fac.corp.fortinet.com

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 208.91.114.103, located in United States and belongs to FORTINET, US. The main domain is fac.corp.fortinet.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 5th 2022. Valid for: a year.

This is the only time fac.corp.fortinet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 4	149.5.228.131 149.5.228.131	200589 (FORTINET-...) (FORTINET-FR_AS)
3	208.91.114.103 208.91.114.103	40934 (FORTINET) (FORTINET)
3	2

4 149.5.228.131 (Biot, France) 4 redirects

ASN200589 (FORTINET-FR_AS, FR)

knock.fortinet-cse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.91.114.103 (United States)

ASN40934 (FORTINET, US)

fac.corp.fortinet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	fortinet-cse.com 4 redirects knock.fortinet-cse.com	3 KB
3	fortinet.com fac.corp.fortinet.com	93 KB
3	2

	Domain	Requested by
4	knock.fortinet-cse.com	4 redirects
3	fac.corp.fortinet.com	fac.corp.fortinet.com
3	2

This site contains no links.

Subject Issuer	Validity	Valid
fac.corp.fortinet.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-05` - `2023-05-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fac.corp.fortinet.com/saml-idp/7nzipqro0p600vzv/login/?SAMLRequest=fZHRTsIwFIZfZXe92lY2GKNhSxaICQkaA%2BqFN6aUM2nStaU9Q%2BXp3UaMeCGXp%2Fm%2B0z%2F%2FmXveKMuqFg96A8cWPAaV9%2BBQGr0w2rcNuC24kxTwvFkX5IBoPYvj3osAFd9FGjDmwpNg2dlS8179BWsuImGcjWrTLe3YbmoGPZR7G0%2F1WdqjM9RmlJ7Op1iZd6ljEqyWBXmbZdNdOsvzUICYhuM8S0Ned2OeCz4WyW6S0bxDvW9hpT1yjQVJaJKGdBTS2dNozBLK0skrCV7A%2BSFXElESfDZKe9aHKEjrNDPcS880b8AzFGxb3a9ZBzL%2BU8W1Ym871hk0wihSznuaDelc%2BU9xDSDfc%2BTz%2BBqeX87y0C1fLR%2BNkuIrqJQyHwsHHKEg6FogwZ1xDcfbcfoXuQ%2FrAWW2r8EjaCRxefnz7%2FXLbw%3D%3D&RelayState=eJzz8A8Osc0oKSkottLXz87LT87WS8svKsnMSy3RTS5O1UvOzwUA4E4Myw%3D%3D
Frame ID: 87C8EF372C01FD56C1FBAD7664024148
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fortinet SSO

Page URL History Show full URLs

http://knock.fortinet-cse.com/ HTTP 302
https://knock.fortinet-cse.com/ HTTP 302
https://knock.fortinet-cse.com/login?back_url=https%3A%2F%2Fknock.fortinet-cse.com%2F HTTP 302
https://knock.fortinet-cse.com/auth/saml?RelayState=eJzz8A8Osc0oKSkottLXz87LT87WS8svKsnMSy3RTS5O1UvOzwUA4E4... HTTP 302
https://fac.corp.fortinet.com/saml-idp/7nzipqro0p600vzv/login/?SAMLRequest=fZHRTsIwFIZfZXe92lY2GKNhSxaICQk... Page URL

Detected technologies

Redmine (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

93 kB
Transfer

104 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://knock.fortinet-cse.com/ HTTP 302
https://knock.fortinet-cse.com/ HTTP 302
https://knock.fortinet-cse.com/login?back_url=https%3A%2F%2Fknock.fortinet-cse.com%2F HTTP 302
https://knock.fortinet-cse.com/auth/saml?RelayState=eJzz8A8Osc0oKSkottLXz87LT87WS8svKsnMSy3RTS5O1UvOzwUA4E4Myw%3D%3D&origin=https%3A%2F%2Fknock.fortinet-cse.com%2F HTTP 302
https://fac.corp.fortinet.com/saml-idp/7nzipqro0p600vzv/login/?SAMLRequest=fZHRTsIwFIZfZXe92lY2GKNhSxaICQkaA%2BqFN6aUM2nStaU9Q%2BXp3UaMeCGXp%2Fm%2B0z%2F%2FmXveKMuqFg96A8cWPAaV9%2BBQGr0w2rcNuC24kxTwvFkX5IBoPYvj3osAFd9FGjDmwpNg2dlS8179BWsuImGcjWrTLe3YbmoGPZR7G0%2F1WdqjM9RmlJ7Op1iZd6ljEqyWBXmbZdNdOsvzUICYhuM8S0Ned2OeCz4WyW6S0bxDvW9hpT1yjQVJaJKGdBTS2dNozBLK0skrCV7A%2BSFXElESfDZKe9aHKEjrNDPcS880b8AzFGxb3a9ZBzL%2BU8W1Ym871hk0wihSznuaDelc%2BU9xDSDfc%2BTz%2BBqeX87y0C1fLR%2BNkuIrqJQyHwsHHKEg6FogwZ1xDcfbcfoXuQ%2FrAWW2r8EjaCRxefnz7%2FXLbw%3D%3D&RelayState=eJzz8A8Osc0oKSkottLXz87LT87WS8svKsnMSy3RTS5O1UvOzwUA4E4Myw%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
fac.corp.fortinet.com/saml-idp/7nzipqro0p600vzv/login/
Redirect Chain

http://knock.fortinet-cse.com/
https://knock.fortinet-cse.com/
https://knock.fortinet-cse.com/login?back_url=https%3A%2F%2Fknock.fortinet-cse.com%2F
https://knock.fortinet-cse.com/auth/saml?RelayState=eJzz8A8Osc0oKSkottLXz87LT87WS8svKsnMSy3RTS5O1UvOzwUA4E4Myw%3D%3D&origin=https%3A%2F%2Fknock.fortinet-cse.com%2F
https://fac.corp.fortinet.com/saml-idp/7nzipqro0p600vzv/login/?SAMLRequest=fZHRTsIwFIZfZXe92lY2GKNhSxaICQkaA%2BqFN6aUM2nStaU9Q%2BXp3UaMeCGXp%2Fm%2B0z%2F%2FmXveKMuqFg96A8cWPAaV9%2BBQGr0w2rcNuC24kxTw...

16 KB
5 KB

854ms
177ms

Document
text/html

208.91.114.103
FORTINET

General

Check archive.org

Show headers Download Go to

Full URL

https://fac.corp.fortinet.com/saml-idp/7nzipqro0p600vzv/login/?SAMLRequest=fZHRTsIwFIZfZXe92lY2GKNhSxaICQkaA%2BqFN6aUM2nStaU9Q%2BXp3UaMeCGXp%2Fm%2B0z%2F%2FmXveKMuqFg96A8cWPAaV9%2BBQGr0w2rcNuC24kxTwvFkX5IBoPYvj3osAFd9FGjDmwpNg2dlS8179BWsuImGcjWrTLe3YbmoGPZR7G0%2F1WdqjM9RmlJ7Op1iZd6ljEqyWBXmbZdNdOsvzUICYhuM8S0Ned2OeCz4WyW6S0bxDvW9hpT1yjQVJaJKGdBTS2dNozBLK0skrCV7A%2BSFXElESfDZKe9aHKEjrNDPcS880b8AzFGxb3a9ZBzL%2BU8W1Ym871hk0wihSznuaDelc%2BU9xDSDfc%2BTz%2BBqeX87y0C1fLR%2BNkuIrqJQyHwsHHKEg6FogwZ1xDcfbcfoXuQ%2FrAWW2r8EjaCRxefnz7%2FXLbw%3D%3D&RelayState=eJzz8A8Osc0oKSkottLXz87LT87WS8svKsnMSy3RTS5O1UvOzwUA4E4Myw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

208.91.114.103 , United States, ASN40934 (FORTINET, US),

Reverse DNS

Software

/

Resource Hash

5dd1742cdfe40e3806807b61be67f59321a8b4ddf1946d8aad6b132e9842bd41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Language: fr
Content-Length: 4965
Content-Type: text/html; charset=utf-8
Date: Mon, 09 Jan 2023 14:20:36 GMT
Expires: Mon, 09 Jan 2023 14:20:36 GMT
Keep-Alive: timeout=5, max=100
Vary: Accept-Language,Cookie,Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 633
Date: Mon, 09 Jan 2023 14:20:35 GMT
Location: https://fac.corp.fortinet.com/saml-idp/7nzipqro0p600vzv/login/?SAMLRequest=fZHRTsIwFIZfZXe92lY2GKNhSxaICQkaA%2BqFN6aUM2nStaU9Q%2BXp3UaMeCGXp%2Fm%2B0z%2F%2FmXveKMuqFg96A8cWPAaV9%2BBQGr0w2rcNuC24kxTwvFkX5IBoPYvj3osAFd9FGjDmwpNg2dlS8179BWsuImGcjWrTLe3YbmoGPZR7G0%2F1WdqjM9RmlJ7Op1iZd6ljEqyWBXmbZdNdOsvzUICYhuM8S0Ned2OeCz4WyW6S0bxDvW9hpT1yjQVJaJKGdBTS2dNozBLK0skrCV7A%2BSFXElESfDZKe9aHKEjrNDPcS880b8AzFGxb3a9ZBzL%2BU8W1Ym871hk0wihSznuaDelc%2BU9xDSDfc%2BTz%2BBqeX87y0C1fLR%2BNkuIrqJQyHwsHHKEg6FogwZ1xDcfbcfoXuQ%2FrAWW2r8EjaCRxefnz7%2FXLbw%3D%3D&RelayState=eJzz8A8Osc0oKSkottLXz87LT87WS8svKsnMSy3RTS5O1UvOzwUA4E4Myw%3D%3D
Server: nginx/1.14.2
X-Request-Id: db653344-aa7d-4170-b08b-0f0ab13b7317
X-Runtime: 0.003772

GET
H/1.1 200
OK jquery.js Show response
fac.corp.fortinet.com/site_media/js/jquery/ 86 KB
86 KB 159ms
159ms Script
application/javascript 208.91.114.103
FORTINET

General

Check archive.org

Show headers Download Go to

Full URL

https://fac.corp.fortinet.com/site_media/js/jquery/jquery.js

Requested by

Host: fac.corp.fortinet.com
URL: https://fac.corp.fortinet.com/saml-idp/7nzipqro0p600vzv/login/?SAMLRequest=fZHRTsIwFIZfZXe92lY2GKNhSxaICQkaA%2BqFN6aUM2nStaU9Q%2BXp3UaMeCGXp%2Fm%2B0z%2F%2FmXveKMuqFg96A8cWPAaV9%2BBQGr0w2rcNuC24kxTwvFkX5IBoPYvj3osAFd9FGjDmwpNg2dlS8179BWsuImGcjWrTLe3YbmoGPZR7G0%2F1WdqjM9RmlJ7Op1iZd6ljEqyWBXmbZdNdOsvzUICYhuM8S0Ned2OeCz4WyW6S0bxDvW9hpT1yjQVJaJKGdBTS2dNozBLK0skrCV7A%2BSFXElESfDZKe9aHKEjrNDPcS880b8AzFGxb3a9ZBzL%2BU8W1Ym871hk0wihSznuaDelc%2BU9xDSDfc%2BTz%2BBqeX87y0C1fLR%2BNkuIrqJQyHwsHHKEg6FogwZ1xDcfbcfoXuQ%2FrAWW2r8EjaCRxefnz7%2FXLbw%3D%3D&RelayState=eJzz8A8Osc0oKSkottLXz87LT87WS8svKsnMSy3RTS5O1UvOzwUA4E4Myw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

208.91.114.103 , United States, ASN40934 (FORTINET, US),

Reverse DNS

Software

/

Resource Hash

f5cf9dd437bbbc82ee6cabc15d168e1832a0cea25f5743651bf97894b4844af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fac.corp.fortinet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 14:20:36 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 01 Feb 2022 19:41:40 GMT
ETag: "1575e-5d6fa17062500"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 87902
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ 689 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea81261830cb3aebec6762476bdd7b240095dbfa6e2aa3e1bc5a58d915560bdd

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK /
fac.corp.fortinet.com/customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/ 1 KB
1 KB 165ms
164ms Image
image/png 208.91.114.103
FORTINET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fac.corp.fortinet.com/customviews/image/password_hidden:93edf7d3ceb704be92ee084ecc62c6c8/

Requested by

Host: fac.corp.fortinet.com
URL: https://fac.corp.fortinet.com/saml-idp/7nzipqro0p600vzv/login/?SAMLRequest=fZHRTsIwFIZfZXe92lY2GKNhSxaICQkaA%2BqFN6aUM2nStaU9Q%2BXp3UaMeCGXp%2Fm%2B0z%2F%2FmXveKMuqFg96A8cWPAaV9%2BBQGr0w2rcNuC24kxTwvFkX5IBoPYvj3osAFd9FGjDmwpNg2dlS8179BWsuImGcjWrTLe3YbmoGPZR7G0%2F1WdqjM9RmlJ7Op1iZd6ljEqyWBXmbZdNdOsvzUICYhuM8S0Ned2OeCz4WyW6S0bxDvW9hpT1yjQVJaJKGdBTS2dNozBLK0skrCV7A%2BSFXElESfDZKe9aHKEjrNDPcS880b8AzFGxb3a9ZBzL%2BU8W1Ym871hk0wihSznuaDelc%2BU9xDSDfc%2BTz%2BBqeX87y0C1fLR%2BNkuIrqJQyHwsHHKEg6FogwZ1xDcfbcfoXuQ%2FrAWW2r8EjaCRxefnz7%2FXLbw%3D%3D&RelayState=eJzz8A8Osc0oKSkottLXz87LT87WS8svKsnMSy3RTS5O1UvOzwUA4E4Myw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

208.91.114.103 , United States, ASN40934 (FORTINET, US),

Reverse DNS

Software

/

Resource Hash

3a0ba58278b6c2cd541d34a718480c79bd75441e94499280553b192559815db4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://fac.corp.fortinet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 14:20:37 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Language: fr
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 1050
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
knock.fortinet-cse.com/	1970-01-20 17:33:30	Name: cookiesession1 Value: 678A3E0E7A56BD89B15C2BCC65710450
knock.fortinet-cse.com/	1969-12-31 23:59:59	Name: _redmine_session Value: UlVPTnZtRmo2UDVUS2M0UVFiSk16QzdLRTN5ZWptVTNuWVdHWlZsall1TkpYbFBESXRJbWdKVjg3TFI5OE9EMklscDJ2SzcvTTNwWkkwb2pqdGhCU3NHWlFURE5iUWczSG5qakx0TlhuZGorRzBrZE5zeXQwaXc2M0lNeDVaalVQU01uajJtM1VPYSsvdythMEhnYkdRcm1WSWJPWlF0UGZyWTdSZTFJTGRmV0VUQ0RQNHYxYVBOLzI3S0ZaTlc4TzhTZ0dYeFc2WStkNzBwOW84b0J3aVZ3OHUzNktZTXhZd3FhRHVsSjZ0OVlnT0Ezd05TNGIyV1JyUHQ1RndFbkpmSnBXeUhJK2NjYVdwZ1U0SXZmOFF1Z3d0eFRlUklpRmFwcjR0RG5aeXR0d0VCM1RCaFo2U3Rsb2lReWQrUmU2Rnp2b1B3L1FVNXBsVytuTzVLZFdBPT0tLU8vMHhBcytrUEN6TXBaTWVLVVFFOXc9PQ%3D%3D--d2ae34bb3e37d47ad461aeca750d1f8472757ad4
fac.corp.fortinet.com/	1970-01-20 08:47:57	Name: sessionid Value: f38av7oklhusyjfi5sv0l8ntfapmfzaw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fac.corp.fortinet.com
knock.fortinet-cse.com
149.5.228.131
208.91.114.103
3a0ba58278b6c2cd541d34a718480c79bd75441e94499280553b192559815db4
5dd1742cdfe40e3806807b61be67f59321a8b4ddf1946d8aad6b132e9842bd41
ea81261830cb3aebec6762476bdd7b240095dbfa6e2aa3e1bc5a58d915560bdd
f5cf9dd437bbbc82ee6cabc15d168e1832a0cea25f5743651bf97894b4844af5

fac.corp.fortinet.com Open in urlscan Pro 208.91.114.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

93 kBTransfer

104 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

fac.corp.fortinet.com Open in urlscan Pro
208.91.114.103 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

93 kB
Transfer

104 kB
Size

3
Cookies

3 HTTP transactions
1 data transactions