAA02I21DO0UjGAACNdEKlrkJZmqJucCmIhgSIhLgEzgZJlCi1frFRut3uxP5yXNouRIzcxM0cvNzNnFaNsRklJQbGVvn55ahJYNLGgoBgkpZ9fnqi_g5HxAiPjKiZzM2MLM1MTc0NLMzNjc0NzC3MTPSMTA5OUFGMjXbOk1DRdk2QDQ12LJOMU3WSj5LSkZGNL82Qjk1tM_P6OpSUZRiAivyizKvUTE2daflFufEF-ccks5hyX5BIfl3zHdBdHpyADnzAPk5SyxPI89_RgV0_n5NQ8w6g0t1w_w_yClHBzj4IyI__IfC9XP2MfzyBfZydXM38_Mx9Xw0zPpEKDciNvl8qosETXxExL58LA8GCfwvgw89L4yIKkqNBK84qycqdVzEQF2SZmePCcYmbLL0jNy0y5wML4ioXJgOMHC-MiVmCQLorxX5R267rfxOMmwtt_mTKcYtUPzjI2cAwuTYoM8igMMsg2D3IO9gmNdDQMTXIO8I0Kc_FzjzTTL4kM8dCPtLW0MpzAxjiBjW0XGycHswCDErNzgOELNsYPbIwd7Ay7OPFHygVuxls8JlxsyTmJmbnFQlrVSpkp8SX52al5SlbVShW5xfHJySBWWWJOaWqxklW0EtB0pdja2toDvAw_-N527jx7fdHedx4bBBgA0

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src *.mil 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline';
ETag: 183128A3C941EDE3D9199FA37D6AA90E0A7DFE101B37D10B4FEDA0CF35E11AFD
X-Content-Type-Options: nosniff
Expires: Sun, 24 Nov 2024 16:53:02 GMT
Content-Length: 116699
X-XSS-Protection: 1; mode=block
Date: Fri, 25 Oct 2024 16:53:01 GMT
Content-Type: image/png
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0

GET
H2 200 primary-favicon.ico
public.content.deas.ecs.mil/content/adfs/shared/img/ 1 KB
1 KB 218ms
218ms Other
image/x-icon 52.227.5.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://public.content.deas.ecs.mil/content/adfs/shared/img/primary-favicon.ico

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

52.227.5.10 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

deas-geoaks1-ing1-aps1-npm3.geo.aps.svc.deas.enc.usgovdod.mil. / ECS-MIL

Resource Hash

08819a92d8ceaba489c28f1915139f1132a28654afc62b1fe2ecd662a246c875

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://sts1.auth.ecuf.deas.mil/

Response headers

x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; preload
x-served-by: public.content.deas.ecs.mil
etag: "66eb2f39-47e"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1150
date: Fri, 25 Oct 2024 16:53:02 GMT
x-xss-protection: 1; mode=block
content-type: image/x-icon
last-modified: Wed, 18 Sep 2024 19:51:21 GMT
server: deas-geoaks1-ing1-aps1-npm3.geo.aps.svc.deas.enc.usgovdod.mil.
x-powered-by: ECS-MIL

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
webmail.apps.mil/	1970-01-21 09:16:51	Name: ClientId Value: 92DD56E7CED643CFB141AE8937A6B0A5
webmail.apps.mil/	1970-01-21 04:53:19	Name: OIDC Value: 1
webmail.apps.mil/	1969-12-31 23:59:59	Name: domainName Value: mail.mil
webmail.apps.mil/	1970-01-21 00:31:18	Name: OpenIdConnect.nonce.v3.E-mpvEvtTF3HKgYnP6HZdDDql69fpdI95CxGEdVSYSk Value: 638654719663717874.2404dd32-6bef-4c01-8b3d-c2cfbc397c24
webmail.apps.mil/	1970-01-21 00:31:36	Name: X-OWA-RedirectHistory Value: AsGGx7AB8r2ucxX13Ag
login.microsoftonline.us/	1970-01-21 01:14:27	Name: buid Value: 0.CwMAkQEtEK7uYUexyxqD6G70RQIAAAAAAPEPzgAAAAAAAAABAAA.AQABGgEAAgCibIjnWF5rTpMPoBPbM9j3nTiDM0GCXHRPVlh5DH88LNlIDZIllX3a_RGkM3-2EbEta0iaEhohP_FtwJMnVEbHpNFv5-WBuzK4BFj4FBdBOTVXMCxpp8j7MYcjIPg3U5ogAA
login.microsoftonline.us/	1970-01-21 01:14:27	Name: fpc Value: AqGpxWmOS0dLjrQhHjznZGZ9-q-0AQAAAOfDrd4OAAAA
.login.microsoftonline.us/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAgCibIjnWF5rTpMPoBPbM9j39GMMjdHCsB47VLoHv6MIFhmGDd5gtGkyf-452FvGJHWRrxCT3rYZKGeBGiJcaYlVf0XAA5JLXqNJyWpwLfEBZ-SkEg6BjDFPbw6CUGUr3BiYfvNvBknCYaXthl8fthviOr40FLWsLzT7M4ZUbwY2kLCRIsGVBl6r01gLS0eW7IwgAA
.login.microsoftonline.us/	1969-12-31 23:59:59	Name: cltm Value: CgAQABoAIgQIDBAF
login.microsoftonline.us/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.us/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src .mil 'self' 'unsafe-inline' 'unsafe-eval'; img-src data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.microsoftonline.us
public.content.deas.ecs.mil
sts1.auth.ecuf.deas.mil
webmail.apps.mil
40.66.31.162
52.126.194.134
52.227.5.10
52.244.37.227
08819a92d8ceaba489c28f1915139f1132a28654afc62b1fe2ecd662a246c875
183128a3c941ede3d9199fa37d6aa90e0a7dfe101b37d10b4feda0cf35e11afd
63f65fccedd0b2e7c3c0bf37f3a5877b0c3b24ff3baf7849d1de67ec515b773c
b76202b1f7d19d7e49142615354992b34e2bd96353cbafafcdab0d63616e1f5b
d151510809ba97ed0f390da4ca9a62223cc3be44c22ed2138c96e6e9417dad07

sts1.auth.ecuf.deas.mil Open in urlscan Pro 52.244.37.227 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

2 IPs

1 Countries

196 kBTransfer

193 kBSize

11 Cookies

4 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

11 Cookies

Security Headers

Indicators

sts1.auth.ecuf.deas.mil Open in urlscan Pro
52.244.37.227 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

196 kB
Transfer

193 kB
Size

11
Cookies

5 HTTP transactions
0 data transactions