login.microsoftonline.com
Open in
urlscan Pro
20.190.160.67
Public Scan
Submitted URL: https://helpdesk.forwardair.com/
Effective URL: https://login.microsoftonline.com/79febf6a-42c3-430d-aa7a-0741ffb9b94c/saml2?SAMLRequest=lVLLjtowFP2VyPskzqMJsQCJgqoiTafRwHTRneNcg...
Submission: On April 18 via automatic, source certstream-suspicious — Scanned from DE
Effective URL: https://login.microsoftonline.com/79febf6a-42c3-430d-aa7a-0741ffb9b94c/saml2?SAMLRequest=lVLLjtowFP2VyPskzqMJsQCJgqoiTafRwHTRneNcg...
Submission: On April 18 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 6 IPs
in 2 countries
across 6 domains to perform 63 HTTP transactions.
The main IP is 20.190.160.67, located in
Amsterdam, Netherlands and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is login.microsoftonline.com.
The Cisco Umbrella rank of the primary domain is 26.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 23rd 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 23rd 2022. Valid for: a year.
This is the only time login.microsoftonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 48 | 149.96.47.34 149.96.47.34 | 16839 (SNC) (SNC) | |
| 3 | 20.190.160.67 20.190.160.67 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 10 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 20.190.159.4 20.190.159.4 | () () | |
| 2 | 152.199.23.72 152.199.23.72 | () () | |
| 1 | 2603:1027:1:1... 2603:1027:1:150::5 | () () | |
| 63 | 6 |
48
149.96.47.34
(United States)
ASN16839 (SNC, US)
PTR: vip-149-96-47-34.cust.service-now.com
ASN16839 (SNC, US)
PTR: vip-149-96-47-34.cust.service-now.com
| helpdesk.forwardair.com |
3
20.190.160.67
(Amsterdam, Netherlands)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| login.microsoftonline.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 48 |
forwardair.com
2 redirects
helpdesk.forwardair.com |
3 MB |
| 10 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1420 |
195 KB |
| 3 |
microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 26 |
107 KB |
| 2 |
msauthimages.net
aadcdn.msauthimages.net |
93 KB |
| 1 |
microsoftazuread-sso.com
autologon.microsoftazuread-sso.com |
1 KB |
| 1 |
live.com
login.live.com |
|
| 63 | 6 |
| Domain | Requested by | |
|---|---|---|
| 48 | helpdesk.forwardair.com |
2 redirects
helpdesk.forwardair.com
|
| 10 | aadcdn.msauth.net |
login.microsoftonline.com
aadcdn.msauth.net |
| 3 | login.microsoftonline.com |
helpdesk.forwardair.com
login.microsoftonline.com aadcdn.msauth.net |
| 2 | aadcdn.msauthimages.net | |
| 1 | autologon.microsoftazuread-sso.com | |
| 1 | login.live.com |
login.microsoftonline.com
|
| 63 | 6 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| helpdesk.forwardair.com R3 |
2022-04-18 - 2022-07-17 |
3 months | crt.sh |
| stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA |
2022-02-23 - 2023-02-23 |
a year | crt.sh |
| aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2022-02-22 - 2023-02-22 |
a year | crt.sh |
| graph.windows.net DigiCert SHA2 Secure Server CA |
2022-04-05 - 2023-04-05 |
a year | crt.sh |
| aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02 |
2021-06-08 - 2022-06-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.microsoftonline.com/79febf6a-42c3-430d-aa7a-0741ffb9b94c/saml2?SAMLRequest=lVLLjtowFP2VyPskzqMJsQCJgqoiTafRwHTRneNcg1XHTn0daP%2B%2BITAaZjEjVfLKPveel%2BfIO532bDX4o3mC3wOgD%2F502iC7vizI4AyzHBUywztA5gXbrb49sDSirHfWW2E1CVaI4LyyZm0NDh24HbiTEvD89LAgR%2B97ZHF8BN23gL8iad2Zu5YrFwnbxYafen6AqLUk2IwKlOGXVa%2BD2h6UiTolnEUrvTVaGZhGy0pCIwse5qnIwjyjbch5yUNa5omUTdVUuYgnKyT4Yp2AyemCSK4RSLDdLMjucf2JVlxKIRJoRZEmSU5pJSo6o006K8uiGIFYc0R1gtdRxAG2Bj03fkFSmqYhzcNktk8KRrPxRBnNfpKgvmX0WZlWmcPHgTZXELKv%2B30d1t93%2B2nBSbXgHkf0%2F2X5AxxOOY6ryXI%2BxcAm3e6%2B5I8l8ZdmyfKF%2B44SrzWHxp4v9PP4nuRG2bOL9O2mtlqJv8FKa3teO%2BB%2BtOPdAFMzHffv60iiZLpRbSgnKBsM9iCUVNCSeHmjffuPl%2F8A&RelayState=https%3A%2F%2Fhelpdesk.forwardair.com%2Fsp&sso_reload=true
Frame ID: 669068C69ED52996E04CC83701744C3D
Requests: 63 HTTP requests in this frame
Screenshot
Page Title
Bei Ihrem Konto anmeldenPage URL History Show full URLs
-
https://helpdesk.forwardair.com/
HTTP 302
https://helpdesk.forwardair.com/sp Page URL
-
https://helpdesk.forwardair.com/login_with_sso.do?glide_sso_id=a5ddd01d879289109a5cddb73cbb35fd
HTTP 302
https://helpdesk.forwardair.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.microsofto... Page URL
- https://login.microsoftonline.com/79febf6a-42c3-430d-aa7a-0741ffb9b94c/saml2?SAMLRequest=lVLLjtowFP2VyPskzqMJs... Page URL
- https://login.microsoftonline.com/79febf6a-42c3-430d-aa7a-0741ffb9b94c/saml2?SAMLRequest=lVLLjtowFP2VyPskzqMJs... Page URL
Detected technologies
AngularJS
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \bangular.{0,32}\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://helpdesk.forwardair.com/
HTTP 302
https://helpdesk.forwardair.com/sp Page URL
-
https://helpdesk.forwardair.com/login_with_sso.do?glide_sso_id=a5ddd01d879289109a5cddb73cbb35fd
HTTP 302
https://helpdesk.forwardair.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.microsoftonline.com%2F79febf6a-42c3-430d-aa7a-0741ffb9b94c%2Fsaml2%3FSAMLRequest%3DlVLLjtowFP2VyPskzqMJsQCJgqoiTafRwHTRneNcg1XHTn0daP%252B%252BITAaZjEjVfLKPveel%252BfIO532bDX4o3mC3wOgD%252F502iC7vizI4AyzHBUywztA5gXbrb49sDSirHfWW2E1CVaI4LyyZm0NDh24HbiTEvD89LAgR%252B97ZHF8BN23gL8iad2Zu5YrFwnbxYafen6AqLUk2IwKlOGXVa%252BD2h6UiTolnEUrvTVaGZhGy0pCIwse5qnIwjyjbch5yUNa5omUTdVUuYgnKyT4Yp2AyemCSK4RSLDdLMjucf2JVlxKIRJoRZEmSU5pJSo6o006K8uiGIFYc0R1gtdRxAG2Bj03fkFSmqYhzcNktk8KRrPxRBnNfpKgvmX0WZlWmcPHgTZXELKv%252B30d1t93%252B2nBSbXgHkf0%252F2X5AxxOOY6ryXI%252BxcAm3e6%252B5I8l8ZdmyfKF%252B44SrzWHxp4v9PP4nuRG2bOL9O2mtlqJv8FKa3teO%252BB%252BtOPdAFMzHffv60iiZLpRbSgnKBsM9iCUVNCSeHmjffuPl%252F8A%26RelayState%3Dhttps%253A%252F%252Fhelpdesk.forwardair.com%252Fsp Page URL
- https://login.microsoftonline.com/79febf6a-42c3-430d-aa7a-0741ffb9b94c/saml2?SAMLRequest=lVLLjtowFP2VyPskzqMJsQCJgqoiTafRwHTRneNcg1XHTn0daP%2B%2BITAaZjEjVfLKPveel%2BfIO532bDX4o3mC3wOgD%2F502iC7vizI4AyzHBUywztA5gXbrb49sDSirHfWW2E1CVaI4LyyZm0NDh24HbiTEvD89LAgR%2B97ZHF8BN23gL8iad2Zu5YrFwnbxYafen6AqLUk2IwKlOGXVa%2BD2h6UiTolnEUrvTVaGZhGy0pCIwse5qnIwjyjbch5yUNa5omUTdVUuYgnKyT4Yp2AyemCSK4RSLDdLMjucf2JVlxKIRJoRZEmSU5pJSo6o006K8uiGIFYc0R1gtdRxAG2Bj03fkFSmqYhzcNktk8KRrPxRBnNfpKgvmX0WZlWmcPHgTZXELKv%2B30d1t93%2B2nBSbXgHkf0%2F2X5AxxOOY6ryXI%2BxcAm3e6%2B5I8l8ZdmyfKF%2B44SrzWHxp4v9PP4nuRG2bOL9O2mtlqJv8FKa3teO%2BB%2BtOPdAFMzHffv60iiZLpRbSgnKBsM9iCUVNCSeHmjffuPl%2F8A&RelayState=https%3A%2F%2Fhelpdesk.forwardair.com%2Fsp Page URL
- https://login.microsoftonline.com/79febf6a-42c3-430d-aa7a-0741ffb9b94c/saml2?SAMLRequest=lVLLjtowFP2VyPskzqMJsQCJgqoiTafRwHTRneNcg1XHTn0daP%2B%2BITAaZjEjVfLKPveel%2BfIO532bDX4o3mC3wOgD%2F502iC7vizI4AyzHBUywztA5gXbrb49sDSirHfWW2E1CVaI4LyyZm0NDh24HbiTEvD89LAgR%2B97ZHF8BN23gL8iad2Zu5YrFwnbxYafen6AqLUk2IwKlOGXVa%2BD2h6UiTolnEUrvTVaGZhGy0pCIwse5qnIwjyjbch5yUNa5omUTdVUuYgnKyT4Yp2AyemCSK4RSLDdLMjucf2JVlxKIRJoRZEmSU5pJSo6o006K8uiGIFYc0R1gtdRxAG2Bj03fkFSmqYhzcNktk8KRrPxRBnNfpKgvmX0WZlWmcPHgTZXELKv%2B30d1t93%2B2nBSbXgHkf0%2F2X5AxxOOY6ryXI%2BxcAm3e6%2B5I8l8ZdmyfKF%2B44SrzWHxp4v9PP4nuRG2bOL9O2mtlqJv8FKa3teO%2BB%2BtOPdAFMzHffv60iiZLpRbSgnKBsM9iCUVNCSeHmjffuPl%2F8A&RelayState=https%3A%2F%2Fhelpdesk.forwardair.com%2Fsp&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://helpdesk.forwardair.com/ HTTP 302
- https://helpdesk.forwardair.com/sp
- https://helpdesk.forwardair.com/login_with_sso.do?glide_sso_id=a5ddd01d879289109a5cddb73cbb35fd HTTP 302
- https://helpdesk.forwardair.com/auth_redirect.do?sysparm_stack=no&sysparm_url=https%3A%2F%2Flogin.microsoftonline.com%2F79febf6a-42c3-430d-aa7a-0741ffb9b94c%2Fsaml2%3FSAMLRequest%3DlVLLjtowFP2VyPskzqMJsQCJgqoiTafRwHTRneNcg1XHTn0daP%252B%252BITAaZjEjVfLKPveel%252BfIO532bDX4o3mC3wOgD%252F502iC7vizI4AyzHBUywztA5gXbrb49sDSirHfWW2E1CVaI4LyyZm0NDh24HbiTEvD89LAgR%252B97ZHF8BN23gL8iad2Zu5YrFwnbxYafen6AqLUk2IwKlOGXVa%252BD2h6UiTolnEUrvTVaGZhGy0pCIwse5qnIwjyjbch5yUNa5omUTdVUuYgnKyT4Yp2AyemCSK4RSLDdLMjucf2JVlxKIRJoRZEmSU5pJSo6o006K8uiGIFYc0R1gtdRxAG2Bj03fkFSmqYhzcNktk8KRrPxRBnNfpKgvmX0WZlWmcPHgTZXELKv%252B30d1t93%252B2nBSbXgHkf0%252F2X5AxxOOY6ryXI%252BxcAm3e6%252B5I8l8ZdmyfKF%252B44SrzWHxp4v9PP4nuRG2bOL9O2mtlqJv8FKa3teO%252BB%252BtOPdAFMzHffv60iiZLpRbSgnKBsM9iCUVNCSeHmjffuPl%252F8A%26RelayState%3Dhttps%253A%252F%252Fhelpdesk.forwardair.com%252Fsp
63 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
sp
helpdesk.forwardair.com/ Redirect Chain
|
104 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sp-bootstrap.scss
helpdesk.forwardair.com/styles/scss/ |
205 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sp-a11y-resize-text.scss
helpdesk.forwardair.com/styles/scss/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sp-a11y-accessibility.scss
helpdesk.forwardair.com/styles/scss/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sn_banner.cssx
helpdesk.forwardair.com/styles/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js_includes_sp_libs_min.jsx
helpdesk.forwardair.com/scripts/ |
298 KB 105 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js_includes_sp.jsx
helpdesk.forwardair.com/scripts/ |
2 MB 510 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app_com.jsdbx
helpdesk.forwardair.com/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app_com.modelUtil.jsdbx
helpdesk.forwardair.com/ |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app_com.cxs.contextual_search.jsdbx
helpdesk.forwardair.com/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
retina_icons.css
helpdesk.forwardair.com/styles/retina_icons/ |
16 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app_com.aisa.app.jsdbx
helpdesk.forwardair.com/ |
125 B 765 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app_com.aisa.utils.jsdbx
helpdesk.forwardair.com/ |
928 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app_com.aisa.search.jsdbx
helpdesk.forwardair.com/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app_com.aisa.search_ui_action.jsdbx
helpdesk.forwardair.com/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app_com.aisa.feedback.jsdbx
helpdesk.forwardair.com/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
source-sans-pro-latin.css
helpdesk.forwardair.com/styles/fonts/source-sans-pro/ |
1 KB 800 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css_includes_$sp.css
helpdesk.forwardair.com/styles/ |
44 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sp-patch.css
helpdesk.forwardair.com/styles/ |
234 B 645 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.css
helpdesk.forwardair.com/scripts/icon-fonts/font-awesome/css/ |
35 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
page
helpdesk.forwardair.com/api/now/sp/ |
76 KB 14 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js_includes_sp_tinymce.js
helpdesk.forwardair.com/scripts/ |
387 KB 131 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
angular.do
helpdesk.forwardair.com/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
source-sans-pro-v11-latin-regular.woff2
helpdesk.forwardair.com/styles/fonts/source-sans-pro/ |
16 KB 16 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
angular-truncate.js
helpdesk.forwardair.com/scripts/ |
1 KB 976 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
79e5205bcb31120000f8d856634c9c5e
helpdesk.forwardair.com/api/now/sp/rectangle/ |
15 KB 4 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
6d14954d878a89100517873e0ebb3532.iix
helpdesk.forwardair.com/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
la_jolla_sp_login_background.png
helpdesk.forwardair.com/ |
937 KB 938 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
source-sans-pro-v11-latin-600.woff2
helpdesk.forwardair.com/styles/fonts/source-sans-pro/ |
15 KB 16 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
auth_redirect.do
helpdesk.forwardair.com/ Redirect Chain
|
26 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ConditionalFocus.jsdbx
helpdesk.forwardair.com/ |
376 B 890 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css_includes_doctype.cssx
helpdesk.forwardair.com/styles/ |
234 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
source_sans_pro.cssx
helpdesk.forwardair.com/styles/heisenberg/ |
2 KB 777 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
heisenberg_all.cssx
helpdesk.forwardair.com/styles/heisenberg/ |
297 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js_includes_doctype.jsx
helpdesk.forwardair.com/scripts/doctype/ |
1 MB 322 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js_includes_customer.jsx
helpdesk.forwardair.com/scripts/ |
63 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js_includes_legacy.jsx
helpdesk.forwardair.com/scripts/doctype/ |
63 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js_guided_tours_includes.jsx
helpdesk.forwardair.com/scripts/app.guided_tours/ |
16 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js_includes_last_doctype.jsx
helpdesk.forwardair.com/scripts/doctype/ |
241 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
heisenberg_all.jsx
helpdesk.forwardair.com/scripts/heisenberg/ |
153 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
js_includes_list_edit_doctype.jsx
helpdesk.forwardair.com/scripts/ |
185 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
transaction_scope_includes.jsx
helpdesk.forwardair.com/scripts/ |
1 KB 935 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
z_last_include.jsx
helpdesk.forwardair.com/scripts/doctype/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
legacy
helpdesk.forwardair.com/api/now/ui/date_time/ |
18 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
retina_icons.woff
helpdesk.forwardair.com/styles/retina_icons/ |
57 KB 58 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SourceSansPro-Regular.otf.woff
helpdesk.forwardair.com/styles/fonts/source-sans-pro/ |
130 KB 131 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saml2
login.microsoftonline.com/79febf6a-42c3-430d-aa7a-0741ffb9b94c/ |
150 KB 55 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
saml2
login.microsoftonline.com/79febf6a-42c3-430d-aa7a-0741ffb9b94c/ |
196 KB 51 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ConvergedLogin_PCore_N1XSfiYDhQPZjBMRueRwEQ2.js
aadcdn.msauth.net/shared/1.0/content/js/ |
377 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_zmhwgv_kbcs-aml46kcgfg2.css
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ux.converged.login.strings-de.min_jbo4q0a6evmlnhancyz2ag2.js
aadcdn.msauth.net/ests/2.1/content/cdnbundles/ |
0 14 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pfetchsessionsprogress_637a7991eee3ec8103fb.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pcustomizationloader_b0394dd6769758088538.js
aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/ |
107 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
illustration
aadcdn.msauthimages.net/dbd5a2dd-0pywrgx39x-nmsyy2h-of7kz3mrseg7lok6bkraaehw/logintenantbranding/0/ |
87 KB 87 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bannerlogo
aadcdn.msauthimages.net/dbd5a2dd-0pywrgx39x-nmsyy2h-of7kz3mrseg7lok6bkraaehw/logintenantbranding/0/ |
6 KB 6 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_white_166de53471265253ab3a456defe6da23.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
marching_ants_b540a8e518037192e32c4fe58bf2dbab.gif
aadcdn.msauth.net/shared/1.0/content/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ssoprobe
autologon.microsoftazuread-sso.com/79febf6a-42c3-430d-aa7a-0741ffb9b94c/winauth/ |
12 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
dssostatus
login.microsoftonline.com/common/instrumentation/ |
264 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
signin-options_4e48046ce74f4b89d45037c90576bfac.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| $Config object| $Debug object| $Do function| $Loader object| $WebWatson function| GetString function| GetErrorString function| GetUrl object| $B object| ServerData object| webpackJsonp object| ko object| PROOF object| StringRepository boolean| __ConvergedLogin_PCore boolean| __ object| Telemetry object| telemetry_webpackJsonp14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| helpdesk.forwardair.com/ | Name: BIGipServerpool_forwardair Value: 7e423eb31915e3f6140616f01392e4db |
|
| helpdesk.forwardair.com/ | Name: JSESSIONID Value: 14781E11657236FFEDDB7643453BC29E |
|
| helpdesk.forwardair.com/ | Name: glide_user_route Value: glide.8b05695fde72f953c4a69d206900c339 |
|
| helpdesk.forwardair.com/ | Name: __CJ_g_startTime Value: %221650297784398%22 |
|
| login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
| login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
| .login.microsoftonline.com/ | Name: AADSSO Value: NA|NoExtension |
|
| login.microsoftonline.com/ | Name: SSOCOOKIEPULLED Value: 1 |
|
| login.microsoftonline.com/ | Name: buid Value: 0.ASkAar_-ecNCDUOqegdB_7m5TA3NvT4pWyhOphf0wVFnheYpAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrhLIZwSnyIA162DbityhC3TuAm_FyB7djenoOPYQqrNKU6FEyyRGKM7CkSzUAlcIfchlnMzQtNkJiYFRchGSBdJ9DGyOd_jzv6Wpd7mf59EAgAA |
|
| login.microsoftonline.com/ | Name: fpc Value: Ah-qCbse7v9NtfHKFiDnqHrIfOXRAQAAALmC79kOAAAA |
|
| .login.microsoftonline.com/ | Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrImSIPsFFfQ9cf7F4seVQk1e0wBJZbJmrlZXgunzWjQTUIyCH8HIh5vQxB3mjCr9V4lovOCw6mbz6P3Jqj-PBG4v8zll_ZA_irpPEKq2OQqWXbpEQCimQYoWSoOFWCzHYnDzrYSEb8TU996Ipg_37qG98jrtiuXZBl3WGbQlOYu4gAA |
|
| .login.live.com/ | Name: uaid Value: 72115fac5dbc449a942986333cd34659 |
|
| .login.live.com/ | Name: MSPRequ Value: id=N<=1650297786&co=1 |
|
| .login.microsoftonline.com/ | Name: brcap Value: 0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=63072000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.net
autologon.microsoftazuread-sso.com
helpdesk.forwardair.com
login.live.com
login.microsoftonline.com
149.96.47.34
152.199.23.72
20.190.159.4
20.190.160.67
2603:1027:1:150::5
2620:1ec:bdf::45
00e0b0e42240d1362f7306ab3bd7ceb34fcb365f37d8d1a60a40e6bd2716a4a3
082815b90a92443611299b8f54e110663a9ea0cd2956cec9a5258f735d78a11c
0c0165f4fbf9dd81e8e22d5cfeb2e504d8e595906390459f8983afb7dca540d2
0e1694f0dc65f9262d627bf96052ab8f1d26cfb7a6a1df152617a91a03837eb2
0e3faeee7eb8711bf66111f9adc23a7b73aeede850a3b95ba4bdb0ebce10e15c
14aebeffdb64c0acd5c8af9c33fd2eb6a8d2eb257d7083ecf1cd89af3e9f08fc
1c7c259141b903c0b2f76cd49515cee7cb34ecea8a59c08dd2a7304da457a871
24c7f52e8eb84b3e3eb66411611fe4a61a8e74da5afb82b91e191a9a473db707
2a47487fbf3fee307ecb17c2ae6e40bef352aa41ad8cf226b90f8051b8e92a82
309ec2fb1114bff3c4353bb0020a8fadb48fbe882e88115a64509c903438564a
331dcd4bf720d43201832b8b0dade928db6c0c3d0a4312e61bffd0fdb379a433
35a86319d80b941df7db498279450d00c7aaff7f890b8c0779a8536a2a51ebef
3a64b575aa3a280db6f21323e048c6f36080ee920516f9b55ba497a8bdc910c9
3edf9d53136e82c4d84de17ee27d89c22cc855efd5e067dd9ca82399f6eeeecc
40e1e599d2e4ed5463e8041821c122c0e783f9677f93216efa5f4e9331693af2
46a636dd531ca380fe645418c0ac30abeed9f50d313120a8eeb1566472d03207
46bc7f678868f56b83a31fddfea4e2f35ff37232c5cbf5de2d27867bd0578efc
47674dde1969670e027b5953d05c22625edae250a5d83a6f607f1b8bb422b263
7a3756643d34d6d30f931bcea22c620d602ba24ab29f344d360b4307d334f475
7d5649f039c7a7f1449f51d45a03aa82bacda0df1900c83037ef1c96eb099afe
7fd1c469d96d1fad4d7896d4246c1d4f6012453be90aaeaf763cab1bb02f9830
865b0f2c97ebf716474afa26f916e63b17da230b4d845b0ee887b7831db56b93
86f545377a6585a7608fa1d8aff1c16a3c08b9f7dc4e40dd1a2281cbecedcb51
8737d721808655f37b333f08a90185699e7e8b9bdaaa15cdb63c8448b426f95d
8cb34a4da9e8831ac977b44229309eaaf54f7d9915d7351b031e8d60ec6e6c2e
8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
8ec72f198f19e9a656dca1c2cebde23f5a7ff40868b9c27776af8a4edd2b59c9
9631b5407844bc8128e984538ceee2a0f3ca1e9665890ff8df0f6c016833b51b
9fb19d53c246beda678d8ac2fc8303e9c85435805f5afed80aed7302e6803d16
a3bc7fc614d398faa526f1753eb2d70af7314bdb6ddbc12258484f1d10ddc1d3
a46201581a7c7c667fd42787cd1e9adf2f6bf809efb7596e61a03e8dba9ada13
b3aeb8e6cafa9a13567b7f5b27a0c34514b84cb6c22151d69fb34243cbf3abad
c0bd4ba92586b3ff2d4ab8ceb53e6f06461cb7d8110f8551d767dc6b17a6a35e
c3a408dbe2c6e6b40af0681c60aed6cdd17405ec60a4f688ab7cea3b7a47875d
d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
e156da182406af73fbba7da3e78d61c2c46ec7c3f9675cb32ab02743f318a635
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74b813f0c8790db2120c41289144f7cd781b1a0fae2361c931d605c928cdf61
f3fa0b12024ccaad8098273360fd52ef3dc5f3b1a2b5af0c009d6be84edeb84e