urlscan.io logo urlscan.io
SecurityTrails logo

sts1.auth.ecuf.deas.mil Open in urlscan Pro
52.243.152.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sharepoint.jstars.dev/
Effective URL: https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=dc6099a0-4083-0000-1700-30bbb79cce24&username=&wa=wsignin1.0&wtrealm=...
Submission: On February 24 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 5 HTTP transactions. The main IP is 52.243.152.201, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is sts1.auth.ecuf.deas.mil. The Cisco Umbrella rank of the primary domain is 129557.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on July 8th 2022. Valid for: a year.
This is the only time sts1.auth.ecuf.deas.mil was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a00:1450:400... 15169 (GOOGLE)
3 3 20.34.12.53 8070 (MICROSOFT...)
1 2 52.126.195.33 8070 (MICROSOFT...)
2 52.243.152.201 8075 (MICROSOFT...)
2 52.227.5.10 ()
5 3
1    2a00:1450:400d:80a::2013 (Ireland)

ASN15169 (GOOGLE, US)
sharepoint.jstars.dev
3    20.34.12.53 (Des Moines, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
usaf.dps.mil
2    52.126.195.33 (San Antonio, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.us
2    52.243.152.201 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sts1.auth.ecuf.deas.mil
2    52.227.5.10 (None, )

ASN- ()
public.content.deas.ecs.mil
Apex Domain
Subdomains		 Transfer
3 dps.mil
usaf.dps.mil — Cisco Umbrella Rank: 381800
5 KB
2 ecs.mil
public.content.deas.ecs.mil
21 KB
2 deas.mil
sts1.auth.ecuf.deas.mil — Cisco Umbrella Rank: 129557
59 KB
2 microsoftonline.us
login.microsoftonline.us — Cisco Umbrella Rank: 13046
58 KB
1 jstars.dev
sharepoint.jstars.dev
136 B
5 5
Domain Requested by
3 usaf.dps.mil 3 redirects
2 public.content.deas.ecs.mil sts1.auth.ecuf.deas.mil
2 sts1.auth.ecuf.deas.mil login.microsoftonline.us
sts1.auth.ecuf.deas.mil
2 login.microsoftonline.us 1 redirects
1 sharepoint.jstars.dev 1 redirects
5 5

This site contains links to these domains. Also see Links.

Domain
go.apps.deas.mil
Subject Issuer Validity Valid
login.microsoftonline.us
DigiCert SHA2 Secure Server CA		 2022-12-06 -
2023-12-06		 a year crt.sh
sts1.auth.ecuf.deas.mil
GeoTrust TLS RSA CA G1		 2022-07-08 -
2023-07-08		 a year crt.sh
public.content.deas.ecs.mil
R3		 2023-01-08 -
2023-04-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=dc6099a0-4083-0000-1700-30bbb79cce24&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAAjZG_axNhHMbvzaVnElsNXSxOIhlEudz7fd-7vO8FCr65yymIjS7FdLDeez9IIM2vS9riqItjV4tD0cng5FKpi4tLhpJNLP4BIgjiVHDxgotjnuHhy4fv8PA8N1UoQ7WE_4nqc9dxHIMeRPPrPw1XC8Wjl0--Pb-tKFcU_PH41WnpEOXHSdmPyzvtzgTdaI1G_aRqGOMkRWE_mWNjO-4NdxIjjGJ_3BmV_aS__wGhGULfEZpkBgyocE0gdRcox4xYmFUIc12LMcf2sPAohZrpUHCtCiY2003qCMvxhFcRxAbTrtgp5oywWsUDgZlHhbAsy4U6sW1MmU24awrAxLVrdeKYZ5nLDTEetcjcesP20-h3Jj_PuN3vJaNDNdtw8d5EXaiT92qJp_kk8FAnIU_D8SjWfWqlFnAOPJKxLc2pqvX6UbcdzrLoR3YZq9VcrlBU1pRrynkWvV5Km0WTY7dpvLn3Nvvn3eOrm8p0ybi_tStrdGMzbuBbd2q7g73kYTd6FLYJ25DWsNWsN2OedGB_sCXWeRUONHSgaSdaPqcWleuq8wB-aejFBeUkv_Aus4vobBkK-aAnh343bIerJQAZcsypzlmEdROkpUvJuI5lYNKA-zzi_rOVhd4-rSjnl2ZH069fTj__vPsX0
Frame ID: 5D6B3E8681AE25C1D653A3E6D7F77371
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden

Page URL History Show full URLs

  1. http://sharepoint.jstars.dev/ HTTP 307
    https://sharepoint.jstars.dev/ HTTP 302
    https://usaf.dps.mil/sites/JSTARS/ HTTP 302
    https://usaf.dps.mil/sites/JSTARS/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FJSTARS%2F HTTP 302
    https://usaf.dps.mil/_forms/default.aspx?ReturnUrl=%2fsites%2fJSTARS%2f_layouts%2f15%2fAuthentica... HTTP 302
    https://login.microsoftonline.us/8331b18d-2d87-48ef-a35f-ac8818ebf9b4/oauth2/authorize?client%5Fid=00000003%2... Page URL
  2. https://login.microsoftonline.us/8331b18d-2d87-48ef-a35f-ac8818ebf9b4/oauth2/authorize?client%5Fid=00000003%2... HTTP 302
    https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=dc6099a0-4083-0000-1700-30bbb79cce24&username=&wa... Page URL

Page Statistics

5
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

134 kB
Transfer

238 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sharepoint.jstars.dev/ HTTP 307
    https://sharepoint.jstars.dev/ HTTP 302
    https://usaf.dps.mil/sites/JSTARS/ HTTP 302
    https://usaf.dps.mil/sites/JSTARS/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FJSTARS%2F HTTP 302
    https://usaf.dps.mil/_forms/default.aspx?ReturnUrl=%2fsites%2fJSTARS%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FJSTARS%252F&Source=cookie HTTP 302
    https://login.microsoftonline.us/8331b18d-2d87-48ef-a35f-ac8818ebf9b4/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=713AD412ED138072507627DD577C9F0AF331B4C31D560297%2D43CA5CFAF6A29149690298727B6F1A07F3AA555D1E299037928D4A102D9BE2C4&redirect%5Furi=https%3A%2F%2Fusaf%2Edps%2Emil%2F%5Fforms%2Fdefault%2Easpx&domain%5Fhint=us%2Eaf%2Emil&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc6099a0%2D4083%2D0000%2D1700%2D30bbb79cce24 Page URL
  2. https://login.microsoftonline.us/8331b18d-2d87-48ef-a35f-ac8818ebf9b4/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=713AD412ED138072507627DD577C9F0AF331B4C31D560297%2D43CA5CFAF6A29149690298727B6F1A07F3AA555D1E299037928D4A102D9BE2C4&redirect%5Furi=https%3A%2F%2Fusaf%2Edps%2Emil%2F%5Fforms%2Fdefault%2Easpx&domain%5Fhint=us%2Eaf%2Emil&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc6099a0%2D4083%2D0000%2D1700%2D30bbb79cce24&sso_reload=true HTTP 302
    https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=dc6099a0-4083-0000-1700-30bbb79cce24&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAAjZG_axNhHMbvzaVnElsNXSxOIhlEudz7fd-7vO8FCr65yymIjS7FdLDeez9IIM2vS9riqItjV4tD0cng5FKpi4tLhpJNLP4BIgjiVHDxgotjnuHhy4fv8PA8N1UoQ7WE_4nqc9dxHIMeRPPrPw1XC8Wjl0--Pb-tKFcU_PH41WnpEOXHSdmPyzvtzgTdaI1G_aRqGOMkRWE_mWNjO-4NdxIjjGJ_3BmV_aS__wGhGULfEZpkBgyocE0gdRcox4xYmFUIc12LMcf2sPAohZrpUHCtCiY2003qCMvxhFcRxAbTrtgp5oywWsUDgZlHhbAsy4U6sW1MmU24awrAxLVrdeKYZ5nLDTEetcjcesP20-h3Jj_PuN3vJaNDNdtw8d5EXaiT92qJp_kk8FAnIU_D8SjWfWqlFnAOPJKxLc2pqvX6UbcdzrLoR3YZq9VcrlBU1pRrynkWvV5Km0WTY7dpvLn3Nvvn3eOrm8p0ybi_tStrdGMzbuBbd2q7g73kYTd6FLYJ25DWsNWsN2OedGB_sCXWeRUONHSgaSdaPqcWleuq8wB-aejFBeUkv_Aus4vobBkK-aAnh343bIerJQAZcsypzlmEdROkpUvJuI5lYNKA-zzi_rOVhd4-rSjnl2ZH069fTj__vPsX0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sharepoint.jstars.dev/ HTTP 307
  • https://sharepoint.jstars.dev/ HTTP 302
  • https://usaf.dps.mil/sites/JSTARS/ HTTP 302
  • https://usaf.dps.mil/sites/JSTARS/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FJSTARS%2F HTTP 302
  • https://usaf.dps.mil/_forms/default.aspx?ReturnUrl=%2fsites%2fJSTARS%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FJSTARS%252F&Source=cookie HTTP 302
  • https://login.microsoftonline.us/8331b18d-2d87-48ef-a35f-ac8818ebf9b4/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=713AD412ED138072507627DD577C9F0AF331B4C31D560297%2D43CA5CFAF6A29149690298727B6F1A07F3AA555D1E299037928D4A102D9BE2C4&redirect%5Furi=https%3A%2F%2Fusaf%2Edps%2Emil%2F%5Fforms%2Fdefault%2Easpx&domain%5Fhint=us%2Eaf%2Emil&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc6099a0%2D4083%2D0000%2D1700%2D30bbb79cce24

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
authorize
login.microsoftonline.us/8331b18d-2d87-48ef-a35f-ac8818ebf9b4/oauth2/
Redirect Chain
  • http://sharepoint.jstars.dev/
  • https://sharepoint.jstars.dev/
  • https://usaf.dps.mil/sites/JSTARS/
  • https://usaf.dps.mil/sites/JSTARS/_layouts/15/Authenticate.aspx?Source=%2Fsites%2FJSTARS%2F
  • https://usaf.dps.mil/_forms/default.aspx?ReturnUrl=%2fsites%2fJSTARS%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252Fsites%252FJSTARS%252F&Source=cookie
  • https://login.microsoftonline.us/8331b18d-2d87-48ef-a35f-ac8818ebf9b4/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id...
152 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/8331b18d-2d87-48ef-a35f-ac8818ebf9b4/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=713AD412ED138072507627DD577C9F0AF331B4C31D560297%2D43CA5CFAF6A29149690298727B6F1A07F3AA555D1E299037928D4A102D9BE2C4&redirect%5Furi=https%3A%2F%2Fusaf%2Edps%2Emil%2F%5Fforms%2Fdefault%2Easpx&domain%5Fhint=us%2Eaf%2Emil&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc6099a0%2D4083%2D0000%2D1700%2D30bbb79cce24
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.126.195.33 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
71108d6d851e4477c0bc80ed1cb104e6d54f02207e25fcf474e00a5310dab96d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55316
Content-Type
text/html; charset=utf-8
Date
Fri, 24 Feb 2023 14:43:22 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
x-ms-ests-server
2.1.14649.20 - USGAZLR1 ProdSlices
x-ms-request-id
40d35cb4-6c1f-4e8a-96b8-201457905c00

Redirect headers

Cache-Control
no-cache, no-store
Content-Length
899
Content-Type
text/html; charset=utf-8
Date
Fri, 24 Feb 2023 14:43:22 GMT
Expires
-1
Include-Referred-Token-Binding-ID
true
Location
https://login.microsoftonline.us:443/8331b18d-2d87-48ef-a35f-ac8818ebf9b4/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=713AD412ED138072507627DD577C9F0AF331B4C31D560297%2D43CA5CFAF6A29149690298727B6F1A07F3AA555D1E299037928D4A102D9BE2C4&redirect%5Furi=https%3A%2F%2Fusaf%2Edps%2Emil%2F%5Fforms%2Fdefault%2Easpx&domain%5Fhint=us%2Eaf%2Emil&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc6099a0%2D4083%2D0000%2D1700%2D30bbb79cce24
MS-CV
oJlg3INAAAAXADC7t5zOJA.0
MicrosoftSharePointTeamServices
16.0.0.23408
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Pragma
no-cache
SPIisLatency
0
SPRequestDuration
49
SPRequestGuid
dc6099a0-4083-0000-1700-30bbb79cce24
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000
X-1DSCollectorUrl
https://noam.events.data.microsoft.com/OneCollector/1.0/
X-AriaCollectorURL
https://us.pipe.aria.microsoft.com/Collector/3.0/
X-AspNet-Version
4.0.30319
X-Content-Type-Options
nosniff
X-DataBoundary
NONE
X-MS-InvokeApp
1; RequireReadOnly
X-NetworkStatistics
0,64256,0,0,797,0,27564
X-Powered-By
ASP.NET
X-SharePointHealthScore
3
request-id
dc6099a0-4083-0000-1700-30bbb79cce24
Primary Request /
sts1.auth.ecuf.deas.mil/adfs/ls/
Redirect Chain
  • https://login.microsoftonline.us/8331b18d-2d87-48ef-a35f-ac8818ebf9b4/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id...
  • https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=dc6099a0-4083-0000-1700-30bbb79cce24&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.micr...
27 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=dc6099a0-4083-0000-1700-30bbb79cce24&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAAjZG_axNhHMbvzaVnElsNXSxOIhlEudz7fd-7vO8FCr65yymIjS7FdLDeez9IIM2vS9riqItjV4tD0cng5FKpi4tLhpJNLP4BIgjiVHDxgotjnuHhy4fv8PA8N1UoQ7WE_4nqc9dxHIMeRPPrPw1XC8Wjl0--Pb-tKFcU_PH41WnpEOXHSdmPyzvtzgTdaI1G_aRqGOMkRWE_mWNjO-4NdxIjjGJ_3BmV_aS__wGhGULfEZpkBgyocE0gdRcox4xYmFUIc12LMcf2sPAohZrpUHCtCiY2003qCMvxhFcRxAbTrtgp5oywWsUDgZlHhbAsy4U6sW1MmU24awrAxLVrdeKYZ5nLDTEetcjcesP20-h3Jj_PuN3vJaNDNdtw8d5EXaiT92qJp_kk8FAnIU_D8SjWfWqlFnAOPJKxLc2pqvX6UbcdzrLoR3YZq9VcrlBU1pRrynkWvV5Km0WTY7dpvLn3Nvvn3eOrm8p0ybi_tStrdGMzbuBbd2q7g73kYTd6FLYJ25DWsNWsN2OedGB_sCXWeRUONHSgaSdaPqcWleuq8wB-aejFBeUkv_Aus4vobBkK-aAnh343bIerJQAZcsypzlmEdROkpUvJuI5lYNKA-zzi_rOVhd4-rSjnl2ZH069fTj__vPsX0
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/8331b18d-2d87-48ef-a35f-ac8818ebf9b4/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=713AD412ED138072507627DD577C9F0AF331B4C31D560297%2D43CA5CFAF6A29149690298727B6F1A07F3AA555D1E299037928D4A102D9BE2C4&redirect%5Furi=https%3A%2F%2Fusaf%2Edps%2Emil%2F%5Fforms%2Fdefault%2Easpx&domain%5Fhint=us%2Eaf%2Emil&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc6099a0%2D4083%2D0000%2D1700%2D30bbb79cce24
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.243.152.201 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
50e1ff3a4936a5d6db9d71f54c6a37b5f02d520cd862c597d4b5cdd64f62cfc2
Security Headers
Name Value
Content-Security-Policy default-src *.mil 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.microsoftonline.us/8331b18d-2d87-48ef-a35f-ac8818ebf9b4/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=713AD412ED138072507627DD577C9F0AF331B4C31D560297%2D43CA5CFAF6A29149690298727B6F1A07F3AA555D1E299037928D4A102D9BE2C4&redirect%5Furi=https%3A%2F%2Fusaf%2Edps%2Emil%2F%5Fforms%2Fdefault%2Easpx&domain%5Fhint=us%2Eaf%2Emil&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=dc6099a0%2D4083%2D0000%2D1700%2D30bbb79cce24
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
27608
Content-Security-Policy
default-src *.mil 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Fri, 24 Feb 2023 14:43:24 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
835
Content-Type
text/html; charset=utf-8
Date
Fri, 24 Feb 2023 14:43:22 GMT
Expires
-1
Location
https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=dc6099a0-4083-0000-1700-30bbb79cce24&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAAjZG_axNhHMbvzaVnElsNXSxOIhlEudz7fd-7vO8FCr65yymIjS7FdLDeez9IIM2vS9riqItjV4tD0cng5FKpi4tLhpJNLP4BIgjiVHDxgotjnuHhy4fv8PA8N1UoQ7WE_4nqc9dxHIMeRPPrPw1XC8Wjl0--Pb-tKFcU_PH41WnpEOXHSdmPyzvtzgTdaI1G_aRqGOMkRWE_mWNjO-4NdxIjjGJ_3BmV_aS__wGhGULfEZpkBgyocE0gdRcox4xYmFUIc12LMcf2sPAohZrpUHCtCiY2003qCMvxhFcRxAbTrtgp5oywWsUDgZlHhbAsy4U6sW1MmU24awrAxLVrdeKYZ5nLDTEetcjcesP20-h3Jj_PuN3vJaNDNdtw8d5EXaiT92qJp_kk8FAnIU_D8SjWfWqlFnAOPJKxLc2pqvX6UbcdzrLoR3YZq9VcrlBU1pRrynkWvV5Km0WTY7dpvLn3Nvvn3eOrm8p0ybi_tStrdGMzbuBbd2q7g73kYTd6FLYJ25DWsNWsN2OedGB_sCXWeRUONHSgaSdaPqcWleuq8wB-aejFBeUkv_Aus4vobBkK-aAnh343bIerJQAZcsypzlmEdROkpUvJuI5lYNKA-zzi_rOVhd4-rSjnl2ZH069fTj__vPsX0#
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
x-ms-ests-server
2.1.14649.20 - USGTX ProdSlices
x-ms-request-id
44b7aa01-2f59-4ba3-a904-fbac5e1a5600
style.css
sts1.auth.ecuf.deas.mil/adfs/portal/css/ 		31 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sts1.auth.ecuf.deas.mil/adfs/portal/css/style.css?id=0122222CA84D68720510063DF97ED4C9CBDF5FDB6140ACE36595772D07B2D09A
Requested by
Host: sts1.auth.ecuf.deas.mil
URL: https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=dc6099a0-4083-0000-1700-30bbb79cce24&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAAjZG_axNhHMbvzaVnElsNXSxOIhlEudz7fd-7vO8FCr65yymIjS7FdLDeez9IIM2vS9riqItjV4tD0cng5FKpi4tLhpJNLP4BIgjiVHDxgotjnuHhy4fv8PA8N1UoQ7WE_4nqc9dxHIMeRPPrPw1XC8Wjl0--Pb-tKFcU_PH41WnpEOXHSdmPyzvtzgTdaI1G_aRqGOMkRWE_mWNjO-4NdxIjjGJ_3BmV_aS__wGhGULfEZpkBgyocE0gdRcox4xYmFUIc12LMcf2sPAohZrpUHCtCiY2003qCMvxhFcRxAbTrtgp5oywWsUDgZlHhbAsy4U6sW1MmU24awrAxLVrdeKYZ5nLDTEetcjcesP20-h3Jj_PuN3vJaNDNdtw8d5EXaiT92qJp_kk8FAnIU_D8SjWfWqlFnAOPJKxLc2pqvX6UbcdzrLoR3YZq9VcrlBU1pRrynkWvV5Km0WTY7dpvLn3Nvvn3eOrm8p0ybi_tStrdGMzbuBbd2q7g73kYTd6FLYJ25DWsNWsN2OedGB_sCXWeRUONHSgaSdaPqcWleuq8wB-aejFBeUkv_Aus4vobBkK-aAnh343bIerJQAZcsypzlmEdROkpUvJuI5lYNKA-zzi_rOVhd4-rSjnl2ZH069fTj__vPsX0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.243.152.201 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83aa2a3a9678e4b5124a6bb1d876011b2a1c9a28d2beb0dab59b98f6109510ab
Security Headers
Name Value
Content-Security-Policy default-src *.mil 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=dc6099a0-4083-0000-1700-30bbb79cce24&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAAjZG_axNhHMbvzaVnElsNXSxOIhlEudz7fd-7vO8FCr65yymIjS7FdLDeez9IIM2vS9riqItjV4tD0cng5FKpi4tLhpJNLP4BIgjiVHDxgotjnuHhy4fv8PA8N1UoQ7WE_4nqc9dxHIMeRPPrPw1XC8Wjl0--Pb-tKFcU_PH41WnpEOXHSdmPyzvtzgTdaI1G_aRqGOMkRWE_mWNjO-4NdxIjjGJ_3BmV_aS__wGhGULfEZpkBgyocE0gdRcox4xYmFUIc12LMcf2sPAohZrpUHCtCiY2003qCMvxhFcRxAbTrtgp5oywWsUDgZlHhbAsy4U6sW1MmU24awrAxLVrdeKYZ5nLDTEetcjcesP20-h3Jj_PuN3vJaNDNdtw8d5EXaiT92qJp_kk8FAnIU_D8SjWfWqlFnAOPJKxLc2pqvX6UbcdzrLoR3YZq9VcrlBU1pRrynkWvV5Km0WTY7dpvLn3Nvvn3eOrm8p0ybi_tStrdGMzbuBbd2q7g73kYTd6FLYJ25DWsNWsN2OedGB_sCXWeRUONHSgaSdaPqcWleuq8wB-aejFBeUkv_Aus4vobBkK-aAnh343bIerJQAZcsypzlmEdROkpUvJuI5lYNKA-zzi_rOVhd4-rSjnl2ZH069fTj__vPsX0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src *.mil 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data: blob: 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Fri, 24 Feb 2023 14:43:25 GMT
ETag
0122222CA84D68720510063DF97ED4C9CBDF5FDB6140ACE36595772D07B2D09A
Content-Type
text/css
Content-Length
31343
X-XSS-Protection
1; mode=block
Expires
Sun, 26 Mar 2023 14:43:25 GMT
primary-illustration.jpg
public.content.deas.ecs.mil/content/adfs/ecuf1/img/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public.content.deas.ecs.mil/content/adfs/ecuf1/img/primary-illustration.jpg
Requested by
Host: sts1.auth.ecuf.deas.mil
URL: https://sts1.auth.ecuf.deas.mil/adfs/portal/css/style.css?id=0122222CA84D68720510063DF97ED4C9CBDF5FDB6140ACE36595772D07B2D09A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.227.5.10 -, , ASN (),
Reverse DNS
Software
deas-geoaks1-ing1-aps1-npm3.geo.aps.svc.deas.enc.usgovdod.mil. / ECS-MIL
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sts1.auth.ecuf.deas.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:43:27 GMT
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
last-modified
Wed, 30 Nov 2022 17:31:29 GMT
server
deas-geoaks1-ing1-aps1-npm3.geo.aps.svc.deas.enc.usgovdod.mil.
etag
"63879371-30001"
x-powered-by
ECS-MIL
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
196609
x-xss-protection
1; mode=block
x-served-by
public.content.deas.ecs.mil
primary-logo.png
public.content.deas.ecs.mil/content/adfs/shared/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public.content.deas.ecs.mil/content/adfs/shared/img/primary-logo.png
Requested by
Host: sts1.auth.ecuf.deas.mil
URL: https://sts1.auth.ecuf.deas.mil/adfs/ls/?client-request-id=dc6099a0-4083-0000-1700-30bbb79cce24&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3amicrosoftonline.us&wreply=https%3a%2f%2flogin.microsoftonline.us%2flogin.srf&wctx=estsredirect%3d5%26estsrequest%3drQQIARAAjZG_axNhHMbvzaVnElsNXSxOIhlEudz7fd-7vO8FCr65yymIjS7FdLDeez9IIM2vS9riqItjV4tD0cng5FKpi4tLhpJNLP4BIgjiVHDxgotjnuHhy4fv8PA8N1UoQ7WE_4nqc9dxHIMeRPPrPw1XC8Wjl0--Pb-tKFcU_PH41WnpEOXHSdmPyzvtzgTdaI1G_aRqGOMkRWE_mWNjO-4NdxIjjGJ_3BmV_aS__wGhGULfEZpkBgyocE0gdRcox4xYmFUIc12LMcf2sPAohZrpUHCtCiY2003qCMvxhFcRxAbTrtgp5oywWsUDgZlHhbAsy4U6sW1MmU24awrAxLVrdeKYZ5nLDTEetcjcesP20-h3Jj_PuN3vJaNDNdtw8d5EXaiT92qJp_kk8FAnIU_D8SjWfWqlFnAOPJKxLc2pqvX6UbcdzrLoR3YZq9VcrlBU1pRrynkWvV5Km0WTY7dpvLn3Nvvn3eOrm8p0ybi_tStrdGMzbuBbd2q7g73kYTd6FLYJ25DWsNWsN2OedGB_sCXWeRUONHSgaSdaPqcWleuq8wB-aejFBeUkv_Aus4vobBkK-aAnh343bIerJQAZcsypzlmEdROkpUvJuI5lYNKA-zzi_rOVhd4-rSjnl2ZH069fTj__vPsX0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.227.5.10 -, , ASN (),
Reverse DNS
Software
deas-geoaks1-ing1-aps1-npm3.geo.aps.svc.deas.enc.usgovdod.mil. / ECS-MIL
Resource Hash
d151510809ba97ed0f390da4ca9a62223cc3be44c22ed2138c96e6e9417dad07
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sts1.auth.ecuf.deas.mil/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 14:43:27 GMT
strict-transport-security
max-age=63072000; preload
x-content-type-options
nosniff
last-modified
Wed, 30 Nov 2022 17:31:29 GMT
server
deas-geoaks1-ing1-aps1-npm3.geo.aps.svc.deas.enc.usgovdod.mil.
etag
"63879371-52ee"
x-powered-by
ECS-MIL
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
21230
x-xss-protection
1; mode=block
x-served-by
public.content.deas.ecs.mil

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration object| loginMessage function| UpdatePlaceholders function| customfavicon undefined| strADCPName undefined| listAllSpanForIdp number| inc object| listAllIdpImg

10 Cookies

Domain/Path Name / Value
usaf.dps.mil/ Name: nSGt-713AD412ED138072507627DD577C9F0AF331B4C31D560297
Value: gYEwQzlGQjhGQTEwMjk4NUVGQTcxNjlBODM4RUQ2MTE4M0FDQTNEQ0U5MjY1RDQ4OTI1MDcxM0FENDEyRUQxMzgwNzI1MDc2MjdERDU3N0M5RjBBRjMzMUI0QzMxRDU2MDI5NxIxMzMyMTcyNDAwMjMwNzk5MDQMdXNhZi5kcHMubWlsZFMmXDauZM5jL0/1Gtxl3ZOmsSeVOMXKmkX5DERS4AOhqLwHlqI+4nrYYdMla7EMTBt7qsQ5fEDM81rJUS2egRqPVpBVt5xY/kmigou6Gn+9awcp02Cv2rKN6kXQXHQ0xj1qH4vhNRtEIxAU33g9sdX8u8dTRAtqcyshEJSmsIYFswUUFm50WECdC7i7f+iiy0kPiVOgjs8QoxudWJ+2iST8WykU+JkH/3qiaul3yiJzsxYRp+J9swOxPdwfg5MylXX7D++9xmX4X+F6S3WBFVojdXgqwOvTfAecyqfXHselVtfb0IZJXkO6TSskSr/do4xv3206ySbF9vP+rReIxYQAAAA=
usaf.dps.mil/ Name: RpsContextCookie
Value: U291cmNlPSUyRnNpdGVzJTJGSlNUQVJTJTJGJlByZXZpb3VzUmVxdWVzdENvcnJlbGF0aW9uSWQ9ZGM2MDk5YTAlMkQ0MDgzJTJEMDAwMCUyRDE3MDAlMkQzMGJiYjc5Y2NlMjQmUmV0dXJuVXJsPSUyRnNpdGVzJTJGSlNUQVJTJTJGJTVGbGF5b3V0cyUyRjE1JTJGQXV0aGVudGljYXRlJTJFYXNweCUzRlNvdXJjZSUzRCUyNTJGc2l0ZXMlMjUyRkpTVEFSUyUyNTJG
login.microsoftonline.us/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.us/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.us/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.us/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.us/ Name: buid
Value: 0.AQMAjbExg4ct70ijX6yIGOv5tAMAAAAAAPEPzgAAAAAAAAACAAA.AQABAAEAAgBXxJ9NxOLiQKGXj-vdb8BdYBku0-YJb67PGJuQIXGiyduVrHRQ8WugDP0VX3yeIa-3GBz1IyuG4gwwkJcdOmXobz6duydyQSkg-VBJx_alVxM22of_3nwgrspKZOmk_jggAA
.login.microsoftonline.us/ Name: ESTSWCTXFLOWTOKEN
Value: AQABAAEAAgBXxJ9NxOLiQKGXj-vdb8BdplP8LiQviY7zCQKMgBjChvlaHfRplX0MxsZMXF-Fx0JlwxUyUV2bqCVMFl1JBT0aGz0Lnumh0YGDq3eCgpMwAoHvtJKXvS_F2qbztSjbm_xE6iAZ5wFH3648nHsihSqNDXB7ufUJKiTr9atkBM1JI2xuwToE8xplUfGlr2Mqfprf7Fi23FtD8nYbFo9Wir9o6wMjZ5kbDvJalt3hzznwJfJQB60ImudCuCVHmJJhnIF5Uvs-p7j05yUhihbY3mi-wBBN84F0Spl7zOI2jehvsxu63l-6LCKAs__UhBjaKb6wxZiIsQbw0mDFyhzqOZmDk60yCTrEpr6ijcq0ciRiu8yGR-0WGnIAkS7o9Ad1rWHnh7665zN4yhIGoxADiYiF8FlB427kOqvH8BMj0RtqilFgQTg8Ea3Jc0gTkZuZf6XgKL6mLa8PU4o1ddHNo-OrQydjTunKptHVueIrRoq5laYXwaNeozczrWHkyf_n__EZP2qn0Eju_WCm9SKf3demuoudFjda0xWvtGmMlqL8xsKSGC5NJ1AAm74gosPWI-tIl5UH9_xSnomXqW6VWQ1WIAA
login.microsoftonline.us/ Name: fpc
Value: Ar90wSStz2dDgjMfU6LKtWgDIwHbAQAAAArEitsOAAAA
.login.microsoftonline.us/ Name: esctx
Value: PAQABAAEAAgBXxJ9NxOLiQKGXj-vdb8BdjlVUfzyrLy7thIvQeRdSP8wPuLq7lnmw09fRTrE0_bO5IvSOgo1sDcxse29vu_quBMCcry2y5Zdy3Pf5UDkWhReev0DXVxby-7mP4TKqHLiO2NEbDU38e0SKpPlnTgyoZROjPX01guW6XnKKLkgB60cGn2QQ_IpQ-vq493gIET0gAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0