login.microsoftonline.com
Open in
urlscan Pro
2603:1036:3000:18::4
Public Scan
Submitted URL: https://securityawareness.buas.nl/
Effective URL: https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu7yQ05cW0gCZA2GBei2oMl26KWgb...
Submission: On February 29 via api from US — Scanned from US
Effective URL: https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu7yQ05cW0gCZA2GBei2oMl26KWgb...
Submission: On February 29 via api from US — Scanned from US
Summary
This website contacted 11 IPs
in 1 countries
across 11 domains to perform 28 HTTP transactions.
The main IP is 2603:1036:3000:18::4, located in
Boydton, United States and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is login.microsoftonline.com.
The Cisco Umbrella rank of the primary domain is 10.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 15th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 15th 2024. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 3 | 34.107.237.42 34.107.237.42 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 | 2a04:4e42:600... 2a04:4e42:600::485 | 54113 (FASTLY) (FASTLY) | |
| 1 | 2607:f8b0:400... 2607:f8b0:4006:822::200a | 15169 (GOOGLE) (GOOGLE) | |
| 2 | 2607:f8b0:400... 2607:f8b0:4006:821::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 2 4 | 44.199.160.6 44.199.160.6 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 3 | 2603:1036:300... 2603:1036:3000:18::4 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2620:1ec:bdf::40 2620:1ec:bdf::40 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 11 | 2606:2800:21f... 2606:2800:21f:1b88:6342:f8de:86c:e98b | 15133 (EDGECAST) (EDGECAST) | |
| 1 | 40.126.24.83 40.126.24.83 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 2 | 2620:1ec:46::40 2620:1ec:46::40 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2603:1036:300... 2603:1036:3000:18::1 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 28 | 11 |
3
34.107.237.42
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.237.107.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.237.107.34.bc.googleusercontent.com
| securityawareness.buas.nl |
4
44.199.160.6
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-160-6.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-160-6.compute-1.amazonaws.com
| app.training.fortinet.com |
3
2603:1036:3000:18::4
(Boydton, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.microsoftonline.com |
11
2606:2800:21f:1b88:6342:f8de:86c:e98b
(United States)
ASN15133 (EDGECAST, US)
ASN15133 (EDGECAST, US)
| aadcdn.msftauth.net |
2
2620:1ec:46::40
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| aadcdn.msftauthimages.net |
1
2603:1036:3000:18::1
(Boydton, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| autologon.microsoftazuread-sso.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 11 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 883 |
260 KB |
| 4 |
fortinet.com
2 redirects
app.training.fortinet.com |
650 KB |
| 3 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 10 |
28 KB |
| 3 |
buas.nl
securityawareness.buas.nl |
3 MB |
| 2 |
msftauthimages.net
aadcdn.msftauthimages.net — Cisco Umbrella Rank: 3189 |
126 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
62 KB |
| 1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com — Cisco Umbrella Rank: 1287 |
1 KB |
| 1 |
live.com
login.live.com — Cisco Umbrella Rank: 64 |
|
| 1 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 893 |
49 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32 |
1 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 306 |
26 KB |
| 28 | 11 |
| Domain | Requested by | |
|---|---|---|
| 11 | aadcdn.msftauth.net |
login.microsoftonline.com
aadcdn.msftauth.net |
| 4 | app.training.fortinet.com |
2 redirects
securityawareness.buas.nl
|
| 3 | login.microsoftonline.com |
securityawareness.buas.nl
aadcdn.msauth.net aadcdn.msftauth.net |
| 3 | securityawareness.buas.nl |
securityawareness.buas.nl
|
| 2 | aadcdn.msftauthimages.net | |
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | autologon.microsoftazuread-sso.com | |
| 1 | login.live.com |
login.microsoftonline.com
|
| 1 | aadcdn.msauth.net |
login.microsoftonline.com
|
| 1 | fonts.googleapis.com |
securityawareness.buas.nl
|
| 1 | cdn.jsdelivr.net |
securityawareness.buas.nl
|
| 28 | 11 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.microsoft.com |
| privacy.microsoft.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| securityawareness.buas.nl GTS CA 1D4 |
2024-02-29 - 2024-05-29 |
3 months | crt.sh |
| jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
| app.training.fortinet.com R3 |
2024-01-07 - 2024-04-06 |
3 months | crt.sh |
| stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2024-02-15 - 2025-02-15 |
a year | crt.sh |
| aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2024-01-29 - 2025-01-29 |
a year | crt.sh |
| aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-12-01 - 2024-12-01 |
a year | crt.sh |
| login.live.com DigiCert SHA2 Secure Server CA |
2024-02-09 - 2025-02-09 |
a year | crt.sh |
| aadcdn.msftauthimages.net Microsoft Azure RSA TLS Issuing CA 07 |
2024-02-18 - 2025-02-12 |
a year | crt.sh |
| autologon.microsoftazuread-sso.com DigiCert SHA2 Secure Server CA |
2024-02-09 - 2025-02-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu7yQ05cW0gCZA2GBei2oMl26KWgbaoRYEueKO%2Fx76fYLdoeWqA3geTH7yGuCPpukNvRn80t%2FhqRfPS37wzJqbFmozPSAmmSBnok6Rt53H69kSJO5eCst43t2AvI%2BwggQue1NSza79bsPi%2FzuhR1VWbLvE5RKNUUy6zO6uWVusIUQrWqClRVy6Kf6Cgg1ywsCnCiEfeGPBgfSqlY8FRwUZ2yQi6EzBZ3LNoFN9qAn1Bn7weSSdLZB23iXjfOklXemk4bjBvbJynk%2BbKsap6mecEXCksOpah4jm1aiQJUWRbJxaNg0fbJyLU1NPbojuh%2B6wZ%2F3N48U8EwxN6BNto8xMqGeYN%2BooKQ97wqoWF%2BcGgoHs7D2ygWHR4D%2F6RNG7rvZ13PQyS%2FnE4Hfvh%2BPLHN6kIlp%2Bzc5qMye%2FTQgoeLylXyctNqvqJvQcN%2Bd7Cdbv5Fn63rwb8tMYuzqaJbrqZRORoasNFKY%2FjtbdfZP9cOweOaeTciSzYz6etr3fwH&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EHFdoVbh7S7119goKOxDqxhWWDnzFjzjW0dtMdqXsJsEhmqLh%2BObxEV%2FmMCx6OSkH7l3H%2Fetklfu6nXyAm18WCUNQBST3p2MxJCXp%2BqAVLrObVGq2cYhWGELBMX0z2YTrH%2FtzXJTBT%2BsZzqsxdX1HWk2CV1z3y4qgeBwxMoSi2iZ3pHFlJD2CgxlCJwPb2sjOwAf%2BguRNScbHcgWgcp%2BzMgZ2P0tbXsVMXdzV6%2FgOtHbGWAkuZ%2FoQqx2oU1qw4aLEEltMtriyXeAJYncf%2B8bOBpXB2VQ320iK0zMoYEtljJvyKbVghGNy%2FZACNIuESqVzIEP01VqahcIS7DABuVGmw%3D%3D&sso_reload=true
Frame ID: 3AAE7D7815EC003C55CFD31AFFDB4988
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountPage URL History Show full URLs
- https://securityawareness.buas.nl/ Page URL
-
https://app.training.fortinet.com/local/bridge/launch.php?name=5741
HTTP 303
https://app.training.fortinet.com/auth/saml2/login.php?wants=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2... HTTP 302
https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu7yQ05cW... Page URL
- https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu7yQ05cW... Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://www.microsoft.com/en-US/servicesagreement/
Title: Terms of use
Title: Terms of use
Search URL Search Domain Scan URL
URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Privacy & cookies
Title: Privacy & cookies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://securityawareness.buas.nl/ Page URL
-
https://app.training.fortinet.com/local/bridge/launch.php?name=5741
HTTP 303
https://app.training.fortinet.com/auth/saml2/login.php?wants=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2Fbridge%2Flaunch.php&idp=376a04cf9f581374c8903243b274c1d2&wantsurl=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2Fbridge%2Flaunch.php HTTP 302
https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu7yQ05cW0gCZA2GBei2oMl26KWgbaoRYEueKO%2Fx76fYLdoeWqA3geTH7yGuCPpukNvRn80t%2FhqRfPS37wzJqbFmozPSAmmSBnok6Rt53H69kSJO5eCst43t2AvI%2BwggQue1NSza79bsPi%2FzuhR1VWbLvE5RKNUUy6zO6uWVusIUQrWqClRVy6Kf6Cgg1ywsCnCiEfeGPBgfSqlY8FRwUZ2yQi6EzBZ3LNoFN9qAn1Bn7weSSdLZB23iXjfOklXemk4bjBvbJynk%2BbKsap6mecEXCksOpah4jm1aiQJUWRbJxaNg0fbJyLU1NPbojuh%2B6wZ%2F3N48U8EwxN6BNto8xMqGeYN%2BooKQ97wqoWF%2BcGgoHs7D2ygWHR4D%2F6RNG7rvZ13PQyS%2FnE4Hfvh%2BPLHN6kIlp%2Bzc5qMye%2FTQgoeLylXyctNqvqJvQcN%2Bd7Cdbv5Fn63rwb8tMYuzqaJbrqZRORoasNFKY%2FjtbdfZP9cOweOaeTciSzYz6etr3fwH&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EHFdoVbh7S7119goKOxDqxhWWDnzFjzjW0dtMdqXsJsEhmqLh%2BObxEV%2FmMCx6OSkH7l3H%2Fetklfu6nXyAm18WCUNQBST3p2MxJCXp%2BqAVLrObVGq2cYhWGELBMX0z2YTrH%2FtzXJTBT%2BsZzqsxdX1HWk2CV1z3y4qgeBwxMoSi2iZ3pHFlJD2CgxlCJwPb2sjOwAf%2BguRNScbHcgWgcp%2BzMgZ2P0tbXsVMXdzV6%2FgOtHbGWAkuZ%2FoQqx2oU1qw4aLEEltMtriyXeAJYncf%2B8bOBpXB2VQ320iK0zMoYEtljJvyKbVghGNy%2FZACNIuESqVzIEP01VqahcIS7DABuVGmw%3D%3D Page URL
- https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu7yQ05cW0gCZA2GBei2oMl26KWgbaoRYEueKO%2Fx76fYLdoeWqA3geTH7yGuCPpukNvRn80t%2FhqRfPS37wzJqbFmozPSAmmSBnok6Rt53H69kSJO5eCst43t2AvI%2BwggQue1NSza79bsPi%2FzuhR1VWbLvE5RKNUUy6zO6uWVusIUQrWqClRVy6Kf6Cgg1ywsCnCiEfeGPBgfSqlY8FRwUZ2yQi6EzBZ3LNoFN9qAn1Bn7weSSdLZB23iXjfOklXemk4bjBvbJynk%2BbKsap6mecEXCksOpah4jm1aiQJUWRbJxaNg0fbJyLU1NPbojuh%2B6wZ%2F3N48U8EwxN6BNto8xMqGeYN%2BooKQ97wqoWF%2BcGgoHs7D2ygWHR4D%2F6RNG7rvZ13PQyS%2FnE4Hfvh%2BPLHN6kIlp%2Bzc5qMye%2FTQgoeLylXyctNqvqJvQcN%2Bd7Cdbv5Fn63rwb8tMYuzqaJbrqZRORoasNFKY%2FjtbdfZP9cOweOaeTciSzYz6etr3fwH&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EHFdoVbh7S7119goKOxDqxhWWDnzFjzjW0dtMdqXsJsEhmqLh%2BObxEV%2FmMCx6OSkH7l3H%2Fetklfu6nXyAm18WCUNQBST3p2MxJCXp%2BqAVLrObVGq2cYhWGELBMX0z2YTrH%2FtzXJTBT%2BsZzqsxdX1HWk2CV1z3y4qgeBwxMoSi2iZ3pHFlJD2CgxlCJwPb2sjOwAf%2BguRNScbHcgWgcp%2BzMgZ2P0tbXsVMXdzV6%2FgOtHbGWAkuZ%2FoQqx2oU1qw4aLEEltMtriyXeAJYncf%2B8bOBpXB2VQ320iK0zMoYEtljJvyKbVghGNy%2FZACNIuESqVzIEP01VqahcIS7DABuVGmw%3D%3D&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://app.training.fortinet.com/local/bridge/launch.php?name=5741 HTTP 303
- https://app.training.fortinet.com/auth/saml2/login.php?wants=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2Fbridge%2Flaunch.php&idp=376a04cf9f581374c8903243b274c1d2&wantsurl=https%3A%2F%2Fapp.training.fortinet.com%2Flocal%2Fbridge%2Flaunch.php HTTP 302
- https://login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/saml2?SAMLRequest=lVJLb9swDP4rhu7yQ05cW0gCZA2GBei2oMl26KWgbaoRYEueKO%2Fx76fYLdoeWqA3geTH7yGuCPpukNvRn80t%2FhqRfPS37wzJqbFmozPSAmmSBnok6Rt53H69kSJO5eCst43t2AvI%2BwggQue1NSza79bsPi%2FzuhR1VWbLvE5RKNUUy6zO6uWVusIUQrWqClRVy6Kf6Cgg1ywsCnCiEfeGPBgfSqlY8FRwUZ2yQi6EzBZ3LNoFN9qAn1Bn7weSSdLZB23iXjfOklXemk4bjBvbJynk%2BbKsap6mecEXCksOpah4jm1aiQJUWRbJxaNg0fbJyLU1NPbojuh%2B6wZ%2F3N48U8EwxN6BNto8xMqGeYN%2BooKQ97wqoWF%2BcGgoHs7D2ygWHR4D%2F6RNG7rvZ13PQyS%2FnE4Hfvh%2BPLHN6kIlp%2Bzc5qMye%2FTQgoeLylXyctNqvqJvQcN%2Bd7Cdbv5Fn63rwb8tMYuzqaJbrqZRORoasNFKY%2FjtbdfZP9cOweOaeTciSzYz6etr3fwH&RelayState=https%3A%2F%2Fapp.training.fortinet.com%2Fauth%2Fsaml2%2Flogin.php%3Fwants%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php%26idp%3D376a04cf9f581374c8903243b274c1d2%26wantsurl%3Dhttps%253A%252F%252Fapp.training.fortinet.com%252Flocal%252Fbridge%252Flaunch.php&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EHFdoVbh7S7119goKOxDqxhWWDnzFjzjW0dtMdqXsJsEhmqLh%2BObxEV%2FmMCx6OSkH7l3H%2Fetklfu6nXyAm18WCUNQBST3p2MxJCXp%2BqAVLrObVGq2cYhWGELBMX0z2YTrH%2FtzXJTBT%2BsZzqsxdX1HWk2CV1z3y4qgeBwxMoSi2iZ3pHFlJD2CgxlCJwPb2sjOwAf%2BguRNScbHcgWgcp%2BzMgZ2P0tbXsVMXdzV6%2FgOtHbGWAkuZ%2FoQqx2oU1qw4aLEEltMtriyXeAJYncf%2B8bOBpXB2VQ320iK0zMoYEtljJvyKbVghGNy%2FZACNIuESqVzIEP01VqahcIS7DABuVGmw%3D%3D
28 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
securityawareness.buas.nl/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ |
158 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.c7f6bc53.js
securityawareness.buas.nl/static/js/ |
3 MB 3 MB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.9880502f.css
securityawareness.buas.nl/static/css/ |
440 KB 440 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
locales.php
app.training.fortinet.com/local/bridge/ |
36 KB 37 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
server.php
app.training.fortinet.com/webservice/rest/ |
610 KB 610 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saml2
login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/ Redirect Chain
|
21 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BssoInterrupt_Core_GOwG3D936OfJ_-lzWtiHhg2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
138 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/0a33589b-0036-4fe8-a829-3ed0926af886/ |
40 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_1ito3russhq-9gioj-zd4w2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
110 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ConvergedLogin_PCore_bUKAij3pKdw2nFX-oqztYA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
423 KB 117 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ux.converged.login.strings-en.min_xtex5cpjr0k40urejm0fgg2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
54 KB 16 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pcustomizationloader_88c449fa421fff689c33.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
219 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pfetchsessionsprogress_0462e056de1841aa000f.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
illustration
aadcdn.msftauthimages.net/c1c6b6c8-cegpgpz3wlmb4hq9xxc-fbs1n6p0klbkthkaavotghk/logintenantbranding/0/ |
116 KB 117 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bannerlogo
aadcdn.msftauthimages.net/c1c6b6c8-cegpgpz3wlmb4hq9xxc-fbs1n6p0klbkthkaavotghk/logintenantbranding/0/ |
9 KB 9 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_white_8257b0707cbe1d0bd2661b80068676fe.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_986f40b5a9dc7d39ef8396797f61b323.gif
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/0a33589b-0036-4fe8-a829-3ed0926af886/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
265 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pstringcustomizationhelper_4152973e84228feee7fd.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
111 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
signin-options_3e3f6b73c3f310c31d2c4d131a8ab8c6.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
2 KB 786 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository object| Telemetry object| telemetry_webpackJsonp boolean| __ConvergedLogin_PCore boolean| __ boolean| __convergedlogin_pcustomizationloader_88c449fa421fff689c33 boolean| __convergedlogin_pfetchsessionsprogress_0462e056de1841aa000f boolean| __convergedlogin_pstringcustomizationhelper_4152973e84228feee7fd19 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| app.training.fortinet.com/ | Name: MoodleSessionSATS Value: 675o4lti71badgg6qrtirmubum |
|
| app.training.fortinet.com/ | Name: MOODLETENANT1_SATS Value: 1 |
|
| app.training.fortinet.com/ | Name: cookiesession1 Value: 678A3E203AA61D104A7BF6225799F0A9 |
|
| app.training.fortinet.com/ | Name: MDL_SSP_SessID Value: 1442981556c4b86c773fc8ff9f3d48f6 |
|
| .login.microsoftonline.com/ | Name: esctx-NLGpP9IFLkI Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8u5AUec7TvWmzpdjIBYB-6akrRTFXs4NXhqd_Xo4Yep6BSV3cYzwvxpK7kx8sCdLJu2evyXe7-AEc0_D3dXA0X5uzrp8NwjVSUGpIAowawl7f4tQzxa_FawyvhmAfdaaGBfv2MunZ3-9iHXBzenHxKyAA |
|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
| .login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
| login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
| login.microsoftonline.com/ | Name: buid Value: 0.AXMAm1gzCjYA6E-oKT7Qkmr4hgbunp3xu21PoIAoOgR-aYsQAQA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd84zQqUNzq5fHW69E7UFM33JvsikGPg5uwy5sPLy_QQD55Uo3qjKMsjhzO64L4wWel37OId6f5xAzXep855vSyRDcUllXTd5HclR6ZDbTShXogAA |
|
| .login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8uEba2AMJhVsq4IzupfZjAMwxJGrvymte8JBNqLOo3jBMH-pOQsj0r0n2czJl3m0BmfMNV8dRdO7_LFIZqFLYTFibkWmvmHlouJBB22KVDElpfccsyHBXKy6AlWSpo7YnXW8v84K2FQhdeGnejeqqQAnScSBzeUnqPTDC-Dq4V0ogAA |
|
| .login.microsoftonline.com/ | Name: esctx-NLYbBl0ZmmY Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8ip1FBqeRiZR2vhJ7m0sSFeZiOrhf0TxGgTc3Y1FS4fkRzstv-2KYNVxR_xscsDbLMd0riuQjtSLPtzo1eAiQzuJ3GL4JIQikJdkzeLOpgAqQfIh32efOrqlJM7StbRo7wTKF8MoRKHFtlWcN1iR5ISAA |
|
| login.microsoftonline.com/ | Name: fpc Value: ApuGde3HvCZNiNhbZgLPFiyxMLs2AQAAAOaqct0OAAAA |
|
| .login.microsoftonline.com/ | Name: brcap Value: 0 |
|
| .login.live.com/ | Name: uaid Value: e47d9b767f4d47748823ac86864aafc5 |
|
| .login.live.com/ | Name: MSPRequ Value: id=N<=1709224935&co=1 |
|
| autologon.microsoftazuread-sso.com/ | Name: fpc Value: Ap_4Y7DuplxNlqsQ5siLsy0 |
|
| autologon.microsoftazuread-sso.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| autologon.microsoftazuread-sso.com/ | Name: stsservicecookie Value: estsfd |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msftauth.net
aadcdn.msftauthimages.net
app.training.fortinet.com
autologon.microsoftazuread-sso.com
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
login.live.com
login.microsoftonline.com
securityawareness.buas.nl
2603:1036:3000:18::1
2603:1036:3000:18::4
2606:2800:21f:1b88:6342:f8de:86c:e98b
2607:f8b0:4006:821::2003
2607:f8b0:4006:822::200a
2620:1ec:46::40
2620:1ec:bdf::40
2a04:4e42:600::485
34.107.237.42
40.126.24.83
44.199.160.6
071ad70fc8866048863c35d1d85542ace7969d2ca68f28fbf42661c4d56aece2
1a4a2437e72df4da5141dddfeae6e8238a85284b4d875106f0e0e8b7f84ef8a7
2b79d5147c641ffb6c82a2bd02a4ef6621b5c34166cc303913c766df81e06174
3442e1003b57dae9937d26587f3a7c64183633c55eeab5d28bf459ff739c19e6
369a19539d9a12302ae80538db801155c95d73a232b028d3b7476f15eb099b55
43053d16fc8fe8371888cd473a0cfb505aa6894cbe938ad4bf0a9186584858ae
44c1362e04ebcb59e5938dd8b3c3374068d646b3dc2f1dbb58b4e101e0b8737e
474d6cff8faf64c2a144dc7ff53ba0b57497e46484cd296d084daf1bb49e03cb
4b01a0a34ce8ed4bc8a8713be0442d49da6a756236b7b4424622ca3dee820f41
4e72380674809977fa6deb139a665499b101ad45f5f0c36321b22dcd552c8e09
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
56115c913afcbbeb68a59c6856133693ee914c1a6e1e02ebf098de2cfcc57cc6
57dea09a2eb52f775f36a9cffb3cace707af10e2b83b7e002e0415e21539eab6
7fcb9cafbca321565477fb2ed62004f65cd72ee05db3d14f91f5e67cc338aaf8
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
aa8dbb0bb596a6da979981bb4ee8594ac5b2214d43a6878d9c36aa3f0cfd9efb
b1929eebc1fb383d6db843b846c166ee5074bc0c22431043a3f4c89752985e8a
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
d31fee87cb59619af7cf388d1846fdc150013be3af45660b265120e7ac938e20
d57b0ca769ab988c6c92c960fb648e377643ae829cac5b30d6ba8bd1974459b1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615