login.microsoftonline.com Open in urlscan Pro
40.126.32.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://securityawareness.buas.nl/
Effective URL:
https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJbSEJkDUYFqDbgibboZeBt...
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 23 via api (October 23rd 2024, 9:43:23 am UTC) from IT — Scanned from NL

Summary HTTP 26 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 26 HTTP transactions. The main IP is 40.126.32.133, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is login.microsoftonline.com. The Cisco Umbrella rank of the primary domain is 9.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 3rd 2024. Valid for: 6 months.

This is the only time login.microsoftonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	34.107.237.42 34.107.237.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
2 4	44.199.160.6 44.199.160.6	14618 (AMAZON-AES) (AMAZON-AES)
2	40.126.32.133 40.126.32.133	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	13.107.253.64 13.107.253.64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	40.126.32.76 40.126.32.76	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	152.199.21.175 152.199.21.175	15133 (EDGECAST) (EDGECAST)
1	20.190.159.71 20.190.159.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
26	10

4 34.107.237.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.237.107.34.bc.googleusercontent.com

securityawareness.buas.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.199.160.6 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-160-6.compute-1.amazonaws.com

app.training.fortinet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.126.32.133 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.107.253.64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.32.76 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.21.175 (Germany)

ASN15133 (EDGECAST, US)

aadcdn.msauthimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.159.71 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

autologon.microsoftazuread-sso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 860	338 KB
4	fortinet.com 2 redirects app.training.fortinet.com	676 KB
4	buas.nl securityawareness.buas.nl	3 MB
2	msauthimages.net aadcdn.msauthimages.net — Cisco Umbrella Rank: 3309	125 KB
2	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 9	17 KB
2	gstatic.com fonts.gstatic.com	65 KB
1	microsoftazuread-sso.com autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1101	1 KB
1	live.com login.live.com — Cisco Umbrella Rank: 63
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	26 KB
26	10

	Domain	Requested by
10	aadcdn.msauth.net	login.microsoftonline.com aadcdn.msauth.net
4	app.training.fortinet.com	2 redirects securityawareness.buas.nl
4	securityawareness.buas.nl	securityawareness.buas.nl
2	aadcdn.msauthimages.net
2	login.microsoftonline.com	securityawareness.buas.nl aadcdn.msauth.net
2	fonts.gstatic.com	fonts.googleapis.com
1	autologon.microsoftazuread-sso.com
1	login.live.com	login.microsoftonline.com
1	fonts.googleapis.com	securityawareness.buas.nl
1	cdn.jsdelivr.net	securityawareness.buas.nl
26	10

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
securityawareness.buas.nl WR3	`2024-10-22` - `2025-01-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
app.training.fortinet.com R10	`2024-09-03` - `2024-12-02`	3 months	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2024-09-03` - `2025-03-03`	6 months	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2024-07-30` - `2025-07-30`	a year	crt.sh
login.live.com DigiCert SHA2 Secure Server CA	`2024-08-28` - `2025-02-28`	6 months	crt.sh
aadcdn.msauthimages.net Microsoft Azure RSA TLS Issuing CA 03	`2024-06-04` - `2025-05-30`	a year	crt.sh
autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA	`2024-10-06` - `2025-04-06`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJbSEJkDUYFqDbgibboZeBtuhGgC15orzHv59id1h3aIHeCJIfvwe4Jui7Qe3GcLH3%2BH1ECsmvvrOkpsGGjd4qB2RIWeiRVGjUaffxTuWpUIN3wTWuY88gryOACH0wzrLksN%2Bwb8tl3Uq9kKXUZZvr5U1VYV2vZKE16KYsb6QQICVizZKv6CkiNyweinCiEQ%2BWAtgQWyJfcCl4XpxFpRaFysUDS%2FbRjbEQJtQlhIFUlnXu0di0N4135NrgbGcspo3rMwFFsSyrmgtRrPiixZJDmVe8QC2qfAVtWa6yq8ecJbu%2FRm6dpbFHf0L%2FwzT45f7uHxUMQxo8GGvsY9q6uG8xTFQQ855PZTTMBYeG0uEyvIxiyfEp8HfG6jh9Pet6XiL14Xw%2B8uPn05lt11cqNWXnt2%2BV2WMADQGuKtfZ80vr%2BYs%2BRQ2H%2FdF1pvmdvHe%2Bh%2FCyRJnKqWM0b6dVNVoasDGtQR0D7jr389YjBNyw4Edk2XYm%2Ff9bt38A&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EGMetMpBuIhe0qPL5BiE9bc44lcMV5bnTZNYV%2FKc%2BMiSjixkSHeJHiDtMpNwD%2Be0piEezl9MyZfRg2Ww8vfj7ZqoZXdUb47S86bChpm%2B3ExtFiLRS6wUX26Ki5%2BYqGvzuUcnlPBp%2FS8eppcRrtoYL7epHGnD5RhfF83wxSMqx8MQJMQ0LW2jQKo34yumZAsGp3sAoMAjruhD9bOOdE%2BQDPIGwhzyySzLcVXtMVvyIktufQCp5lDGvvP6gsgkC1Hb0TMnrfjxzbVUWQ47f6zBycvmtXm9%2FDyFqtHkbH5I3hii8wIvK3kY72uVWQie9UKnSiiD7HFSRTZ8Xo48RxMQsA%3D%3D
Frame ID: 382BCD7F02413F3FE920BC51BD264551
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aanmelden bij uw account

Page URL History Show full URLs

http://securityawareness.buas.nl/ HTTP 307
https://securityawareness.buas.nl/ Page URL
https://app.training.fortinet.com/local/bridge/launch.php?name=5741 HTTP 303
https://app.training.fortinet.com/auth/saml2/login.php?wants=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2... HTTP 302
https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJb... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

10
IPs

4
Countries

4287 kB
Transfer

5271 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/nl-NL/servicesagreement/
Title: Gebruiksvoorwaarden

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/nl-NL/privacystatement
Title: Privacy en cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://securityawareness.buas.nl/ HTTP 307
https://securityawareness.buas.nl/ Page URL
https://app.training.fortinet.com/local/bridge/launch.php?name=5741 HTTP 303
https://app.training.fortinet.com/auth/saml2/login.php?wants=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2Fbridge%2Flaunch.php&idp=376a04cf9f581374c8903243b274c1d2&wantsurl=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2Fbridge%2Flaunch.php HTTP 302
https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJbSEJkDUYFqDbgibboZeBtuhGgC15orzHv59id1h3aIHeCJIfvwe4Jui7Qe3GcLH3%2BH1ECsmvvrOkpsGGjd4qB2RIWeiRVGjUaffxTuWpUIN3wTWuY88gryOACH0wzrLksN%2Bwb8tl3Uq9kKXUZZvr5U1VYV2vZKE16KYsb6QQICVizZKv6CkiNyweinCiEQ%2BWAtgQWyJfcCl4XpxFpRaFysUDS%2FbRjbEQJtQlhIFUlnXu0di0N4135NrgbGcspo3rMwFFsSyrmgtRrPiixZJDmVe8QC2qfAVtWa6yq8ecJbu%2FRm6dpbFHf0L%2FwzT45f7uHxUMQxo8GGvsY9q6uG8xTFQQ855PZTTMBYeG0uEyvIxiyfEp8HfG6jh9Pet6XiL14Xw%2B8uPn05lt11cqNWXnt2%2BV2WMADQGuKtfZ80vr%2BYs%2BRQ2H%2FdF1pvmdvHe%2Bh%2FCyRJnKqWM0b6dVNVoasDGtQR0D7jr389YjBNyw4Edk2XYm%2Ff9bt38A&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EGMetMpBuIhe0qPL5BiE9bc44lcMV5bnTZNYV%2FKc%2BMiSjixkSHeJHiDtMpNwD%2Be0piEezl9MyZfRg2Ww8vfj7ZqoZXdUb47S86bChpm%2B3ExtFiLRS6wUX26Ki5%2BYqGvzuUcnlPBp%2FS8eppcRrtoYL7epHGnD5RhfF83wxSMqx8MQJMQ0LW2jQKo34yumZAsGp3sAoMAjruhD9bOOdE%2BQDPIGwhzyySzLcVXtMVvyIktufQCp5lDGvvP6gsgkC1Hb0TMnrfjxzbVUWQ47f6zBycvmtXm9%2FDyFqtHkbH5I3hii8wIvK3kY72uVWQie9UKnSiiD7HFSRTZ8Xo48RxMQsA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://securityawareness.buas.nl/ HTTP 307
https://securityawareness.buas.nl/

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
securityawareness.buas.nl/
Redirect Chain

http://securityawareness.buas.nl/
https://securityawareness.buas.nl/

1 KB
1 KB

213ms
129ms

Document
text/html

34.107.237.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityawareness.buas.nl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.237.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.237.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f4c97969b2e2ef5eb3fd13fc40822c7eeee7328c1b3fa1fd76bd398fda314f67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-length: 1026
content-type: text/html
date: Wed, 23 Oct 2024 09:43:16 GMT
etag: "0da36c4aa2d573df7754f95e446606f7"
last-modified: Tue, 27 Aug 2024 13:33:21 GMT
server: UploadServer
x-goog-generation: 1724765601798466
x-goog-hash: crc32c=/FP1jw== md5=DaNsSqLVc993VPleRGYG9w==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1026
x-guploader-uploadid: AHmUCY2RFmTgkN62-3OAJ_NwRGi0csWhSJFo8zdC5w_mnX3PY26ohcfsaUUl1az_zWQUMLjHEy6HcvgY1g

Redirect headers

Location: https://securityawareness.buas.nl/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 158 KB
26 KB 44ms
13ms Stylesheet
text/css 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

Requested by

Host: securityawareness.buas.nl
URL: https://securityawareness.buas.nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://securityawareness.buas.nl
Referer: https://securityawareness.buas.nl/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
age: 1831926
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 23 Oct 2024 09:43:17 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220126-FRA, cache-ams2100129-AMS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26291
x-jsd-version: 4.6.0

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 82ms
32ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;500;700&family=Roboto:wght@400;500&family=Lato:wght@300;400;500;700&display=swap

Requested by

Host: securityawareness.buas.nl
URL: https://securityawareness.buas.nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

ESF /

Resource Hash

732e36b4f8448517b5f6c7f088f642fd27d1b36d5209fa49c75de5ffdaa23107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://securityawareness.buas.nl/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:43:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 09:43:17 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 23 Oct 2024 09:43:17 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 main.c7141162.js Show response
securityawareness.buas.nl/static/js/ 3 MB
3 MB 156ms
155ms Script
text/javascript 34.107.237.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityawareness.buas.nl/static/js/main.c7141162.js
Requested by: Host: securityawareness.buas.nl
URL: https://securityawareness.buas.nl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.237.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.237.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 43397dbf0543de9b426241f2b1cf98fac21d78c59992a7e12e4039218a5c42e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://securityawareness.buas.nl/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=WTpmug==, md5=0KJ5nMKHqInaaOxpqSfXaQ==
etag: "d0a2799cc287a889da68ec69a927d769"
age: 0
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2637259
date: Wed, 23 Oct 2024 09:43:17 GMT
last-modified: Tue, 27 Aug 2024 13:33:17 GMT
content-type: text/javascript
x-guploader-uploadid: AHmUCY1wmr4jcfNqzbrmOZcFPS2vylfheUTF-u4ncp6hPlZgktQkETEbOP6tLm9KnklDSejCQzajKtiVyw
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1724765597769550
content-length: 2637259
server: UploadServer

GET
H2 200 main.f286f5ac.css
securityawareness.buas.nl/static/css/ 460 KB
460 KB 134ms
133ms Stylesheet
text/css 34.107.237.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityawareness.buas.nl/static/css/main.f286f5ac.css
Requested by: Host: securityawareness.buas.nl
URL: https://securityawareness.buas.nl/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.237.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.237.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3769162a04a640c3e701579f8754f982fac9d1d4e216c1df1e8143650d3189cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://securityawareness.buas.nl/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=vdz3kg==, md5=pyp5k9+/8UwMTAyIUBXaRQ==
etag: "a72a7993dfbff14c0c4c0c885015da45"
age: 0
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 470781
date: Wed, 23 Oct 2024 09:43:17 GMT
last-modified: Tue, 27 Aug 2024 13:33:12 GMT
content-type: text/css
x-guploader-uploadid: AHmUCY2UBaR2mr8JfM4nU49KhZBCyZ-L3z418uMvG4YV2LFkagx2Dt-3MhBNSLlI_U7pWEn3wI1tFcXtiA
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1724765592085096
content-length: 470781
server: UploadServer

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 68ms
20ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;500;700&family=Roboto:wght@400;500&family=Lato:wght@300;400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://securityawareness.buas.nl
Referer: https://fonts.googleapis.com/

Response headers

age: 73475
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
47 KB 75ms
28ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;500;700&family=Roboto:wght@400;500&family=Lato:wght@300;400;500;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://securityawareness.buas.nl
Referer: https://fonts.googleapis.com/

Response headers

age: 62593
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:20:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:20:04 GMT
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48444
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK locales.php Show response
app.training.fortinet.com/local/bridge/ 37 KB
37 KB 384ms
143ms Fetch
application/json 44.199.160.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.training.fortinet.com/local/bridge/locales.php?plugin=local_bridge&locale=en_us

Requested by

Host: securityawareness.buas.nl
URL: https://securityawareness.buas.nl/static/js/main.c7141162.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.199.160.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-199-160-6.compute-1.amazonaws.com

Software

XXXXXXXXXXXXXXXXXXXXXXX /

Resource Hash

7cf597cf08d4d94b62030e5666b18b66e0cf3b2a8ecca06e033cef578f3d260a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://securityawareness.buas.nl/

Response headers

Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: *
content-length: 37730
Date: Wed, 23 Oct 2024 09:43:18 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Server: XXXXXXXXXXXXXXXXXXXXXXX

GET
H/1.1 200
OK server.php Show response
app.training.fortinet.com/webservice/rest/ 635 KB
636 KB 558ms
320ms Fetch
application/json 44.199.160.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.training.fortinet.com/webservice/rest/server.php?domainname=securityawareness.buas.nl&moodlewsrestformat=json&wsfunction=local_bridge_get_style_info_by_domain&wstoken=d2b050c9ff4099a35089ea0d20ef30bb

Requested by

Host: securityawareness.buas.nl
URL: https://securityawareness.buas.nl/static/js/main.c7141162.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

44.199.160.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-199-160-6.compute-1.amazonaws.com

Software

XXXXXXXXXXXXXXXXXXXXXXX /

Resource Hash

7923fcf5fe398a9d227f080d622544dd9eb0bda2d702c4d4260497255200c26c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://securityawareness.buas.nl/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: private, must-revalidate, pre-check=0, post-check=0, max-age=0
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Accept-Ranges: none
Access-Control-Allow-Origin: *
Date: Wed, 23 Oct 2024 09:43:18 GMT
Content-Type: application/json
Server: XXXXXXXXXXXXXXXXXXXXXXX

GET
H3 200 logo_red.png
securityawareness.buas.nl/ 2 KB
2 KB 126ms
125ms Other
image/png 34.107.237.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://securityawareness.buas.nl/logo_red.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.237.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 42.237.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9b409e4e72f25dafef47a46d2bf2d1e9099390f779251a1f0aad22fd3b3bc9e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://securityawareness.buas.nl/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=e3gzRw==, md5=gFlJ21+chzTx+3ZJYvVLdg==
etag: "805949db5f9c8734f1fb764962f54b76"
age: 0
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1571
date: Wed, 23 Oct 2024 09:43:17 GMT
last-modified: Tue, 27 Aug 2024 13:33:22 GMT
content-type: image/png
x-guploader-uploadid: AHmUCY1HiwDWAqCOUzsDUVzxUylUpCEbpdsoUmpIl-gs_Sk0FBNTdY9aXaLXaLCrWKD9YnSrRjgmm8r16w
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1724765602556273
content-length: 1571
server: UploadServer

GET
H2

200

Primary Request saml2 Show response
login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/
Redirect Chain

https://app.training.fortinet.com/local/bridge/launch.php?name=5741
https://app.training.fortinet.com/auth/saml2/login.php?wants=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2Fbridge%2Flaunch.php&idp=376a04cf9f581374c8903243b274c1d2&wantsurl=https%3A%2F%2Fapp.tr...
https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJbSEJkDUYFqDbgibboZeBtuhGgC15orzHv59id1h3aIHeCJIfvwe4Jui7Qe3GcLH3%2BH1ECsmvvrOkpsGGjd4qB2...

41 KB
16 KB

143ms
77ms

Document
text/html

40.126.32.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJbSEJkDUYFqDbgibboZeBtuhGgC15orzHv59id1h3aIHeCJIfvwe4Jui7Qe3GcLH3%2BH1ECsmvvrOkpsGGjd4qB2RIWeiRVGjUaffxTuWpUIN3wTWuY88gryOACH0wzrLksN%2Bwb8tl3Uq9kKXUZZvr5U1VYV2vZKE16KYsb6QQICVizZKv6CkiNyweinCiEQ%2BWAtgQWyJfcCl4XpxFpRaFysUDS%2FbRjbEQJtQlhIFUlnXu0di0N4135NrgbGcspo3rMwFFsSyrmgtRrPiixZJDmVe8QC2qfAVtWa6yq8ecJbu%2FRm6dpbFHf0L%2FwzT45f7uHxUMQxo8GGvsY9q6uG8xTFQQ855PZTTMBYeG0uEyvIxiyfEp8HfG6jh9Pet6XiL14Xw%2B8uPn05lt11cqNWXnt2%2BV2WMADQGuKtfZ80vr%2BYs%2BRQ2H%2FdF1pvmdvHe%2Bh%2FCyRJnKqWM0b6dVNVoasDGtQR0D7jr389YjBNyw4Edk2XYm%2Ff9bt38A&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EGMetMpBuIhe0qPL5BiE9bc44lcMV5bnTZNYV%2FKc%2BMiSjixkSHeJHiDtMpNwD%2Be0piEezl9MyZfRg2Ww8vfj7ZqoZXdUb47S86bChpm%2B3ExtFiLRS6wUX26Ki5%2BYqGvzuUcnlPBp%2FS8eppcRrtoYL7epHGnD5RhfF83wxSMqx8MQJMQ0LW2jQKo34yumZAsGp3sAoMAjruhD9bOOdE%2BQDPIGwhzyySzLcVXtMVvyIktufQCp5lDGvvP6gsgkC1Hb0TMnrfjxzbVUWQ47f6zBycvmtXm9%2FDyFqtHkbH5I3hii8wIvK3kY72uVWQie9UKnSiiD7HFSRTZ8Xo48RxMQsA%3D%3D

Requested by

Host: securityawareness.buas.nl
URL: https://securityawareness.buas.nl/static/js/main.c7141162.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.126.32.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b452a09a95fccd30026974ec5e915623a45c0366b6a8b8a23ca7883bd7ee1f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://securityawareness.buas.nl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
content-length: 15157
content-type: text/html; charset=utf-8
date: Wed, 23 Oct 2024 09:43:20 GMT
expires: -1
link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: DENY
x-ms-ests-server: 2.1.19184.6 - FRC ProdSlices
x-ms-request-id: 2526c85a-c98b-4b7f-93f8-6ab04c574800
x-ms-srs: 1.P
x-xss-protection: 0

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Wed, 23 Oct 2024 09:43:20 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJbSEJkDUYFqDbgibboZeBtuhGgC15orzHv59id1h3aIHeCJIfvwe4Jui7Qe3GcLH3%2BH1ECsmvvrOkpsGGjd4qB2RIWeiRVGjUaffxTuWpUIN3wTWuY88gryOACH0wzrLksN%2Bwb8tl3Uq9kKXUZZvr5U1VYV2vZKE16KYsb6QQICVizZKv6CkiNyweinCiEQ%2BWAtgQWyJfcCl4XpxFpRaFysUDS%2FbRjbEQJtQlhIFUlnXu0di0N4135NrgbGcspo3rMwFFsSyrmgtRrPiixZJDmVe8QC2qfAVtWa6yq8ecJbu%2FRm6dpbFHf0L%2FwzT45f7uHxUMQxo8GGvsY9q6uG8xTFQQ855PZTTMBYeG0uEyvIxiyfEp8HfG6jh9Pet6XiL14Xw%2B8uPn05lt11cqNWXnt2%2BV2WMADQGuKtfZ80vr%2BYs%2BRQ2H%2FdF1pvmdvHe%2Bh%2FCyRJnKqWM0b6dVNVoasDGtQR0D7jr389YjBNyw4Edk2XYm%2Ff9bt38A&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EGMetMpBuIhe0qPL5BiE9bc44lcMV5bnTZNYV%2FKc%2BMiSjixkSHeJHiDtMpNwD%2Be0piEezl9MyZfRg2Ww8vfj7ZqoZXdUb47S86bChpm%2B3ExtFiLRS6wUX26Ki5%2BYqGvzuUcnlPBp%2FS8eppcRrtoYL7epHGnD5RhfF83wxSMqx8MQJMQ0LW2jQKo34yumZAsGp3sAoMAjruhD9bOOdE%2BQDPIGwhzyySzLcVXtMVvyIktufQCp5lDGvvP6gsgkC1Hb0TMnrfjxzbVUWQ47f6zBycvmtXm9%2FDyFqtHkbH5I3hii8wIvK3kY72uVWQie9UKnSiiD7HFSRTZ8Xo48RxMQsA%3D%3D
Pragma: no-cache
Server: XXXXXXXXXXXXXXXXXXXXXXX
Strict-Transport-Security: max-age=31536000
content-length: 4783

GET
H2 200 converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 111 KB
20 KB 141ms
47ms Stylesheet
text/css 13.107.253.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_nin8k2ycrbzww8zl5vxkaq2.css
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJbSEJkDUYFqDbgibboZeBtuhGgC15orzHv59id1h3aIHeCJIfvwe4Jui7Qe3GcLH3%2BH1ECsmvvrOkpsGGjd4qB2RIWeiRVGjUaffxTuWpUIN3wTWuY88gryOACH0wzrLksN%2Bwb8tl3Uq9kKXUZZvr5U1VYV2vZKE16KYsb6QQICVizZKv6CkiNyweinCiEQ%2BWAtgQWyJfcCl4XpxFpRaFysUDS%2FbRjbEQJtQlhIFUlnXu0di0N4135NrgbGcspo3rMwFFsSyrmgtRrPiixZJDmVe8QC2qfAVtWa6yq8ecJbu%2FRm6dpbFHf0L%2FwzT45f7uHxUMQxo8GGvsY9q6uG8xTFQQ855PZTTMBYeG0uEyvIxiyfEp8HfG6jh9Pet6XiL14Xw%2B8uPn05lt11cqNWXnt2%2BV2WMADQGuKtfZ80vr%2BYs%2BRQ2H%2FdF1pvmdvHe%2Bh%2FCyRJnKqWM0b6dVNVoasDGtQR0D7jr389YjBNyw4Edk2XYm%2Ff9bt38A&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EGMetMpBuIhe0qPL5BiE9bc44lcMV5bnTZNYV%2FKc%2BMiSjixkSHeJHiDtMpNwD%2Be0piEezl9MyZfRg2Ww8vfj7ZqoZXdUb47S86bChpm%2B3ExtFiLRS6wUX26Ki5%2BYqGvzuUcnlPBp%2FS8eppcRrtoYL7epHGnD5RhfF83wxSMqx8MQJMQ0LW2jQKo34yumZAsGp3sAoMAjruhD9bOOdE%2BQDPIGwhzyySzLcVXtMVvyIktufQCp5lDGvvP6gsgkC1Hb0TMnrfjxzbVUWQ47f6zBycvmtXm9%2FDyFqtHkbH5I3hii8wIvK3kY72uVWQie9UKnSiiD7HFSRTZ8Xo48RxMQsA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 68c2994e21a564345eb3b4091dd2334c9cbddb0aecda45ee963c6de2e1629b93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://login.microsoftonline.com
Referer: https://login.microsoftonline.com/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCDDAAF34D1A25
x-ms-lease-status: unlocked
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 09:43:20 GMT
content-type: text/css
last-modified: Wed, 25 Sep 2024 21:42:27 GMT
cache-control: public, max-age=31536000
x-ms-request-id: 3579a84c-301e-0073-66c3-20a468000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20400
x-azure-ref: 20241023T094320Z-1778f6874c7ft52v42z036c8c400000008s000000000cdga
x-ms-blob-type: BlockBlob

GET
H2 200 ConvergedLogin_PCore_DQTmGfOEMmPUR-Vehc8U6Q2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 439 KB
120 KB 142ms
48ms Script
application/x-javascript 13.107.253.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_DQTmGfOEMmPUR-Vehc8U6Q2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJbSEJkDUYFqDbgibboZeBtuhGgC15orzHv59id1h3aIHeCJIfvwe4Jui7Qe3GcLH3%2BH1ECsmvvrOkpsGGjd4qB2RIWeiRVGjUaffxTuWpUIN3wTWuY88gryOACH0wzrLksN%2Bwb8tl3Uq9kKXUZZvr5U1VYV2vZKE16KYsb6QQICVizZKv6CkiNyweinCiEQ%2BWAtgQWyJfcCl4XpxFpRaFysUDS%2FbRjbEQJtQlhIFUlnXu0di0N4135NrgbGcspo3rMwFFsSyrmgtRrPiixZJDmVe8QC2qfAVtWa6yq8ecJbu%2FRm6dpbFHf0L%2FwzT45f7uHxUMQxo8GGvsY9q6uG8xTFQQ855PZTTMBYeG0uEyvIxiyfEp8HfG6jh9Pet6XiL14Xw%2B8uPn05lt11cqNWXnt2%2BV2WMADQGuKtfZ80vr%2BYs%2BRQ2H%2FdF1pvmdvHe%2Bh%2FCyRJnKqWM0b6dVNVoasDGtQR0D7jr389YjBNyw4Edk2XYm%2Ff9bt38A&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EGMetMpBuIhe0qPL5BiE9bc44lcMV5bnTZNYV%2FKc%2BMiSjixkSHeJHiDtMpNwD%2Be0piEezl9MyZfRg2Ww8vfj7ZqoZXdUb47S86bChpm%2B3ExtFiLRS6wUX26Ki5%2BYqGvzuUcnlPBp%2FS8eppcRrtoYL7epHGnD5RhfF83wxSMqx8MQJMQ0LW2jQKo34yumZAsGp3sAoMAjruhD9bOOdE%2BQDPIGwhzyySzLcVXtMVvyIktufQCp5lDGvvP6gsgkC1Hb0TMnrfjxzbVUWQ47f6zBycvmtXm9%2FDyFqtHkbH5I3hii8wIvK3kY72uVWQie9UKnSiiD7HFSRTZ8Xo48RxMQsA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a286901d020dbb97bded75b5150d495ab28566b21735000058b598e0e6667e23

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://login.microsoftonline.com
Referer: https://login.microsoftonline.com/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCD83BB1CF3887
x-ms-lease-status: unlocked
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 09:43:20 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Sep 2024 23:43:27 GMT
cache-control: public, max-age=31536000
x-ms-request-id: baf08dd3-201e-0043-064a-1e250a000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 122065
x-azure-ref: 20241023T094320Z-1778f6874c7ft52v42z036c8c400000008s000000000cdgb
x-ms-blob-type: BlockBlob

GET
H2 200 ux.converged.login.strings-nl.min_hhykflc3phtvjc9hx9bnpw2.js Show response
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ 60 KB
17 KB 141ms
47ms Script
application/x-javascript 13.107.253.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-nl.min_hhykflc3phtvjc9hx9bnpw2.js
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJbSEJkDUYFqDbgibboZeBtuhGgC15orzHv59id1h3aIHeCJIfvwe4Jui7Qe3GcLH3%2BH1ECsmvvrOkpsGGjd4qB2RIWeiRVGjUaffxTuWpUIN3wTWuY88gryOACH0wzrLksN%2Bwb8tl3Uq9kKXUZZvr5U1VYV2vZKE16KYsb6QQICVizZKv6CkiNyweinCiEQ%2BWAtgQWyJfcCl4XpxFpRaFysUDS%2FbRjbEQJtQlhIFUlnXu0di0N4135NrgbGcspo3rMwFFsSyrmgtRrPiixZJDmVe8QC2qfAVtWa6yq8ecJbu%2FRm6dpbFHf0L%2FwzT45f7uHxUMQxo8GGvsY9q6uG8xTFQQ855PZTTMBYeG0uEyvIxiyfEp8HfG6jh9Pet6XiL14Xw%2B8uPn05lt11cqNWXnt2%2BV2WMADQGuKtfZ80vr%2BYs%2BRQ2H%2FdF1pvmdvHe%2Bh%2FCyRJnKqWM0b6dVNVoasDGtQR0D7jr389YjBNyw4Edk2XYm%2Ff9bt38A&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EGMetMpBuIhe0qPL5BiE9bc44lcMV5bnTZNYV%2FKc%2BMiSjixkSHeJHiDtMpNwD%2Be0piEezl9MyZfRg2Ww8vfj7ZqoZXdUb47S86bChpm%2B3ExtFiLRS6wUX26Ki5%2BYqGvzuUcnlPBp%2FS8eppcRrtoYL7epHGnD5RhfF83wxSMqx8MQJMQ0LW2jQKo34yumZAsGp3sAoMAjruhD9bOOdE%2BQDPIGwhzyySzLcVXtMVvyIktufQCp5lDGvvP6gsgkC1Hb0TMnrfjxzbVUWQ47f6zBycvmtXm9%2FDyFqtHkbH5I3hii8wIvK3kY72uVWQie9UKnSiiD7HFSRTZ8Xo48RxMQsA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ad0b42e0d41a9748101f0d1406249cf4fbe56f782feb580eac1723ec76a93f35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://login.microsoftonline.com
Referer: https://login.microsoftonline.com/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCC6D5384562AD
x-ms-lease-status: unlocked
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 09:43:20 GMT
content-type: application/x-javascript
last-modified: Tue, 27 Aug 2024 20:17:05 GMT
cache-control: public, max-age=31536000
x-ms-request-id: fc979e3e-301e-004f-59db-20b202000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17237
x-azure-ref: 20241023T094320Z-1778f6874c7ft52v42z036c8c400000008s000000000cdgc
x-ms-blob-type: BlockBlob

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 198ms
129ms Other
text/html 40.126.32.76
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJbSEJkDUYFqDbgibboZeBtuhGgC15orzHv59id1h3aIHeCJIfvwe4Jui7Qe3GcLH3%2BH1ECsmvvrOkpsGGjd4qB2RIWeiRVGjUaffxTuWpUIN3wTWuY88gryOACH0wzrLksN%2Bwb8tl3Uq9kKXUZZvr5U1VYV2vZKE16KYsb6QQICVizZKv6CkiNyweinCiEQ%2BWAtgQWyJfcCl4XpxFpRaFysUDS%2FbRjbEQJtQlhIFUlnXu0di0N4135NrgbGcspo3rMwFFsSyrmgtRrPiixZJDmVe8QC2qfAVtWa6yq8ecJbu%2FRm6dpbFHf0L%2FwzT45f7uHxUMQxo8GGvsY9q6uG8xTFQQ855PZTTMBYeG0uEyvIxiyfEp8HfG6jh9Pet6XiL14Xw%2B8uPn05lt11cqNWXnt2%2BV2WMADQGuKtfZ80vr%2BYs%2BRQ2H%2FdF1pvmdvHe%2Bh%2FCyRJnKqWM0b6dVNVoasDGtQR0D7jr389YjBNyw4Edk2XYm%2Ff9bt38A&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EGMetMpBuIhe0qPL5BiE9bc44lcMV5bnTZNYV%2FKc%2BMiSjixkSHeJHiDtMpNwD%2Be0piEezl9MyZfRg2Ww8vfj7ZqoZXdUb47S86bChpm%2B3ExtFiLRS6wUX26Ki5%2BYqGvzuUcnlPBp%2FS8eppcRrtoYL7epHGnD5RhfF83wxSMqx8MQJMQ0LW2jQKo34yumZAsGp3sAoMAjruhD9bOOdE%2BQDPIGwhzyySzLcVXtMVvyIktufQCp5lDGvvP6gsgkC1Hb0TMnrfjxzbVUWQ47f6zBycvmtXm9%2FDyFqtHkbH5I3hii8wIvK3kY72uVWQie9UKnSiiD7HFSRTZ8Xo48RxMQsA%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.32.76 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

GET
H2 200 convergedlogin_pcustomizationloader_117b650bccea354984d8.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 397 KB
114 KB 112ms
44ms Script
application/x-javascript 13.107.253.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_117b650bccea354984d8.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_DQTmGfOEMmPUR-Vehc8U6Q2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD5317046A2F
x-ms-lease-status: unlocked
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 09:43:20 GMT
content-type: application/x-javascript
last-modified: Thu, 15 Aug 2024 17:52:54 GMT
cache-control: public, max-age=31536000
x-ms-request-id: b7d3cabc-801e-003b-45c3-20b95f000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 116365
x-azure-ref: 20241023T094320Z-er1fbb6595fdkvhn5qdz17x4bc00000007mg000000009tex
x-ms-blob-type: BlockBlob

GET
H2 200 favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msauth.net/shared/1.0/content/images/ 17 KB
17 KB 62ms
44ms Other
image/x-icon 13.107.253.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D8731230C851A6
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 09:43:20 GMT
content-type: image/x-icon
last-modified: Sun, 18 Oct 2020 03:02:03 GMT
cache-control: public, max-age=31536000
x-ms-request-id: 6aca37c6-801e-0076-30c3-2076b3000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17174
x-azure-ref: 20241023T094320Z-er1fbb6595fdkvhn5qdz17x4bc00000007mg000000009tew
x-ms-blob-type: BlockBlob

GET
H2 200 convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
6 KB 24ms
24ms Script
application/x-javascript 13.107.253.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_d0a803279e7397bef834.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_DQTmGfOEMmPUR-Vehc8U6Q2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bc6804d058d5bd5b24fc04e479fc8973bef5d3efeafaa9c19c60a009bf0fac0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD531731891C
x-ms-lease-status: unlocked
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 09:43:20 GMT
content-type: application/x-javascript
last-modified: Thu, 15 Aug 2024 17:52:54 GMT
cache-control: public, max-age=31536000
x-ms-request-id: 56256b07-101e-0064-5ec3-200d63000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5529
x-azure-ref: 20241023T094320Z-er1fbb6595fdkvhn5qdz17x4bc00000007mg000000009tf1
x-ms-blob-type: BlockBlob

GET
H2 200 marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msauth.net/shared/1.0/content/images/ 3 KB
3 KB 24ms
23ms Image
image/gif 13.107.253.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DB5C3F48EC4154
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 09:43:20 GMT
content-type: image/gif
last-modified: Wed, 24 May 2023 10:11:47 GMT
cache-control: public, max-age=31536000
x-ms-request-id: 5a202d8a-d01e-0036-73c3-20718b000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2672
x-azure-ref: 20241023T094320Z-er1fbb6595fdkvhn5qdz17x4bc00000007mg000000009tf2
x-ms-blob-type: BlockBlob

GET
H2 200 marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msauth.net/shared/1.0/content/images/ 4 KB
4 KB 23ms
23ms Image
image/gif 13.107.253.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8DB5C3F4904824B
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 09:43:20 GMT
content-type: image/gif
last-modified: Wed, 24 May 2023 10:11:48 GMT
cache-control: public, max-age=31536000
x-ms-request-id: 5c6bef85-e01e-0019-17c3-203452000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3620
x-azure-ref: 20241023T094320Z-er1fbb6595fdkvhn5qdz17x4bc00000007mg000000009tf3
x-ms-blob-type: BlockBlob

GET
H2 200 illustration
aadcdn.msauthimages.net/c1c6b6c8-cegpgpz3wlmb4hq9xxc-fbs1n6p0klbkthkaavotghk/logintenantbranding/0/ 116 KB
116 KB 63ms
14ms Image
image/* 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aadcdn.msauthimages.net/c1c6b6c8-cegpgpz3wlmb4hq9xxc-fbs1n6p0klbkthkaavotghk/logintenantbranding/0/illustration?ts=637424043570240450

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , Germany, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/488A) /

Resource Hash

2b79d5147c641ffb6c82a2bd02a4ef6621b5c34166cc303913c766df81e06174

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

content-md5: o9f8wXWvoPm+EPMZs+5KGQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8D895CA586985E9
age: 85978
x-content-type-options: nosniff
x-cache: HIT
date: Wed, 23 Oct 2024 09:43:21 GMT
content-type: image/*
last-modified: Tue, 01 Dec 2020 07:25:57 GMT
cache-control: public, max-age=86400
x-ms-request-id: 23d17c88-f01e-0011-6967-241b29000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 118698
x-ms-blob-type: BlockBlob
server: ECAcc (ama/488A)

GET
H2 200 bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-cegpgpz3wlmb4hq9xxc-fbs1n6p0klbkthkaavotghk/logintenantbranding/0/ 9 KB
9 KB 88ms
39ms Image
image/* 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aadcdn.msauthimages.net/c1c6b6c8-cegpgpz3wlmb4hq9xxc-fbs1n6p0klbkthkaavotghk/logintenantbranding/0/bannerlogo?ts=637424042696504217

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , Germany, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4888) /

Resource Hash

d31fee87cb59619af7cf388d1846fdc150013be3af45660b265120e7ac938e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

content-md5: q0MGwcwRBJh3YdUpmLv+vQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8D895CA245B751F
age: 85978
x-content-type-options: nosniff
x-cache: HIT
date: Wed, 23 Oct 2024 09:43:21 GMT
content-type: image/*
last-modified: Tue, 01 Dec 2020 07:24:29 GMT
cache-control: public, max-age=86400
x-ms-request-id: 2b7b03b2-801e-0037-7467-24809d000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9187
x-ms-blob-type: BlockBlob
server: ECAcc (ama/4888)

GET
H/1.1 401
Unauthorized ssoprobe
autologon.microsoftazuread-sso.com/0a33589b-0036-4fe8-a829-3ed0926af886/winauth/ 12 B
1 KB 210ms
69ms Image
image/png 20.190.159.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autologon.microsoftazuread-sso.com/0a33589b-0036-4fe8-a829-3ed0926af886/winauth/ssoprobe?client-request-id=3a7b2cc5-4a85-4f6a-9545-ade0fddcc35c&_=1729676601005

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.190.159.71 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

x-ms-ests-server: 2.1.19184.6 - SEC ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+dub2"}]}
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, OPTIONS
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Date: Wed, 23 Oct 2024 09:43:20 GMT
Content-Type: image/png; charset=utf-8
Vary: Origin
Cache-Control: no-store, no-cache
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Pragma: no-cache
WWW-Authenticate: Negotiate
Access-Control-Allow-Credentials: true
Referrer-Policy: strict-origin-when-cross-origin
x-ms-request-id: 0620c04c-38e3-47e0-91d9-b4592e766300
Access-Control-Allow-Origin: https://login.microsoftonline.com
Content-Length: 12
X-XSS-Protection: 0

POST
H2 200 dssostatus Show response
login.microsoftonline.com/common/instrumentation/ 265 B
648 B 103ms
101ms XHR
application/json 40.126.32.133
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/dssostatus

Requested by

Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_DQTmGfOEMmPUR-Vehc8U6Q2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

40.126.32.133 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

685ac544406e9f7d7be537e84f747b4d986d0bb54fb532ab8c87d00eb9fbe7e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

hpgid: 1104
Referer: https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJbSEJkDUYFqDbgibboZeBtuhGgC15orzHv59id1h3aIHeCJIfvwe4Jui7Qe3GcLH3%2BH1ECsmvvrOkpsGGjd4qB2RIWeiRVGjUaffxTuWpUIN3wTWuY88gryOACH0wzrLksN%2Bwb8tl3Uq9kKXUZZvr5U1VYV2vZKE16KYsb6QQICVizZKv6CkiNyweinCiEQ%2BWAtgQWyJfcCl4XpxFpRaFysUDS%2FbRjbEQJtQlhIFUlnXu0di0N4135NrgbGcspo3rMwFFsSyrmgtRrPiixZJDmVe8QC2qfAVtWa6yq8ecJbu%2FRm6dpbFHf0L%2FwzT45f7uHxUMQxo8GGvsY9q6uG8xTFQQ855PZTTMBYeG0uEyvIxiyfEp8HfG6jh9Pet6XiL14Xw%2B8uPn05lt11cqNWXnt2%2BV2WMADQGuKtfZ80vr%2BYs%2BRQ2H%2FdF1pvmdvHe%2Bh%2FCyRJnKqWM0b6dVNVoasDGtQR0D7jr389YjBNyw4Edk2XYm%2Ff9bt38A&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EGMetMpBuIhe0qPL5BiE9bc44lcMV5bnTZNYV%2FKc%2BMiSjixkSHeJHiDtMpNwD%2Be0piEezl9MyZfRg2Ww8vfj7ZqoZXdUb47S86bChpm%2B3ExtFiLRS6wUX26Ki5%2BYqGvzuUcnlPBp%2FS8eppcRrtoYL7epHGnD5RhfF83wxSMqx8MQJMQ0LW2jQKo34yumZAsGp3sAoMAjruhD9bOOdE%2BQDPIGwhzyySzLcVXtMVvyIktufQCp5lDGvvP6gsgkC1Hb0TMnrfjxzbVUWQ47f6zBycvmtXm9%2FDyFqtHkbH5I3hii8wIvK3kY72uVWQie9UKnSiiD7HFSRTZ8Xo48RxMQsA%3D%3D
hpgact: 1900
canary: PAQABDgEAAADW6jl31mB3T7ugrWTT8pFed3OaN14pzZR2ZShVrE5riaIOq30sAOHj55dIzn8J63XjpJgrFk4zliG74-gInpVqd3CqJjKZl3XXvIzle4hs5WEY0_GMSuhII4ExG0W66K4cL0cQ1K-hElNDU7Q842MnmiiZgfTV5lDn8jSvrbKiLZF87ez_smgay7OruDTR8USj_Le5Nw616I-Yv34cUCD7OQDI7FNqUS1rzMdW5qo2syAA
client-request-id: 3a7b2cc5-4a85-4f6a-9545-ade0fddcc35c
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
hpgrequestid: 2526c85a-c98b-4b7f-93f8-6ab04c574800
Content-type: application/json; charset=UTF-8

Response headers

x-ms-ests-server: 2.1.19184.6 - SEC ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-content-type-options: nosniff
access-control-allow-methods: POST, OPTIONS
expires: -1
p3p: CP="DSP CUR OTPi IND OTRi ONL FIN"
date: Wed, 23 Oct 2024 09:43:21 GMT
content-type: application/json; charset=utf-8
x-ms-srs: 1.P
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store, no-cache
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
pragma: no-cache
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-ms-request-id: 21c916bf-ccf6-4aa2-af36-e425b8b15700
client-request-id: 3a7b2cc5-4a85-4f6a-9545-ade0fddcc35c
access-control-allow-origin: https://autologon.microsoftazuread-sso.com/
content-length: 265
x-xss-protection: 0

GET
H2 200 convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js Show response
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ 111 KB
35 KB 26ms
26ms Script
application/x-javascript 13.107.253.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pstringcustomizationhelper_4285088f1dbaf52a876d.js
Requested by: Host: aadcdn.msauth.net
URL: https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_DQTmGfOEMmPUR-Vehc8U6Q2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ddd0bb1c19b3d2d045bfcde85d2020bba57854c887a6691b66dba3da1bb3afbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCBD5317AEB807
x-ms-lease-status: unlocked
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 09:43:21 GMT
content-type: application/x-javascript
last-modified: Thu, 15 Aug 2024 17:52:55 GMT
cache-control: public, max-age=31536000
x-ms-request-id: 4eb7d7f3-d01e-0070-27c3-200d1e000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35168
x-azure-ref: 20241023T094321Z-er1fbb6595fdkvhn5qdz17x4bc00000007mg000000009tfq
x-ms-blob-type: BlockBlob

GET
H2 200 signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msauth.net/shared/1.0/content/images/ 2 KB
1 KB 32ms
31ms Image
image/svg+xml 13.107.253.64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.microsoftonline.com/

Response headers

access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DB5C3F49ED96E0
x-ms-lease-status: unlocked
x-fd-int-roxy-purgeid: 0
x-cache: TCP_HIT
date: Wed, 23 Oct 2024 09:43:21 GMT
content-type: image/svg+xml
last-modified: Wed, 24 May 2023 10:11:49 GMT
cache-control: public, max-age=31536000
x-ms-request-id: ac02397b-f01e-0031-1bc3-201de8000000
accept-ranges: bytes
access-control-allow-origin: *
content-length: 621
x-azure-ref: 20241023T094321Z-er1fbb6595fdkvhn5qdz17x4bc00000007mg000000009tfs
x-ms-blob-type: BlockBlob

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.training.fortinet.com/	1969-12-31 23:59:59	Name: MoodleSessionSATS Value: 98id4svqgg94fjdi8pgo9uld86
app.training.fortinet.com/	1970-01-21 01:54:20	Name: MOODLETENANT1_SATS Value: 1
app.training.fortinet.com/	1970-01-21 09:13:32	Name: cookiesession1 Value: 678A3E1B5F250B5BF14EEFAC8824AF29
app.training.fortinet.com/	1969-12-31 23:59:59	Name: MDL_SSP_SessID Value: b56d641ce741ecce33f3d4c02a16bc3f
login.microsoftonline.com/	1970-01-21 01:11:08	Name: buid Value: 0.AXMAm1gzCjYA6E-oKT7Qkmr4hgbunp3xu21PoIAoOgR-aYsQAQA.AQABGgEAAADW6jl31mB3T7ugrWTT8pFes_1EZ9_ZZnA4U-2JqPzpwRCNc1FPJ-K5EVy3yjMinrrpl5hkY7Huh0XsKSR26xHvvXvTw_dC4SBfBy3usE3g6kyvSZ5bvlsjwUVN26cNWDYgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: PAQABBwEAAADW6jl31mB3T7ugrWTT8pFek1HiVCa49H0hr3-dxVzVhVEkg1S1o7CA0STAX8jWD3u0qigsrMZwVigYdlVtZsoWSMfw3fJ2meUOaYNk7zJ_9HKhtpAoSNCKbMPBRB_dCJDrgFDjGKonp6IszRXsI_E__Y5ZHwHKb9ZTLPPrsLPdBzH6n3NPUohDa_IkPSB7hAIgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx-fHFyGs5CHaY Value: AQABCQEAAADW6jl31mB3T7ugrWTT8pFe-q878GUegXN060-rBXLKUJS316OtbOdz3mHtQMjXZidycvTTFFrtGGgIKC0rw_3bRA66zw--csDeZ_CZ0rvuGgVcDomuov8-J04GEsfrHi-hw85Sh_O_oY10xC3-DMN4w0lP7zJNXcPCh86twCbnRSAA
login.microsoftonline.com/	1970-01-21 01:11:08	Name: fpc Value: As7cy7XlyVZGigH7oCI2yDCxMLs2AQAAADi8qt4OAAAA
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1970-01-21 09:49:36	Name: brcap Value: 0
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 33be3e5aa7d142238c719f19545af773
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1729676600&co=1
autologon.microsoftazuread-sso.com/	1970-01-21 01:11:08	Name: fpc Value: AnH2tyL5m3ZCtNv-EXe5PGE
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
autologon.microsoftazuread-sso.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://autologon.microsoftazuread-sso.com/0a33589b-0036-4fe8-a829-3ed0926af886/winauth/ssoprobe?client-request-id=3a7b2cc5-4a85-4f6a-9545-ade0fddcc35c&_=1729676601005 Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
recommendation	verbose	URL: https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu6yJTtJbSEJkDUYFqDbgibboZeBtuhGgC15orzHv59id1h3aIHeCJIfvwe4Jui7Qe3GcLH3%2BH1ECsmvvrOkpsGGjd4qB2RIWeiRVGjUaffxTuWpUIN3wTWuY88gryOACH0wzrLksN%2Bwb8tl3Uq9kKXUZZvr5U1VYV2vZKE16KYsb6QQICVizZKv6CkiNyweinCiEQ%2BWAtgQWyJfcCl4XpxFpRaFysUDS%2FbRjbEQJtQlhIFUlnXu0di0N4135NrgbGcspo3rMwFFsSyrmgtRrPiixZJDmVe8QC2qfAVtWa6yq8ecJbu%2FRm6dpbFHf0L%2FwzT45f7uHxUMQxo8GGvsY9q6uG8xTFQQ855PZTTMBYeG0uEyvIxiyfEp8HfG6jh9Pet6XiL14Xw%2B8uPn05lt11cqNWXnt2%2BV2WMADQGuKtfZ80vr%2BYs%2BRQ2H%2FdF1pvmdvHe%2Bh%2FCyRJnKqWM0b6dVNVoasDGtQR0D7jr389YjBNyw4Edk2XYm%2Ff9bt38A&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EGMetMpBuIhe0qPL5BiE9bc44lcMV5bnTZNYV%2FKc%2BMiSjixkSHeJHiDtMpNwD%2Be0piEezl9MyZfRg2Ww8vfj7ZqoZXdUb47S86bChpm%2B3ExtFiLRS6wUX26Ki5%2BYqGvzuUcnlPBp%2FS8eppcRrtoYL7epHGnD5RhfF83wxSMqx8MQJMQ0LW2jQKo34yumZAsGp3sAoMAjruhD9bOOdE%2BQDPIGwhzyySzLcVXtMVvyIktufQCp5lDGvvP6gsgkC1Hb0TMnrfjxzbVUWQ47f6zBycvmtXm9%2FDyFqtHkbH5I3hii8wIvK3kY72uVWQie9UKnSiiD7HFSRTZ8Xo48RxMQsA%3D%3D Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msauthimages.net
app.training.fortinet.com
autologon.microsoftazuread-sso.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
securityawareness.buas.nl
13.107.253.64
142.250.181.227
151.101.193.229
152.199.21.175
172.217.18.10
20.190.159.71
34.107.237.42
40.126.32.133
40.126.32.76
44.199.160.6
2b79d5147c641ffb6c82a2bd02a4ef6621b5c34166cc303913c766df81e06174
3769162a04a640c3e701579f8754f982fac9d1d4e216c1df1e8143650d3189cd
43397dbf0543de9b426241f2b1cf98fac21d78c59992a7e12e4039218a5c42e9
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
685ac544406e9f7d7be537e84f747b4d986d0bb54fb532ab8c87d00eb9fbe7e9
68c2994e21a564345eb3b4091dd2334c9cbddb0aecda45ee963c6de2e1629b93
732e36b4f8448517b5f6c7f088f642fd27d1b36d5209fa49c75de5ffdaa23107
7923fcf5fe398a9d227f080d622544dd9eb0bda2d702c4d4260497255200c26c
7cf597cf08d4d94b62030e5666b18b66e0cf3b2a8ecca06e033cef578f3d260a
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
9b409e4e72f25dafef47a46d2bf2d1e9099390f779251a1f0aad22fd3b3bc9e5
a286901d020dbb97bded75b5150d495ab28566b21735000058b598e0e6667e23
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
ad0b42e0d41a9748101f0d1406249cf4fbe56f782feb580eac1723ec76a93f35
b452a09a95fccd30026974ec5e915623a45c0366b6a8b8a23ca7883bd7ee1f62
bc6804d058d5bd5b24fc04e479fc8973bef5d3efeafaa9c19c60a009bf0fac0b
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d31fee87cb59619af7cf388d1846fdc150013be3af45660b265120e7ac938e20
da4a8df0c326292b5bee9c732b3c962fd67aaf2f99d850f1bf65068d573c5619
ddd0bb1c19b3d2d045bfcde85d2020bba57854c887a6691b66dba3da1bb3afbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f4c97969b2e2ef5eb3fd13fc40822c7eeee7328c1b3fa1fd76bd398fda314f67

login.microsoftonline.com Open in urlscan Pro 40.126.32.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

0 %IPv6

10 Domains

10 Subdomains

10 IPs

4 Countries

4287 kBTransfer

5271 kBSize

16 Cookies

2 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

16 Cookies

login.microsoftonline.com Open in urlscan Pro
40.126.32.133 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

10
IPs

4
Countries

4287 kB
Transfer

5271 kB
Size

16
Cookies

26 HTTP transactions
0 data transactions