urlscan.io logo urlscan.io
SecurityTrails logo

login.microsoftonline.com Open in urlscan Pro
2603:1026:3000:148::12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://securitytraining.trinityrocks.com/
Effective URL: https://login.microsoftonline.com/55749ab1-9d63-460d-bb1a-af1ae9958264/saml2?SAMLRequest=lVJLb9swDP4rhu5%2ByHHsSEgCpA2KBei2oMl22KW...
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 14 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 23 HTTP transactions. The main IP is 2603:1026:3000:148::12, located in Amsterdam, Netherlands and belongs to . The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 12.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 3rd 2024. Valid for: 6 months.
This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    34.49.193.36 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.193.49.34.bc.googleusercontent.com
securitytraining.trinityrocks.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    3.91.211.14 (Ashburn, United States)

ASN- ()
PTR: ec2-3-91-211-14.compute-1.amazonaws.com
app.training.fortinet.com
2    142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
fonts.gstatic.com
1    2603:1026:3000:148::12 (Amsterdam, Netherlands)

ASN- ()
login.microsoftonline.com
8    2620:1ec:bdf::45 (None, )

ASN- ()
aadcdn.msauth.net
1    20.190.159.64 (None, )

ASN- ()
login.live.com
2    2606:2800:233:1cb7:261b:1f9c:2074:3c (None, )

ASN- ()
aadcdn.msauthimages.net
Domain Requested by
8 aadcdn.msauth.net login.microsoftonline.com
aadcdn.msauth.net
4 app.training.fortinet.com 2 redirects securitytraining.trinityrocks.com
4 securitytraining.trinityrocks.com securitytraining.trinityrocks.com
2 aadcdn.msauthimages.net
2 fonts.gstatic.com fonts.googleapis.com
1 login.live.com login.microsoftonline.com
1 login.microsoftonline.com securitytraining.trinityrocks.com
1 fonts.googleapis.com securitytraining.trinityrocks.com
1 cdn.jsdelivr.net securitytraining.trinityrocks.com
0 autologon.microsoftazuread-sso.com Failed
23 10

This site contains no links.

Subject Issuer Validity Valid
securitytraining.trinityrocks.com
WR3		 2024-11-13 -
2025-02-11		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
app.training.fortinet.com
R11		 2024-11-02 -
2025-01-31		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2024-09-03 -
2025-03-03		 6 months crt.sh
aadcdn.msauth.net
DigiCert SHA2 Secure Server CA		 2024-10-29 -
2025-10-29		 a year crt.sh
login.live.com
DigiCert SHA2 Secure Server CA		 2024-08-19 -
2025-08-19		 a year crt.sh
aadcdn.msauthimages.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-06-04 -
2025-05-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/55749ab1-9d63-460d-bb1a-af1ae9958264/saml2?SAMLRequest=lVJLb9swDP4rhu5%2ByHHsSEgCpA2KBei2oMl22KWgZboRYEueKO%2Fx76fYLdYdWmCADgLJj98DXBP03SB3o7%2BYB%2Fw%2BIvnoV98ZklNjw0ZnpAXSJA30SNIredp9vJd5ksnBWW%2BV7dgryPsIIELntTUsOuw37LGoQVRtW2EjilqpljeiqtQyV3lZZwKbFawWeQYLIVj0FR0F5IaFRQFONOLBkAfjQynLi5jzmBfnbCHD4%2BU3Fu2DG23AT6iL9wPJNO3skzZJr5WzZFtvTacNJsr26XJZFQJqHoumXMRFmTVxXXOIoeWAQixXeVmkV485i3YvRm6tobFHd0L3Qyv88nD%2FlwqGIfEOtNHmKWltmDfoJyoIec%2BrUhrmTwyKkuEyvI1i0fE58BttmtB9P%2Bt6HiL54Xw%2BxsfPpzPbrq9UcsrObf9XZo8eGvBwVblOX29az1f0KWg47I%2B20%2Bp3dGddD%2F5tiTzhU0U3cTuNytHQgEq3GpsQcNfZn7cOweOGeTciS7cz6b%2FXuv0D&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D877b5230ba8087714da1291b1e6f4bda%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=IuVVRYXDA4q3F5tNiKuji7JpHmfsRezo%2B4HiilfkftAa2KFBduBfNh5Q1MOdBV5xMD3e0wQd38ySglM9h%2FmA6E15z8OfuNxs1pc7i6OE%2BrFYLAbPuPTWfd%2Bg8QySESri2h5JuXqoGodzD9KzgJWzNH%2FPbizJaiOJDDSeS7Q6Oclzzt6yaruaHHcXfMbNqWtLxzOMSmGyrs49pMZbVdX%2Bf%2B5wH2bbsUjUW%2Fd3qFZ69xyQ19i%2FY4MD4%2B%2BMF8sY1QVFpXU5iVcpME7HBnQJmlPigBVYJQw60Lry%2BDJMhyfLgVIlHMpnczbgsf7v6YS055c5zvM7z15JWn1HpasrqOlvCQ%3D%3D
Frame ID: 3DFA3243D9AE136F5483926F0FD2A5DA
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://securitytraining.trinityrocks.com/ HTTP 307
    https://securitytraining.trinityrocks.com/ Page URL
  2. https://app.training.fortinet.com/local/bridge/launch.php?name=7070 HTTP 303
    https://app.training.fortinet.com/auth/saml2/login.php?wants=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2... HTTP 302
    https://login.microsoftonline.com/55749ab1-9d63-460d-bb1a-af1ae9958264/saml2?SAMLRequest=lVJLb9swDP4rhu5%2ByHH... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

23
Requests

96 %
HTTPS

56 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

4617 kB
Transfer

5524 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://securitytraining.trinityrocks.com/ HTTP 307
    https://securitytraining.trinityrocks.com/ Page URL
  2. https://app.training.fortinet.com/local/bridge/launch.php?name=7070 HTTP 303
    https://app.training.fortinet.com/auth/saml2/login.php?wants=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2Fbridge%2Flaunch.php&idp=877b5230ba8087714da1291b1e6f4bda&wantsurl=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2Fbridge%2Flaunch.php HTTP 302
    https://login.microsoftonline.com/55749ab1-9d63-460d-bb1a-af1ae9958264/saml2?SAMLRequest=lVJLb9swDP4rhu5%2ByHHsSEgCpA2KBei2oMl22KWgZboRYEueKO%2Fx76fYLdYdWmCADgLJj98DXBP03SB3o7%2BYB%2Fw%2BIvnoV98ZklNjw0ZnpAXSJA30SNIredp9vJd5ksnBWW%2BV7dgryPsIIELntTUsOuw37LGoQVRtW2EjilqpljeiqtQyV3lZZwKbFawWeQYLIVj0FR0F5IaFRQFONOLBkAfjQynLi5jzmBfnbCHD4%2BU3Fu2DG23AT6iL9wPJNO3skzZJr5WzZFtvTacNJsr26XJZFQJqHoumXMRFmTVxXXOIoeWAQixXeVmkV485i3YvRm6tobFHd0L3Qyv88nD%2FlwqGIfEOtNHmKWltmDfoJyoIec%2BrUhrmTwyKkuEyvI1i0fE58BttmtB9P%2Bt6HiL54Xw%2BxsfPpzPbrq9UcsrObf9XZo8eGvBwVblOX29az1f0KWg47I%2B20%2Bp3dGddD%2F5tiTzhU0U3cTuNytHQgEq3GpsQcNfZn7cOweOGeTciS7cz6b%2FXuv0D&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D877b5230ba8087714da1291b1e6f4bda%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=IuVVRYXDA4q3F5tNiKuji7JpHmfsRezo%2B4HiilfkftAa2KFBduBfNh5Q1MOdBV5xMD3e0wQd38ySglM9h%2FmA6E15z8OfuNxs1pc7i6OE%2BrFYLAbPuPTWfd%2Bg8QySESri2h5JuXqoGodzD9KzgJWzNH%2FPbizJaiOJDDSeS7Q6Oclzzt6yaruaHHcXfMbNqWtLxzOMSmGyrs49pMZbVdX%2Bf%2B5wH2bbsUjUW%2Fd3qFZ69xyQ19i%2FY4MD4%2B%2BMF8sY1QVFpXU5iVcpME7HBnQJmlPigBVYJQw60Lry%2BDJMhyfLgVIlHMpnczbgsf7v6YS055c5zvM7z15JWn1HpasrqOlvCQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://securitytraining.trinityrocks.com/ HTTP 307
  • https://securitytraining.trinityrocks.com/

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
securitytraining.trinityrocks.com/
Redirect Chain
  • http://securitytraining.trinityrocks.com/
  • https://securitytraining.trinityrocks.com/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securitytraining.trinityrocks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.193.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.193.49.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4c97969b2e2ef5eb3fd13fc40822c7eeee7328c1b3fa1fd76bd398fda314f67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1026
content-type
text/html
date
Thu, 14 Nov 2024 03:03:12 GMT
etag
"0da36c4aa2d573df7754f95e446606f7"
last-modified
Tue, 27 Aug 2024 13:33:21 GMT
server
UploadServer
x-goog-generation
1724765601798466
x-goog-hash
crc32c=/FP1jw== md5=DaNsSqLVc993VPleRGYG9w==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1026
x-guploader-uploadid
AHmUCY1t5Q-Op9DGqcxTngCWVqr43xSJKa2QZR5ks83aam5XbGNJODnDMUZ5BuPEcayqcP5RbMK-8gHaug

Redirect headers

Location
https://securitytraining.trinityrocks.com/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 		158 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
Requested by
Host: securitytraining.trinityrocks.com
URL: https://securitytraining.trinityrocks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securitytraining.trinityrocks.com
Referer
https://securitytraining.trinityrocks.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
age
3708722
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 14 Nov 2024 03:03:12 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220126-FRA, cache-mxp6952-MXP
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
26291
x-jsd-version
4.6.0
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;500;700&family=Roboto:wght@400;500&family=Lato:wght@300;400;500;700&display=swap
Requested by
Host: securitytraining.trinityrocks.com
URL: https://securitytraining.trinityrocks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
732e36b4f8448517b5f6c7f088f642fd27d1b36d5209fa49c75de5ffdaa23107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://securitytraining.trinityrocks.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 03:03:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 03:03:12 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 14 Nov 2024 03:03:12 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.c7141162.js
securitytraining.trinityrocks.com/static/js/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://securitytraining.trinityrocks.com/static/js/main.c7141162.js
Requested by
Host: securitytraining.trinityrocks.com
URL: https://securitytraining.trinityrocks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.193.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.193.49.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
43397dbf0543de9b426241f2b1cf98fac21d78c59992a7e12e4039218a5c42e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://securitytraining.trinityrocks.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=WTpmug==, md5=0KJ5nMKHqInaaOxpqSfXaQ==
etag
"d0a2799cc287a889da68ec69a927d769"
age
0
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
2637259
date
Thu, 14 Nov 2024 03:03:12 GMT
last-modified
Tue, 27 Aug 2024 13:33:17 GMT
content-type
text/javascript
x-guploader-uploadid
AHmUCY12s2Nxfntt3qkx-n8-ZfI26_syDz8UH0nJ4OFOS8J3z0IC8FAmPp7euPSXGYYYX5NCN3CQlNTQlw
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1724765597769550
content-length
2637259
server
UploadServer
main.f286f5ac.css
securitytraining.trinityrocks.com/static/css/ 		460 KB
460 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://securitytraining.trinityrocks.com/static/css/main.f286f5ac.css
Requested by
Host: securitytraining.trinityrocks.com
URL: https://securitytraining.trinityrocks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.193.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.193.49.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3769162a04a640c3e701579f8754f982fac9d1d4e216c1df1e8143650d3189cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://securitytraining.trinityrocks.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=vdz3kg==, md5=pyp5k9+/8UwMTAyIUBXaRQ==
etag
"a72a7993dfbff14c0c4c0c885015da45"
age
0
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
470781
date
Thu, 14 Nov 2024 03:03:12 GMT
last-modified
Tue, 27 Aug 2024 13:33:12 GMT
content-type
text/css
x-guploader-uploadid
AHmUCY1bvSsllDTMIIVsphLamulhDx7hWhEbdyxlL6YA7c70fxdxwFCxZBbHNkClRflfssMGi3wI82nEpg
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1724765592085096
content-length
470781
server
UploadServer
locales.php
app.training.fortinet.com/local/bridge/ 		37 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.training.fortinet.com/local/bridge/locales.php?plugin=local_bridge&locale=en_us
Requested by
Host: securitytraining.trinityrocks.com
URL: https://securitytraining.trinityrocks.com/static/js/main.c7141162.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.91.211.14 Ashburn, United States, ASN (),
Reverse DNS
ec2-3-91-211-14.compute-1.amazonaws.com
Software
XXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
7cf597cf08d4d94b62030e5666b18b66e0cf3b2a8ecca06e033cef578f3d260a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://securitytraining.trinityrocks.com/

Response headers

Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
*
content-length
37730
Date
Thu, 14 Nov 2024 03:03:14 GMT
Content-Type
application/json; charset=utf-8
Connection
keep-alive
Server
XXXXXXXXXXXXXXXXXXXXXXX
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;500;700&family=Roboto:wght@400;500&family=Lato:wght@300;400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securitytraining.trinityrocks.com
Referer
https://fonts.googleapis.com/

Response headers

age
42190
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:20:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:20:03 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;500;700&family=Roboto:wght@400;500&family=Lato:wght@300;400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://securitytraining.trinityrocks.com
Referer
https://fonts.googleapis.com/

Response headers

age
42189
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:20:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:20:04 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
server.php
app.training.fortinet.com/webservice/rest/ 		635 KB
636 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.training.fortinet.com/webservice/rest/server.php?domainname=securitytraining.trinityrocks.com&moodlewsrestformat=json&wsfunction=local_bridge_get_style_info_by_domain&wstoken=d2b050c9ff4099a35089ea0d20ef30bb
Requested by
Host: securitytraining.trinityrocks.com
URL: https://securitytraining.trinityrocks.com/static/js/main.c7141162.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.91.211.14 Ashburn, United States, ASN (),
Reverse DNS
ec2-3-91-211-14.compute-1.amazonaws.com
Software
XXXXXXXXXXXXXXXXXXXXXXX /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://securitytraining.trinityrocks.com/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
private, must-revalidate, pre-check=0, post-check=0, max-age=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Accept-Ranges
none
Access-Control-Allow-Origin
*
Date
Thu, 14 Nov 2024 03:03:14 GMT
Content-Type
application/json
Server
XXXXXXXXXXXXXXXXXXXXXXX
logo_red.png
securitytraining.trinityrocks.com/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securitytraining.trinityrocks.com/logo_red.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.49.193.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.193.49.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9b409e4e72f25dafef47a46d2bf2d1e9099390f779251a1f0aad22fd3b3bc9e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://securitytraining.trinityrocks.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=e3gzRw==, md5=gFlJ21+chzTx+3ZJYvVLdg==
etag
"805949db5f9c8734f1fb764962f54b76"
age
0
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
1571
date
Thu, 14 Nov 2024 03:03:13 GMT
last-modified
Tue, 27 Aug 2024 13:33:22 GMT
content-type
image/png
x-guploader-uploadid
AHmUCY3ZiStp4JIESXikOz3v6zOa0HdPTQdaj7fORdp76bcXdl-mqOxsqLoKCMY3J0om57e7pVg
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1724765602556273
content-length
1571
server
UploadServer
Primary Request saml2
login.microsoftonline.com/55749ab1-9d63-460d-bb1a-af1ae9958264/
Redirect Chain
  • https://app.training.fortinet.com/local/bridge/launch.php?name=7070
  • https://app.training.fortinet.com/auth/saml2/login.php?wants=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2Fbridge%2Flaunch.php&idp=877b5230ba8087714da1291b1e6f4bda&wantsurl=https%3A%2F%2Fapp.tr...
  • https://login.microsoftonline.com/55749ab1-9d63-460d-bb1a-af1ae9958264/saml2?SAMLRequest=lVJLb9swDP4rhu5%2ByHHsSEgCpA2KBei2oMl22KWgZboRYEueKO%2Fx76fYLdYdWmCADgLJj98DXBP03SB3o7%2BYB%2Fw%2BIvnoV98Zkl...
41 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/55749ab1-9d63-460d-bb1a-af1ae9958264/saml2?SAMLRequest=lVJLb9swDP4rhu5%2ByHHsSEgCpA2KBei2oMl22KWgZboRYEueKO%2Fx76fYLdYdWmCADgLJj98DXBP03SB3o7%2BYB%2Fw%2BIvnoV98ZklNjw0ZnpAXSJA30SNIredp9vJd5ksnBWW%2BV7dgryPsIIELntTUsOuw37LGoQVRtW2EjilqpljeiqtQyV3lZZwKbFawWeQYLIVj0FR0F5IaFRQFONOLBkAfjQynLi5jzmBfnbCHD4%2BU3Fu2DG23AT6iL9wPJNO3skzZJr5WzZFtvTacNJsr26XJZFQJqHoumXMRFmTVxXXOIoeWAQixXeVmkV485i3YvRm6tobFHd0L3Qyv88nD%2FlwqGIfEOtNHmKWltmDfoJyoIec%2BrUhrmTwyKkuEyvI1i0fE58BttmtB9P%2Bt6HiL54Xw%2BxsfPpzPbrq9UcsrObf9XZo8eGvBwVblOX29az1f0KWg47I%2B20%2Bp3dGddD%2F5tiTzhU0U3cTuNytHQgEq3GpsQcNfZn7cOweOGeTciS7cz6b%2FXuv0D&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D877b5230ba8087714da1291b1e6f4bda%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=IuVVRYXDA4q3F5tNiKuji7JpHmfsRezo%2B4HiilfkftAa2KFBduBfNh5Q1MOdBV5xMD3e0wQd38ySglM9h%2FmA6E15z8OfuNxs1pc7i6OE%2BrFYLAbPuPTWfd%2Bg8QySESri2h5JuXqoGodzD9KzgJWzNH%2FPbizJaiOJDDSeS7Q6Oclzzt6yaruaHHcXfMbNqWtLxzOMSmGyrs49pMZbVdX%2Bf%2B5wH2bbsUjUW%2Fd3qFZ69xyQ19i%2FY4MD4%2B%2BMF8sY1QVFpXU5iVcpME7HBnQJmlPigBVYJQw60Lry%2BDJMhyfLgVIlHMpnczbgsf7v6YS055c5zvM7z15JWn1HpasrqOlvCQ%3D%3D
Requested by
Host: securitytraining.trinityrocks.com
URL: https://securitytraining.trinityrocks.com/static/js/main.c7141162.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2603:1026:3000:148::12 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software
/
Resource Hash
79fdf9efaf30a5a983031f473a8a06b25a86fdf52a8573d863b1e027aa47e0c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://securitytraining.trinityrocks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-length
15141
content-type
text/html; charset=utf-8
date
Thu, 14 Nov 2024 03:03:16 GMT
expires
-1
link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
on
x-frame-options
DENY
x-ms-ests-server
2.1.19343.4 - EUS ProdSlices
x-ms-request-id
b79ba1bd-4b99-4dad-a5cd-b541b7f32800
x-ms-srs
1.P
x-xss-protection
0

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 14 Nov 2024 03:03:16 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://login.microsoftonline.com/55749ab1-9d63-460d-bb1a-af1ae9958264/saml2?SAMLRequest=lVJLb9swDP4rhu5%2ByHHsSEgCpA2KBei2oMl22KWgZboRYEueKO%2Fx76fYLdYdWmCADgLJj98DXBP03SB3o7%2BYB%2Fw%2BIvnoV98ZklNjw0ZnpAXSJA30SNIredp9vJd5ksnBWW%2BV7dgryPsIIELntTUsOuw37LGoQVRtW2EjilqpljeiqtQyV3lZZwKbFawWeQYLIVj0FR0F5IaFRQFONOLBkAfjQynLi5jzmBfnbCHD4%2BU3Fu2DG23AT6iL9wPJNO3skzZJr5WzZFtvTacNJsr26XJZFQJqHoumXMRFmTVxXXOIoeWAQixXeVmkV485i3YvRm6tobFHd0L3Qyv88nD%2FlwqGIfEOtNHmKWltmDfoJyoIec%2BrUhrmTwyKkuEyvI1i0fE58BttmtB9P%2Bt6HiL54Xw%2BxsfPpzPbrq9UcsrObf9XZo8eGvBwVblOX29az1f0KWg47I%2B20%2Bp3dGddD%2F5tiTzhU0U3cTuNytHQgEq3GpsQcNfZn7cOweOGeTciS7cz6b%2FXuv0D&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D877b5230ba8087714da1291b1e6f4bda%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=IuVVRYXDA4q3F5tNiKuji7JpHmfsRezo%2B4HiilfkftAa2KFBduBfNh5Q1MOdBV5xMD3e0wQd38ySglM9h%2FmA6E15z8OfuNxs1pc7i6OE%2BrFYLAbPuPTWfd%2Bg8QySESri2h5JuXqoGodzD9KzgJWzNH%2FPbizJaiOJDDSeS7Q6Oclzzt6yaruaHHcXfMbNqWtLxzOMSmGyrs49pMZbVdX%2Bf%2B5wH2bbsUjUW%2Fd3qFZ69xyQ19i%2FY4MD4%2B%2BMF8sY1QVFpXU5iVcpME7HBnQJmlPigBVYJQw60Lry%2BDJMhyfLgVIlHMpnczbgsf7v6YS055c5zvM7z15JWn1HpasrqOlvCQ%3D%3D
Pragma
no-cache
Server
XXXXXXXXXXXXXXXXXXXXXXX
Strict-Transport-Security
max-age=31536000
content-length
4813
converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		111 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/55749ab1-9d63-460d-bb1a-af1ae9958264/saml2?SAMLRequest=lVJLb9swDP4rhu5%2ByHHsSEgCpA2KBei2oMl22KWgZboRYEueKO%2Fx76fYLdYdWmCADgLJj98DXBP03SB3o7%2BYB%2Fw%2BIvnoV98ZklNjw0ZnpAXSJA30SNIredp9vJd5ksnBWW%2BV7dgryPsIIELntTUsOuw37LGoQVRtW2EjilqpljeiqtQyV3lZZwKbFawWeQYLIVj0FR0F5IaFRQFONOLBkAfjQynLi5jzmBfnbCHD4%2BU3Fu2DG23AT6iL9wPJNO3skzZJr5WzZFtvTacNJsr26XJZFQJqHoumXMRFmTVxXXOIoeWAQixXeVmkV485i3YvRm6tobFHd0L3Qyv88nD%2FlwqGIfEOtNHmKWltmDfoJyoIec%2BrUhrmTwyKkuEyvI1i0fE58BttmtB9P%2Bt6HiL54Xw%2BxsfPpzPbrq9UcsrObf9XZo8eGvBwVblOX29az1f0KWg47I%2B20%2Bp3dGddD%2F5tiTzhU0U3cTuNytHQgEq3GpsQcNfZn7cOweOGeTciS7cz6b%2FXuv0D&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D877b5230ba8087714da1291b1e6f4bda%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=IuVVRYXDA4q3F5tNiKuji7JpHmfsRezo%2B4HiilfkftAa2KFBduBfNh5Q1MOdBV5xMD3e0wQd38ySglM9h%2FmA6E15z8OfuNxs1pc7i6OE%2BrFYLAbPuPTWfd%2Bg8QySESri2h5JuXqoGodzD9KzgJWzNH%2FPbizJaiOJDDSeS7Q6Oclzzt6yaruaHHcXfMbNqWtLxzOMSmGyrs49pMZbVdX%2Bf%2B5wH2bbsUjUW%2Fd3qFZ69xyQ19i%2FY4MD4%2B%2BMF8sY1QVFpXU5iVcpME7HBnQJmlPigBVYJQw60Lry%2BDJMhyfLgVIlHMpnczbgsf7v6YS055c5zvM7z15JWn1HpasrqOlvCQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
68c2994e21a564345eb3b4091dd2334c9cbddb0aecda45ee963c6de2e1629b93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCDDAAF34D1A25
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
4554691
x-cache
TCP_HIT
date
Thu, 14 Nov 2024 03:03:17 GMT
content-type
text/css
last-modified
Wed, 25 Sep 2024 21:42:27 GMT
cache-control
public, max-age=31536000
x-ms-request-id
325aa389-301e-0063-04e6-356100000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
20400
x-azure-ref
20241114T030317Z-168674b4b8f9nkqdhC1MILaxd800000000q0000000008h95
x-ms-blob-type
BlockBlob
ConvergedLogin_PCore_IzDt-l0Cuie0gYRUoEk15w2.js
aadcdn.msauth.net/shared/1.0/content/js/ 		439 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_IzDt-l0Cuie0gYRUoEk15w2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/55749ab1-9d63-460d-bb1a-af1ae9958264/saml2?SAMLRequest=lVJLb9swDP4rhu5%2ByHHsSEgCpA2KBei2oMl22KWgZboRYEueKO%2Fx76fYLdYdWmCADgLJj98DXBP03SB3o7%2BYB%2Fw%2BIvnoV98ZklNjw0ZnpAXSJA30SNIredp9vJd5ksnBWW%2BV7dgryPsIIELntTUsOuw37LGoQVRtW2EjilqpljeiqtQyV3lZZwKbFawWeQYLIVj0FR0F5IaFRQFONOLBkAfjQynLi5jzmBfnbCHD4%2BU3Fu2DG23AT6iL9wPJNO3skzZJr5WzZFtvTacNJsr26XJZFQJqHoumXMRFmTVxXXOIoeWAQixXeVmkV485i3YvRm6tobFHd0L3Qyv88nD%2FlwqGIfEOtNHmKWltmDfoJyoIec%2BrUhrmTwyKkuEyvI1i0fE58BttmtB9P%2Bt6HiL54Xw%2BxsfPpzPbrq9UcsrObf9XZo8eGvBwVblOX29az1f0KWg47I%2B20%2Bp3dGddD%2F5tiTzhU0U3cTuNytHQgEq3GpsQcNfZn7cOweOGeTciS7cz6b%2FXuv0D&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D877b5230ba8087714da1291b1e6f4bda%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=IuVVRYXDA4q3F5tNiKuji7JpHmfsRezo%2B4HiilfkftAa2KFBduBfNh5Q1MOdBV5xMD3e0wQd38ySglM9h%2FmA6E15z8OfuNxs1pc7i6OE%2BrFYLAbPuPTWfd%2Bg8QySESri2h5JuXqoGodzD9KzgJWzNH%2FPbizJaiOJDDSeS7Q6Oclzzt6yaruaHHcXfMbNqWtLxzOMSmGyrs49pMZbVdX%2Bf%2B5wH2bbsUjUW%2Fd3qFZ69xyQ19i%2FY4MD4%2B%2BMF8sY1QVFpXU5iVcpME7HBnQJmlPigBVYJQw60Lry%2BDJMhyfLgVIlHMpnczbgsf7v6YS055c5zvM7z15JWn1HpasrqOlvCQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6379d57694ecb499626f889744fb47d1979dde32c9f95bcaf48e318642a8c292

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCE4DDB9B391BE
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
4554691
x-cache
TCP_HIT
date
Thu, 14 Nov 2024 03:03:17 GMT
content-type
application/x-javascript
last-modified
Sat, 05 Oct 2024 01:33:33 GMT
cache-control
public, max-age=31536000
x-ms-request-id
f1bf2e9e-b01e-006e-1ce6-359679000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
122342
x-azure-ref
20241114T030317Z-168674b4b8f9nkqdhC1MILaxd800000000q0000000008h96
x-ms-blob-type
BlockBlob
ux.converged.login.strings-it.min_bgun7cuufinrhhwjpprqew2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-it.min_bgun7cuufinrhhwjpprqew2.js
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/55749ab1-9d63-460d-bb1a-af1ae9958264/saml2?SAMLRequest=lVJLb9swDP4rhu5%2ByHHsSEgCpA2KBei2oMl22KWgZboRYEueKO%2Fx76fYLdYdWmCADgLJj98DXBP03SB3o7%2BYB%2Fw%2BIvnoV98ZklNjw0ZnpAXSJA30SNIredp9vJd5ksnBWW%2BV7dgryPsIIELntTUsOuw37LGoQVRtW2EjilqpljeiqtQyV3lZZwKbFawWeQYLIVj0FR0F5IaFRQFONOLBkAfjQynLi5jzmBfnbCHD4%2BU3Fu2DG23AT6iL9wPJNO3skzZJr5WzZFtvTacNJsr26XJZFQJqHoumXMRFmTVxXXOIoeWAQixXeVmkV485i3YvRm6tobFHd0L3Qyv88nD%2FlwqGIfEOtNHmKWltmDfoJyoIec%2BrUhrmTwyKkuEyvI1i0fE58BttmtB9P%2Bt6HiL54Xw%2BxsfPpzPbrq9UcsrObf9XZo8eGvBwVblOX29az1f0KWg47I%2B20%2Bp3dGddD%2F5tiTzhU0U3cTuNytHQgEq3GpsQcNfZn7cOweOGeTciS7cz6b%2FXuv0D&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D877b5230ba8087714da1291b1e6f4bda%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=IuVVRYXDA4q3F5tNiKuji7JpHmfsRezo%2B4HiilfkftAa2KFBduBfNh5Q1MOdBV5xMD3e0wQd38ySglM9h%2FmA6E15z8OfuNxs1pc7i6OE%2BrFYLAbPuPTWfd%2Bg8QySESri2h5JuXqoGodzD9KzgJWzNH%2FPbizJaiOJDDSeS7Q6Oclzzt6yaruaHHcXfMbNqWtLxzOMSmGyrs49pMZbVdX%2Bf%2B5wH2bbsUjUW%2Fd3qFZ69xyQ19i%2FY4MD4%2B%2BMF8sY1QVFpXU5iVcpME7HBnQJmlPigBVYJQw60Lry%2BDJMhyfLgVIlHMpnczbgsf7v6YS055c5zvM7z15JWn1HpasrqOlvCQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d60579925b61d2e48dd13402e01cdb3ec8553937f78d67abacda16519a8f7a8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://login.microsoftonline.com
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCC6D53828F9EF
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
4554691
x-cache
TCP_HIT
date
Thu, 14 Nov 2024 03:03:17 GMT
content-type
application/x-javascript
last-modified
Tue, 27 Aug 2024 20:17:05 GMT
cache-control
public, max-age=31536000
x-ms-request-id
83028ca2-f01e-0043-6f26-361aa7000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
17250
x-azure-ref
20241114T030317Z-168674b4b8f9nkqdhC1MILaxd800000000q0000000008h97
x-ms-blob-type
BlockBlob
Me.htm
login.live.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/55749ab1-9d63-460d-bb1a-af1ae9958264/saml2?SAMLRequest=lVJLb9swDP4rhu5%2ByHHsSEgCpA2KBei2oMl22KWgZboRYEueKO%2Fx76fYLdYdWmCADgLJj98DXBP03SB3o7%2BYB%2Fw%2BIvnoV98ZklNjw0ZnpAXSJA30SNIredp9vJd5ksnBWW%2BV7dgryPsIIELntTUsOuw37LGoQVRtW2EjilqpljeiqtQyV3lZZwKbFawWeQYLIVj0FR0F5IaFRQFONOLBkAfjQynLi5jzmBfnbCHD4%2BU3Fu2DG23AT6iL9wPJNO3skzZJr5WzZFtvTacNJsr26XJZFQJqHoumXMRFmTVxXXOIoeWAQixXeVmkV485i3YvRm6tobFHd0L3Qyv88nD%2FlwqGIfEOtNHmKWltmDfoJyoIec%2BrUhrmTwyKkuEyvI1i0fE58BttmtB9P%2Bt6HiL54Xw%2BxsfPpzPbrq9UcsrObf9XZo8eGvBwVblOX29az1f0KWg47I%2B20%2Bp3dGddD%2F5tiTzhU0U3cTuNytHQgEq3GpsQcNfZn7cOweOGeTciS7cz6b%2FXuv0D&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D877b5230ba8087714da1291b1e6f4bda%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=IuVVRYXDA4q3F5tNiKuji7JpHmfsRezo%2B4HiilfkftAa2KFBduBfNh5Q1MOdBV5xMD3e0wQd38ySglM9h%2FmA6E15z8OfuNxs1pc7i6OE%2BrFYLAbPuPTWfd%2Bg8QySESri2h5JuXqoGodzD9KzgJWzNH%2FPbizJaiOJDDSeS7Q6Oclzzt6yaruaHHcXfMbNqWtLxzOMSmGyrs49pMZbVdX%2Bf%2B5wH2bbsUjUW%2Fd3qFZ69xyQ19i%2FY4MD4%2B%2BMF8sY1QVFpXU5iVcpME7HBnQJmlPigBVYJQw60Lry%2BDJMhyfLgVIlHMpnczbgsf7v6YS055c5zvM7z15JWn1HpasrqOlvCQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.159.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers
convergedlogin_pcustomizationloader_117b650bccea354984d8.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		397 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_IzDt-l0Cuie0gYRUoEk15w2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCBD5317046A2F
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
4554691
x-cache
TCP_HIT
date
Thu, 14 Nov 2024 03:03:17 GMT
content-type
application/x-javascript
last-modified
Thu, 15 Aug 2024 17:52:54 GMT
cache-control
public, max-age=31536000
x-ms-request-id
f1ba75de-801e-003b-25e6-35b95f000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
116365
x-azure-ref
20241114T030317Z-168674b4b8fzpvnmhC1MIL8b4c00000000n000000000dd2z
x-ms-blob-type
BlockBlob
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8D8731230C851A6
x-fd-int-roxy-purgeid
4554691
x-cache
TCP_HIT
date
Thu, 14 Nov 2024 03:03:17 GMT
content-type
image/x-icon
last-modified
Sun, 18 Oct 2020 03:02:03 GMT
cache-control
public, max-age=31536000
x-ms-request-id
84f390c8-b01e-0042-1026-36457b000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
17174
x-azure-ref
20241114T030317Z-168674b4b8fzpvnmhC1MIL8b4c00000000n000000000dd2y
x-ms-blob-type
BlockBlob
convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js
Requested by
Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_IzDt-l0Cuie0gYRUoEk15w2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc6804d058d5bd5b24fc04e479fc8973bef5d3efeafaa9c19c60a009bf0fac0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCBD531731891C
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
4554691
x-cache
TCP_HIT
date
Thu, 14 Nov 2024 03:03:17 GMT
content-type
application/x-javascript
last-modified
Thu, 15 Aug 2024 17:52:54 GMT
cache-control
public, max-age=31536000
x-ms-request-id
8c6118de-701e-005d-3572-35f67f000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
5529
x-azure-ref
20241114T030317Z-168674b4b8fzpvnmhC1MIL8b4c00000000n000000000dd33
x-ms-blob-type
BlockBlob
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DB5C3F48EC4154
x-fd-int-roxy-purgeid
4554691
x-cache
TCP_HIT
date
Thu, 14 Nov 2024 03:03:17 GMT
content-type
image/gif
last-modified
Wed, 24 May 2023 10:11:47 GMT
cache-control
public, max-age=31536000
x-ms-request-id
e1eb85a6-001e-0073-40e8-35ec7a000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
2672
x-azure-ref
20241114T030317Z-168674b4b8fzpvnmhC1MIL8b4c00000000n000000000dd34
x-ms-blob-type
BlockBlob
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DB5C3F4904824B
x-fd-int-roxy-purgeid
4554691
x-cache
TCP_HIT
date
Thu, 14 Nov 2024 03:03:17 GMT
content-type
image/gif
last-modified
Wed, 24 May 2023 10:11:48 GMT
cache-control
public, max-age=31536000
x-ms-request-id
0e27d8d4-a01e-002c-6bf7-341054000000
accept-ranges
bytes
access-control-allow-origin
*
content-length
3620
x-azure-ref
20241114T030317Z-168674b4b8fzpvnmhC1MIL8b4c00000000n000000000dd35
x-ms-blob-type
BlockBlob
illustration
aadcdn.msauthimages.net/dbd5a2dd-lvfty19r12rlvdzraxhgi5syt01aqayijmyl401eqvm/logintenantbranding/0/ 		484 KB
485 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/dbd5a2dd-lvfty19r12rlvdzraxhgi5syt01aqayijmyl401eqvm/logintenantbranding/0/illustration?ts=635961040368524316
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c -, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3245329f2f42714a1a15867a9ce379fe21d8de63543f4920880d940a1e1d8aa6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
YJWYIB3zb2f9j0d2TGONow==
cache-control
public, max-age=86400
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8D363325E5AB54D
x-content-type-options
nosniff
x-ms-request-id
7badb22b-c01e-0013-2041-3667ee000000
access-control-allow-origin
*
content-length
495714
date
Thu, 14 Nov 2024 03:03:18 GMT
content-type
image/png
last-modified
Wed, 13 Apr 2016 00:27:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-lvfty19r12rlvdzraxhgi5syt01aqayijmyl401eqvm/logintenantbranding/0/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msauthimages.net/dbd5a2dd-lvfty19r12rlvdzraxhgi5syt01aqayijmyl401eqvm/logintenantbranding/0/bannerlogo?ts=635961053094669725
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c -, , ASN (),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
060d475d9a55a44c478a903ecfd5c0d49c26eeb07d9fd18b1cc51639065629ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://login.microsoftonline.com/

Response headers

content-md5
PF2o8bnUdESBuT/qZPYVsA==
cache-control
public, max-age=86400
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
etag
0x8D3633554B65B24
x-content-type-options
nosniff
x-ms-request-id
a16a516b-301e-0017-7d41-36eae9000000
access-control-allow-origin
*
content-length
5270
date
Thu, 14 Nov 2024 03:03:17 GMT
content-type
image/png
last-modified
Wed, 13 Apr 2016 00:48:29 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
ssoprobe
autologon.microsoftazuread-sso.com/55749ab1-9d63-460d-bb1a-af1ae9958264/winauth/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
autologon.microsoftazuread-sso.com
URL
https://autologon.microsoftazuread-sso.com/55749ab1-9d63-460d-bb1a-af1ae9958264/winauth/ssoprobe?client-request-id=91dc5103-46b8-45a5-9c60-aff3fd3f3c6a&_=1731553397959

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Domain/Path Name / Value
app.training.fortinet.com/ Name: MoodleSessionSATS
Value: u49ove4ckifj7andsaslodi4p4
app.training.fortinet.com/ Name: MOODLETENANT1_SATS
Value: 1
app.training.fortinet.com/ Name: cookiesession1
Value: 678A3E1BE145A9DC7A5D45A95A988802
app.training.fortinet.com/ Name: MDL_SSP_SessID
Value: 302fdfffae7177b19cee8e2991a22394
login.microsoftonline.com/ Name: buid
Value: 1.AVcAsZp0VWOdDUa7Gq8a6ZWCZCOdAXwleYVGpzzawgfSQ-rbAABXAA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFe2TgxyVurPszZmL8ikXuE9NIDBiB-3kLATip258ZCRh45CrVXbIzR3q4JsV_jIN0UmOLJnum4EGvPFwOtGavPbhVsi9nPlerUDi74lf9N93cgAA
.login.microsoftonline.com/ Name: esctx
Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFe2aj1pCRJwIInyglV37JLNmVwVfpheI10yW-UE4pnktf-00pYLyrMPomv2AJws7mdSI-uNmoZbyJ0QIqdyCXM3lSx7TQte1gpE_V2ca3KQLQq3Waurhy-H4udteENcJl4HoM81heCteYPVekiCOjZZRjq0W9AGn346NgEjjT8RUEgAA
.login.microsoftonline.com/ Name: esctx-EKAyiVWEXeQ
Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFepfam272Jb8xB_hGre5bq3EI9SJySfpvUV5QeVnOSp37U_85ulHu_Ofe4hSTsfUuiANgOlBCDLgNQKRtYwEt2-lDjhxhV2LskwyKfk71OABfnqFE4Bc-uG5pMLDn_WZCv8xak2eO8h55GQeirCld21SAA
login.microsoftonline.com/ Name: fpc
Value: AmWeoewF5q1Ks42hUou5ZGGX4wPzAQAAAHRfx94OAAAA
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
app.training.fortinet.com
autologon.microsoftazuread-sso.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
securitytraining.trinityrocks.com
autologon.microsoftazuread-sso.com
142.250.74.195
20.190.159.64
2603:1026:3000:148::12
2606:2800:233:1cb7:261b:1f9c:2074:3c
2620:1ec:bdf::45
2a00:1450:4001:806::200a
2a04:4e42:200::485
3.91.211.14
34.49.193.36
060d475d9a55a44c478a903ecfd5c0d49c26eeb07d9fd18b1cc51639065629ab
3245329f2f42714a1a15867a9ce379fe21d8de63543f4920880d940a1e1d8aa6
3769162a04a640c3e701579f8754f982fac9d1d4e216c1df1e8143650d3189cd
43397dbf0543de9b426241f2b1cf98fac21d78c59992a7e12e4039218a5c42e9
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
6379d57694ecb499626f889744fb47d1979dde32c9f95bcaf48e318642a8c292
68c2994e21a564345eb3b4091dd2334c9cbddb0aecda45ee963c6de2e1629b93
732e36b4f8448517b5f6c7f088f642fd27d1b36d5209fa49c75de5ffdaa23107
79fdf9efaf30a5a983031f473a8a06b25a86fdf52a8573d863b1e027aa47e0c6
7cf597cf08d4d94b62030e5666b18b66e0cf3b2a8ecca06e033cef578f3d260a
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
9b409e4e72f25dafef47a46d2bf2d1e9099390f779251a1f0aad22fd3b3bc9e5
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
bc6804d058d5bd5b24fc04e479fc8973bef5d3efeafaa9c19c60a009bf0fac0b
d60579925b61d2e48dd13402e01cdb3ec8553937f78d67abacda16519a8f7a8e
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f4c97969b2e2ef5eb3fd13fc40822c7eeee7328c1b3fa1fd76bd398fda314f67