urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.us Open in urlscan Pro
52.126.195.7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://security.microsoft.us.mcas-df-gov.us/
Effective URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_t...
Submission: On March 06 via automatic, source ayashige — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 11 HTTP transactions. The main IP is 52.126.195.7, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.us. The Cisco Umbrella rank of the primary domain is 13046.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 6th 2022. Valid for: a year.
This is the only time login.microsoftonline.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.72.27.219 8075 (MICROSOFT...)
3 2600:141b:e80... 20940 (AKAMAI-ASN1)
1 1 52.227.182.149 8075 (MICROSOFT...)
2 52.126.195.7 8070 (MICROSOFT...)
1 2620:1ec:4e:1... ()
3 2001:489a:340... ()
11 6
1    13.72.27.219 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
security.microsoft.us.mcas-df-gov.us
3    2600:141b:e800:29::1721:2cda (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
mcasproxy.azureedge.net
1    52.227.182.149 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
security.microsoft.us
2    52.126.195.7 (San Antonio, United States)

ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.us
1    2620:1ec:4e:1::40 (None, )

ASN- ()
aadcdn.msauth.net
3    2001:489a:3403::5e0 (None, )

ASN- ()
aadcdn.msftauth.us
Apex Domain
Subdomains		 Transfer
3 msftauth.us
aadcdn.msftauth.us Failed
49 KB
3 azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 33368
44 KB
2 microsoftonline.us
login.microsoftonline.us — Cisco Umbrella Rank: 13046
106 KB
1 msauth.net
aadcdn.msauth.net
112 KB
1 microsoft.us
security.microsoft.us — Cisco Umbrella Rank: 266779
1 KB
1 mcas-df-gov.us
security.microsoft.us.mcas-df-gov.us
894 B
11 6
Domain Requested by
3 aadcdn.msftauth.us login.microsoftonline.us
3 mcasproxy.azureedge.net security.microsoft.us.mcas-df-gov.us
mcasproxy.azureedge.net
2 login.microsoftonline.us login.microsoftonline.us
1 aadcdn.msauth.net login.microsoftonline.us
1 security.microsoft.us 1 redirects
1 security.microsoft.us.mcas-df-gov.us
11 6

This site contains no links.

Subject Issuer Validity Valid
*.microsoft.us.mcas-gov.us
DigiCert SHA2 Secure Server CA		 2022-11-24 -
2023-11-24		 a year crt.sh
*.azureedge.net
Microsoft Azure ECC TLS Issuing CA 01		 2022-07-27 -
2023-07-22		 a year crt.sh
login.microsoftonline.us
DigiCert SHA2 Secure Server CA		 2022-12-06 -
2023-12-06		 a year crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2023-01-27 -
2024-01-27		 a year crt.sh
aadcdn.msftauth.us
DigiCert SHA2 Secure Server CA		 2022-12-20 -
2023-12-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0&sso_reload=true
Frame ID: B9C7DB7B17F69EFCB262EB31958C5243
Requests: 9 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.29.15/html/session-context-restore.html
Frame ID: 6C1A1C082D3D9415A3579FD5F2A491E5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://security.microsoft.us.mcas-df-gov.us/ Page URL
  2. https://security.microsoft.us/ HTTP 302
    https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&respo... Page URL
  3. https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&respo... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

91 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

312 kB
Transfer

933 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://security.microsoft.us.mcas-df-gov.us/ Page URL
  2. https://security.microsoft.us/ HTTP 302
    https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0 Page URL
  3. https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://security.microsoft.us/ HTTP 302
  • https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
security.microsoft.us.mcas-df-gov.us/ 		1 KB
894 B 		Document
General
Check archive.org
Download Go to
Full URL
https://security.microsoft.us.mcas-df-gov.us/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.72.27.219 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
6b9a9f5cdd84c51c8580d0c1ef1d24d909ec2abb52ffc92e6d768ad186b73d4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 06 Mar 2023 14:55:27 GMT
expires
Mon, 01-Jan-1990 00:00:00 GMT
pragma
no-cache
server
openresty
strict-transport-security
max-age=31536000
x-mcas-cache-status
MISS
x-mcas-processing-time
1
x-mcas-request-id
2387159d5928e8e18a317728b069dd6c
x-mcas-upstream-time
n/a
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.29.15/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.29.15/js/session-context-store-helper.min.js
Requested by
Host: security.microsoft.us.mcas-df-gov.us
URL: https://security.microsoft.us.mcas-df-gov.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:29::1721:2cda Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://security.microsoft.us.mcas-df-gov.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 06 Mar 2023 14:55:28 GMT
last-modified
Wed, 15 Feb 2023 11:50:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Dor7jY9XuhzpOAkbPbiHoQ==
etag
0x8DB0F4AD898F20F
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
381eb152-601e-0064-04d1-43bd16000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30171082
x-ms-version
2009-09-19
content-length
4832
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.29.15/html/ Frame 6C1A 		209 B
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.29.15/html/session-context-restore.html
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.29.15/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:29::1721:2cda Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451

Request headers

Referer
https://security.microsoft.us.mcas-df-gov.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30208748
content-length
209
content-md5
xcQ/+x+i42xZPwR88wJc4A==
content-type
text/html
date
Mon, 06 Mar 2023 14:55:28 GMT
etag
0x8DB0F4AD7ECC582
last-modified
Wed, 15 Feb 2023 11:50:32 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
caf0b8c2-c01e-0006-0e29-44a930000000
x-ms-version
2009-09-19
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.29.15/js/ Frame 6C1A 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.29.15/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.29.15/html/session-context-restore.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:e800:29::1721:2cda Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
50c7a6bc126f23bed4e86844e23471bc2b77bdf396bfe93fee9eb364bc99f9f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.29.15/html/session-context-restore.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 06 Mar 2023 14:55:28 GMT
last-modified
Wed, 15 Feb 2023 11:50:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
/YaMyLrHn30aHcVLtQfmcw==
etag
0x8DB0F4AD83C6094
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
de271055-901e-0027-41d1-431301000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30171093
x-ms-version
2009-09-19
content-length
38628
authorize
login.microsoftonline.us/common/oauth2/
Redirect Chain
  • https://security.microsoft.us/?
  • https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProper...
152 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.126.195.7 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d04ef2d896f234ab8f9623a91b3b927c2d809b96deb0ebc59be7d4585fae802e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.microsoft.us.mcas-df-gov.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
55403
Content-Type
text/html; charset=utf-8
Date
Mon, 06 Mar 2023 14:55:28 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.14649.20 - USGTX ProdSlices
x-ms-request-id
30a87ebc-3c02-4400-a26d-34d245f17602

Redirect headers

content-length
0
date
Mon, 06 Mar 2023 14:55:28 GMT
location
https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0
strict-transport-security
max-age=31536000; includeSubDomains
www-authenticate
Bearer error="invalid_token"
x-content-type-options
nosniff
x-diagnosticcontext
{Version:17.00.9806.001,Environment:VIRTBPROD,DeploymentId:9c0d6ec54b684363bb3c4d4f1b418f5e,InstanceId:WebRole_IN_0,SID:e0908ad5-bd97-4aff-b548-86fd86864846,CID:00291139-06ab-4d29-96a1-21857e540ba9}
x-frame-options
SAMEORIGIN
x-perftrace
{"Authentication":0.0769,"FlightSetting":0.0896,"ServerRequestTime":2.0982}
Primary Request authorize
login.microsoftonline.us/common/oauth2/ 		199 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0&sso_reload=true
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.126.195.7 San Antonio, United States, ASN8070 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a7699544b87dcf7043f34387e5fa0382a90f672d947dd730e2f4610bc470e923
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
50624
Content-Type
text/html; charset=utf-8
Date
Mon, 06 Mar 2023 14:55:28 GMT
Expires
-1
Link
<https://aadcdn.msftauth.us>; rel=preconnect; crossorigin <https://aadcdn.msftauth.us>; rel=dns-prefetch <https://aadcdn.msauth.us>; rel=dns-prefetch <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-Frame-Options
DENY
X-XSS-Protection
0
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.14649.20 - USGTX ProdSlices
x-ms-request-id
b62b580c-b167-4d02-af4a-2430d3756102
ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
aadcdn.msftauth.us/shared/1.0/content/js/ 		0
0
ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		401 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::40 -, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b12e862a8e4489c99304a04d61f61b08995f47699811ab785f791374805f5f12

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Mar 2023 14:55:32 GMT
content-encoding
gzip
x-azure-ref-originshield
0hHkCZAAAAABUSOymqR6SSbj+Yp7GWoxMTU5aMjIxMDYwNjEyMDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng==
content-md5
hr0cDEuDmS74/sss2l7JXQ==
x-cache
TCP_HIT
content-length
113908
x-ms-lease-status
unlocked
last-modified
Fri, 10 Feb 2023 02:38:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB0B0FD7BEBD2F
x-azure-ref
05f4FZAAAAABj4ZlQbotzSZq7Z149RMW8TUlBRURHRTIyMTkAMzlhMTJmN2UtODk5Zi00NmNmLWE2ZDAtMjRiYmJhMjdkOTU2
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
44fad310-101e-000a-434b-4a3966000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
aadcdn.msftauth.us/ests/2.1/content/cdnbundles/ 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.us/ests/2.1/content/cdnbundles/watsonsupportwithjquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 -, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
df2aa8537c1992c94846a0ffffaa9031d430d9d0210b9e396ec059aff62627e0

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Mar 2023 14:55:32 GMT
content-encoding
gzip
content-md5
HWW92uTq7vx3y5z+zFZbXQ==
x-cache
TCP_HIT
content-length
40454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Feb 2021 06:12:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8DA1D87CE3A82
x-azure-ref
05P4FZAAAAAB7kKCtMGDhQovXzxAw/4CZc24wMS1mZHYyLThiOTRkOWJjOC1qZjltbgA2ZThmNjYxYy0xMTI2LTQ5ODYtYTU4MC1kM2Y2ZjAwZjc3MDM=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d7d92c56-801e-0026-39f6-36a426000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
frameworksupport.min_oadrnc13magb009k4d20lg2.js
aadcdn.msftauth.us/ests/2.1/content/cdnbundles/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.us/ests/2.1/content/cdnbundles/frameworksupport.min_oadrnc13magb009k4d20lg2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 -, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c8cef105fcaf7cbf3f8682c861045505c24d41cf6686c20c1c03e14031a3db69

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Mar 2023 14:55:32 GMT
content-encoding
gzip
content-md5
A8dgUeRfi6/VknMbox6Cuw==
x-cache
TCP_HIT
content-length
4880
x-ms-lease-status
unlocked
last-modified
Thu, 22 Oct 2020 20:43:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D876CB2559783A
x-azure-ref
05f4FZAAAAAB12M5+x80MTqOBgs4/Mm6Xc24wMS1mZHYyLThiOTRkOWJjOC1qZjltbgA2ZThmNjYxYy0xMTI2LTQ5ODYtYTU4MC1kM2Y2ZjAwZjc3MDM=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
921ff86e-201e-00a8-2ff6-36eb87000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
watson.min_q5ptmu8aniymd4ftuqdkda2.js
aadcdn.msftauth.us/ests/2.1/content/cdnbundles/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msftauth.us/ests/2.1/content/cdnbundles/watson.min_q5ptmu8aniymd4ftuqdkda2.js
Requested by
Host: login.microsoftonline.us
URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0&sso_reload=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:489a:3403::5e0 -, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
https://login.microsoftonline.us/
Origin
https://login.microsoftonline.us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 06 Mar 2023 14:55:32 GMT
content-encoding
gzip
content-md5
up2irhKVlrgd4fr/sCzQ9w==
x-cache
TCP_HIT
content-length
3921
x-ms-lease-status
unlocked
last-modified
Tue, 28 Jun 2022 20:27:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA5944ADE2E4D4
x-azure-ref
05f4FZAAAAAAAUWQjI6QGTrMC92U5XE8ac24wMS1mZHYyLThiOTRkOWJjOC1qZjltbgA2ZThmNjYxYy0xMTI2LTQ5ODYtYTU4MC1kM2Y2ZjAwZjc3MDM=
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bc6620db-101e-0001-652b-363e6f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aadcdn.msftauth.us
URL
https://aadcdn.msftauth.us/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData

9 Cookies

Domain/Path Name / Value
security.microsoft.us/ Name: s.SessID
Value: e0908ad5-bd97-4aff-b548-86fd86864846
security.microsoft.us/ Name: OpenIdConnect.nonce.hVI8QmaB8VFr34wniavGvspUHfiNgbDC6i64Y8rndjk%3D
Value: Mjk4aVM0aWk0Z1hkMnljN0VweEJvX0Z2RUcxTzExdVJXWWxpWjdCRGc5V3FkaTg4Q1hEWXk2Y0EwNnhvNjNWZHljSnZsTURqMEUyN2J6dkMxZENCd09DcWFDZkx1SG5LTmk4SV9tSC1wbGM4Qmh5eUtrcm9VYTJFMmotTWx4WHN4X25kVURRQjN6N0ZtSU50YjVxZFloUHJaQndmcjhWNDhuOTVubTExTDR1MTRqWGVtODhpNWhfNnhqcXFTTWNRUmozWi1pU2RRZ29NWnlEcTUxVXJ3MWdpWDNmRUZUWmJiR2ktM2VSdDI2c2tOdnlSajRMOUMwb3NNT05uLW5JNG1kUEpIR2V6VnEzRElhdC0wUVZXaEE%3D
login.microsoftonline.us/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.us/ Name: stsservicecookie
Value: estsfd
.login.microsoftonline.us/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.us/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.us/ Name: buid
Value: 0.AQMAMe_N-B6jSkuT5F9XHpElWmfKzIC9VKtEhiVLecTcd3UBAAA.AQABAAEAAgBXxJ9NxOLiQKGXj-vdb8Bd9XS6lRgA_ER_EJuRNnuEUEKFwaD9Tr5EXp5DootlNNxWElLfYYxIo8ps8sPkf_oWee1EamuA2ZXGNsHdEDyz415qcJQOYTLKvJl_l2Oqyi0gAA
login.microsoftonline.us/ Name: fpc
Value: AjUErsjuVS9Lol0DGUaFTjFc5p_pAQAAAOH1l9sOAAAA
.login.microsoftonline.us/ Name: esctx
Value: PAQABAAEAAgBXxJ9NxOLiQKGXj-vdb8Bd1IO0_QNDZn_oCpT0DkER_TrsvM-9xKP9E2VWkinmEf-9axA62I3wiwr7gIhYHEYNnp3bJpW13-Cq-6OfnKnhCSWBLNZ_S9FNjEGkbr6avkd0bITOEC9ucPUo2HZWXahNoId7Jwk0NlHpQ0znL32wwYBMM9dYaoVsOgi9Sm9MPasgAA

2 Console Messages

Source Level URL
Text
javascript error URL: https://login.microsoftonline.us/common/oauth2/authorize?client_id=80ccca67-54bd-44ab-8625-4b79c4dc7775&response_type=code%20id_token&scope=openid%20profile&state=OpenIdConnect.AuthenticationProperties%3DNzKUYq3Giy82MM-8g4dTq3mM-Fk_fe3ZRM6qZFiFEP8peUZ1nH5noWLBW4-Xi74LxftaokeQBkSVNnHpMfgaERDedXtkyrxl7O6AxxRm6M5PbS_VK26kC1DrlOg3Fw6Y-42RbqG1uRInLUyW_6ZgYA&response_mode=form_post&nonce=638137113288626474.YzlkNjk2NmMtYzBkMS00NTIyLTk4ZDQtOGU1MjFkODQ3NzhjM2FiYTkxMGYtMjc3OS00YWI0LWI5OWYtYzYyNGRiNzEyZjVl&client-request-id=00291139-06ab-4d29-96a1-21857e540ba9&redirect_uri=https%3A%2F%2Fsecurity.microsoft.us%2F&x-client-SKU=ID_NET461&x-client-ver=6.22.1.0&sso_reload=true
Message:
Access to script at 'https://aadcdn.msftauth.us/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js' from origin 'https://login.microsoftonline.us' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aadcdn.msftauth.us/shared/1.0/content/js/ConvergedLogin_PCore_2y56dY7EZ4K0Z5BmC6OMyg2.js
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000