urlscan.io logo urlscan.io
SecurityTrails logo

sharepoint.aerusonline.com Open in urlscan Pro
67.232.170.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sharepoint.aerusonline.com/
Effective URL: https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
Submission: On February 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 67.232.170.96, located in Johnson City, United States and belongs to CENTURYLINK-LEGACY-EMBARQ-JCTY, US. The main domain is sharepoint.aerusonline.com.
TLS certificate: Issued by R3 on February 12th 2023. Valid for: 3 months.
This is the only time sharepoint.aerusonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 67.232.170.96 13787 (CENTURYLI...)
1 146.75.116.193 54113 (FASTLY)
8 2
Apex Domain
Subdomains		 Transfer
8 aerusonline.com
sharepoint.aerusonline.com
22 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 6088
13 KB
8 2
Domain Requested by
8 sharepoint.aerusonline.com 1 redirects sharepoint.aerusonline.com
1 i.imgur.com
8 2

This site contains no links.

Subject Issuer Validity Valid
sharepoint.aerusonline.com
R3		 2023-02-12 -
2023-05-13		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
Frame ID: 274767F25F58373972A355BBC202552D
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kemp Login Screen

Page URL History Show full URLs

  1. https://sharepoint.aerusonline.com/ HTTP 302
    https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

35 kB
Transfer

33 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sharepoint.aerusonline.com/ HTTP 302
    https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lm_auth_proxy
sharepoint.aerusonline.com/
Redirect Chain
  • https://sharepoint.aerusonline.com/
  • https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.232.170.96 Johnson City, United States, ASN13787 (CENTURYLINK-LEGACY-EMBARQ-JCTY, US),
Reverse DNS
Software
/
Resource Hash
49347e4d2a91c67fa97ee4eae25b669b909302a864a18289550b0dc2132bfdf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,max-age=0,must-revalidate
Connection
close
Content-Length
6238
Content-Type
text/html
Date
Sun, 12 Feb 2023 13:36:12 GMT
Pragma
no-cache
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
close
Content-Length
68
Content-Type
text/html
Date
Sun, 12 Feb 2023 13:36:11 GMT
Location
/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
lm_auth_proxy
sharepoint.aerusonline.com/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sharepoint.aerusonline.com/lm_auth_proxy?LMimage=kmgstyle.css
Requested by
Host: sharepoint.aerusonline.com
URL: https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.232.170.96 Johnson City, United States, ASN13787 (CENTURYLINK-LEGACY-EMBARQ-JCTY, US),
Reverse DNS
Software
/
Resource Hash
a68c75639ef404e0aeadce240672cdcee83bf940acf998543bb45645b97782bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sun, 12 Feb 2023 13:36:12 GMT
X-Content-Type-Options
nosniff
Connection
close
Content-Length
2468
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Type
text/css
lm_auth_proxy
sharepoint.aerusonline.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharepoint.aerusonline.com/lm_auth_proxy?LMimage=lm_sso.js
Requested by
Host: sharepoint.aerusonline.com
URL: https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.232.170.96 Johnson City, United States, ASN13787 (CENTURYLINK-LEGACY-EMBARQ-JCTY, US),
Reverse DNS
Software
/
Resource Hash
2e1e5712a6b30b4d11c6667b46a0481db7a51820af2bead5add517ea11ea47c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sun, 12 Feb 2023 13:36:12 GMT
X-Content-Type-Options
nosniff
Connection
close
Content-Length
6060
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Type
text/javascript
lm_auth_proxy
sharepoint.aerusonline.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharepoint.aerusonline.com/lm_auth_proxy?LMimage=espblank.gif
Requested by
Host: sharepoint.aerusonline.com
URL: https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.232.170.96 Johnson City, United States, ASN13787 (CENTURYLINK-LEGACY-EMBARQ-JCTY, US),
Reverse DNS
Software
/
Resource Hash
a44788d9730489e70db2ad5207d6c46d9db9d8230539d4c389332177aad4cfe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sun, 12 Feb 2023 13:36:13 GMT
X-Content-Type-Options
nosniff
Connection
close
Content-Length
1403
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Type
image/gif
lm_auth_proxy
sharepoint.aerusonline.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharepoint.aerusonline.com/lm_auth_proxy?LMimage=espbottom.gif
Requested by
Host: sharepoint.aerusonline.com
URL: https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.232.170.96 Johnson City, United States, ASN13787 (CENTURYLINK-LEGACY-EMBARQ-JCTY, US),
Reverse DNS
Software
/
Resource Hash
b66d7076352bcc3e9f62ee444a91ea2771474e1819ac84fd14eb307553cd94b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharepoint.aerusonline.com/lm_auth_proxy?DoLMLogin?curl=L2f&curlid=2873235809-2828191165&curlmode=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sun, 12 Feb 2023 13:36:13 GMT
X-Content-Type-Options
nosniff
Connection
close
Content-Length
1508
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Type
image/gif
lm_auth_proxy
sharepoint.aerusonline.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharepoint.aerusonline.com/lm_auth_proxy?LMimage=kmgleft.gif
Requested by
Host: sharepoint.aerusonline.com
URL: https://sharepoint.aerusonline.com/lm_auth_proxy?LMimage=kmgstyle.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.232.170.96 Johnson City, United States, ASN13787 (CENTURYLINK-LEGACY-EMBARQ-JCTY, US),
Reverse DNS
Software
/
Resource Hash
ffca1fbb8f584cf8a25c5989f0ad4aa4b56d86f1ee7239d30d099a843c87d7d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharepoint.aerusonline.com/lm_auth_proxy?LMimage=kmgstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sun, 12 Feb 2023 13:36:13 GMT
X-Content-Type-Options
nosniff
Connection
close
Content-Length
1310
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Type
image/gif
lm_auth_proxy
sharepoint.aerusonline.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sharepoint.aerusonline.com/lm_auth_proxy?LMimage=kmgright.gif
Requested by
Host: sharepoint.aerusonline.com
URL: https://sharepoint.aerusonline.com/lm_auth_proxy?LMimage=kmgstyle.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.232.170.96 Johnson City, United States, ASN13787 (CENTURYLINK-LEGACY-EMBARQ-JCTY, US),
Reverse DNS
Software
/
Resource Hash
aefc5dc38c32fa12b5e9f7639806e0b8a2cb733d635ae450951c985c80e7efd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharepoint.aerusonline.com/lm_auth_proxy?LMimage=kmgstyle.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Sun, 12 Feb 2023 13:36:13 GMT
X-Content-Type-Options
nosniff
Connection
close
Content-Length
1309
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Type
image/gif
mnOMM5m.png
i.imgur.com/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/mnOMM5m.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
3f43d8310c1b9b7ada4236df04971092b4cc532330bb1e407261b00bfce83afb
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharepoint.aerusonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 12 Feb 2023 13:36:13 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
0
x-cache
MISS, MISS
content-length
13446
x-served-by
cache-iad-kjyo7100114-IAD, cache-fra-eddf8230096-FRA
last-modified
Fri, 30 Apr 2021 18:57:52 GMT
server
cat factory 1.0
x-timer
S1676208973.421924,VS0,VE138
etag
"41eeb1a5219036260c33dff88caf581d"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 0

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange string| xx_msg10 string| xx_msg11 string| xx_msg15 string| xx_msg17 function| errmsg boolean| has_captcha function| save_username function| save_usernames_dfa function| getCookie function| loadvalues function| no_password_form function| set_allbuttons function| captcha_valid function| captcha_expired function| setup_captcha function| sso_setup

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block