urlscan.io logo urlscan.io
SecurityTrails logo

www.michaels.com Open in urlscan Pro
184.24.20.80  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u19003749.ct.sendgrid.net/ls/click?upn=XburiKeygrpRhONDOqETFPUw8EnNaR665VUzMAiPjzPh5AF29PMsB3vDrT3m38fzFu4JqUkwDzR8Lb5pRs4...
Effective URL: https://www.michaels.com/welcome-darice
Submission: On October 27 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 6 domains to perform 2 HTTP transactions. The main IP is 184.24.20.80, located in United States and belongs to AKAMAI-ASN1, EU. The main domain is www.michaels.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on September 15th 2020. Valid for: a year.
This is the only time www.michaels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.54 11377 (SENDGRID)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 162.0.232.253 22612 (NAMECHEAP...)
1 1 162.0.232.251 22612 (NAMECHEAP...)
3 3 207.54.159.125 17054 (AS17054)
1 184.24.20.80 20940 (AKAMAI-ASN1)
2 2
1    167.89.115.54 (United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net
u19003749.ct.sendgrid.net
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebasestorage.googleapis.com
1    162.0.232.253 (Canada)

ASN22612 (NAMECHEAP-NET, US)
PTR: server290-5.web-hosting.com
mailinsteamss.org
1    162.0.232.251 (Canada)

ASN22612 (NAMECHEAP-NET, US)
PTR: server290-3.web-hosting.com
xzill.co
3    207.54.159.125 (Branchport, United States)

ASN17054 (AS17054, US)
PTR: www.darice.com
darice.com
www.darice.com
1    184.24.20.80 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-24-20-80.deploy.static.akamaitechnologies.com
www.michaels.com
Apex Domain
Subdomains		 Transfer
3 darice.com
darice.com
www.darice.com
4 KB
1 michaels.com
www.michaels.com
2 KB
1 xzill.co
xzill.co
281 B
1 mailinsteamss.org
mailinsteamss.org
279 B
1 googleapis.com
firebasestorage.googleapis.com
1 KB
1 sendgrid.net
u19003749.ct.sendgrid.net
363 B
2 6
Domain Requested by
2 www.darice.com 2 redirects
1 www.michaels.com firebasestorage.googleapis.com
1 darice.com 1 redirects
1 xzill.co 1 redirects
1 mailinsteamss.org 1 redirects
1 firebasestorage.googleapis.com
1 u19003749.ct.sendgrid.net 1 redirects
2 7

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
www.michaels.com
Entrust Certification Authority - L1K		 2020-09-15 -
2021-10-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.michaels.com/welcome-darice
Frame ID: 8C1546DE20DE0CF6A496C945D9C9E774
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u19003749.ct.sendgrid.net/ls/click?upn=XburiKeygrpRhONDOqETFPUw8EnNaR665VUzMAiPjzPh5AF29PMsB3vDrT3m38f... HTTP 302
    https://firebasestorage.googleapis.com/v0/b/authx-eaec3.appspot.com/o/index.html?alt=media&token=6cb86bbd-e20e-4c3c... Page URL
  2. https://mailinsteamss.org/?i=joe_rudolph@darice.com HTTP 302
    https://xzill.co/dom/?dom=darice.com HTTP 302
    http://darice.com/?status=activated HTTP 301
    http://www.darice.com/?status=activated HTTP 301
    https://www.darice.com/?status=activated HTTP 302
    https://www.michaels.com/welcome-darice Page URL

Page Statistics

2
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

2
IPs

3
Countries

3 kB
Transfer

1 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u19003749.ct.sendgrid.net/ls/click?upn=XburiKeygrpRhONDOqETFPUw8EnNaR665VUzMAiPjzPh5AF29PMsB3vDrT3m38fzFu4JqUkwDzR8Lb5pRs45V88pLQyhgeXEWBH5OZ9WIyVNIb2rbYRVjOa1nzL3nURcxAFcNhz0Jq1hSfiZ8YwEtQZTQRUgiWnWP5-2B6iSgasjzBX-2FNKmMrFo6tyVZqhqwe-2B8f7-2BRhcARCcBJUZy1PdhlQwqrZBAzYYBVWTQdPOM73s-3DtgXg_u3W1Olx-2Be2H07PKm6yM5-2BHajV-2FrrnUvqsM5Hb-2F2OHc9mnPSfMwn4rF5mCiEz4T5FIwZRLJPhEMVP2O4PrFheoE8y3U2TGB3nOyKTqf9qA1yTy1OEO6SfBHYk4jVeqypV53LSwJZ0kUyvi1Q-2FtufxoE5qkaJeuC03-2FR7CDkr5S8tWpAbY9XQNiQllAg8EdMdmMOva9hm3l7iY-2B7ObBSVukfH-2F2Pa1m60dcIdhGNRMGBQ-3D HTTP 302
    https://firebasestorage.googleapis.com/v0/b/authx-eaec3.appspot.com/o/index.html?alt=media&token=6cb86bbd-e20e-4c3c-81c9-f461b2822982&id=joe_rudolph@darice.com Page URL
  2. https://mailinsteamss.org/?i=joe_rudolph@darice.com HTTP 302
    https://xzill.co/dom/?dom=darice.com HTTP 302
    http://darice.com/?status=activated HTTP 301
    http://www.darice.com/?status=activated HTTP 301
    https://www.darice.com/?status=activated HTTP 302
    https://www.michaels.com/welcome-darice Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://u19003749.ct.sendgrid.net/ls/click?upn=XburiKeygrpRhONDOqETFPUw8EnNaR665VUzMAiPjzPh5AF29PMsB3vDrT3m38fzFu4JqUkwDzR8Lb5pRs45V88pLQyhgeXEWBH5OZ9WIyVNIb2rbYRVjOa1nzL3nURcxAFcNhz0Jq1hSfiZ8YwEtQZTQRUgiWnWP5-2B6iSgasjzBX-2FNKmMrFo6tyVZqhqwe-2B8f7-2BRhcARCcBJUZy1PdhlQwqrZBAzYYBVWTQdPOM73s-3DtgXg_u3W1Olx-2Be2H07PKm6yM5-2BHajV-2FrrnUvqsM5Hb-2F2OHc9mnPSfMwn4rF5mCiEz4T5FIwZRLJPhEMVP2O4PrFheoE8y3U2TGB3nOyKTqf9qA1yTy1OEO6SfBHYk4jVeqypV53LSwJZ0kUyvi1Q-2FtufxoE5qkaJeuC03-2FR7CDkr5S8tWpAbY9XQNiQllAg8EdMdmMOva9hm3l7iY-2B7ObBSVukfH-2F2Pa1m60dcIdhGNRMGBQ-3D HTTP 302
  • https://firebasestorage.googleapis.com/v0/b/authx-eaec3.appspot.com/o/index.html?alt=media&token=6cb86bbd-e20e-4c3c-81c9-f461b2822982&id=joe_rudolph@darice.com

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.html
firebasestorage.googleapis.com/v0/b/authx-eaec3.appspot.com/o/
Redirect Chain
  • https://u19003749.ct.sendgrid.net/ls/click?upn=XburiKeygrpRhONDOqETFPUw8EnNaR665VUzMAiPjzPh5AF29PMsB3vDrT3m38fzFu4JqUkwDzR8Lb5pRs45V88pLQyhgeXEWBH5OZ9WIyVNIb2rbYRVjOa1nzL3nURcxAFcNhz0Jq1hSfiZ8YwEtQ...
  • https://firebasestorage.googleapis.com/v0/b/authx-eaec3.appspot.com/o/index.html?alt=media&token=6cb86bbd-e20e-4c3c-81c9-f461b2822982&id=joe_rudolph@darice.com
360 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://firebasestorage.googleapis.com/v0/b/authx-eaec3.appspot.com/o/index.html?alt=media&token=6cb86bbd-e20e-4c3c-81c9-f461b2822982&id=joe_rudolph@darice.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1f4d102d5faf1a5448c783ab557c1ac895878a292d584698a8c2c7a9b70aadf0

Request headers

:method
GET
:authority
firebasestorage.googleapis.com
:scheme
https
:path
/v0/b/authx-eaec3.appspot.com/o/index.html?alt=media&token=6cb86bbd-e20e-4c3c-81c9-f461b2822982&id=joe_rudolph@darice.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-guploader-uploadid
ABg5-UzVB_-Zy_klqtRmSkNUie8IasIeDabqEDpiU_7SKfhEAjo3xQd4mxXmI9HazpLkviOO-9MoVXFivL1zx-9PUYw
expires
Tue, 27 Oct 2020 13:10:00 GMT
date
Tue, 27 Oct 2020 13:10:00 GMT
cache-control
private, max-age=0
last-modified
Mon, 12 Oct 2020 09:39:51 GMT
etag
"a72fb52b69fe3001981d4a26c10dead4"
x-goog-generation
1602495591035837
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
360
x-goog-meta-firebasestoragedownloadtokens
6cb86bbd-e20e-4c3c-81c9-f461b2822982
content-type
text/html
content-disposition
inline; filename*=utf-8''index.html
x-goog-hash
crc32c=vFPRhA== md5=py+1K2n+MAGYHUomwQ3q1A==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
360
server
UploadServer
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Server
nginx
Date
Tue, 27 Oct 2020 13:10:00 GMT
Content-Type
text/html; charset=utf-8
Content-Length
190
Connection
keep-alive
Location
https://firebasestorage.googleapis.com/v0/b/authx-eaec3.appspot.com/o/index.html?alt=media&token=6cb86bbd-e20e-4c3c-81c9-f461b2822982&id=joe_rudolph@darice.com
X-Robots-Tag
noindex, nofollow
Primary Request welcome-darice
www.michaels.com/
Redirect Chain
  • https://mailinsteamss.org/?i=joe_rudolph@darice.com
  • https://xzill.co/dom/?dom=darice.com
  • http://darice.com/?status=activated
  • http://www.darice.com/?status=activated
  • https://www.darice.com/?status=activated
  • https://www.michaels.com/welcome-darice
284 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.michaels.com/welcome-darice
Requested by
Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/authx-eaec3.appspot.com/o/index.html?alt=media&token=6cb86bbd-e20e-4c3c-81c9-f461b2822982&id=joe_rudolph@darice.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.20.80 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-24-20-80.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
6220b281ddc54c15ee6c1d1a724b902c698f7f991e6facf872bf84212f6930a1

Request headers

:method
GET
:authority
www.michaels.com
:scheme
https
:path
/welcome-darice
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://firebasestorage.googleapis.com/v0/b/authx-eaec3.appspot.com/o/index.html?alt=media&token=6cb86bbd-e20e-4c3c-81c9-f461b2822982&id=joe_rudolph@darice.com

Response headers

status
403
server
AkamaiGHost
mime-version
1.0
content-type
text/html
content-length
284
expires
Tue, 27 Oct 2020 13:10:09 GMT
date
Tue, 27 Oct 2020 13:10:09 GMT
set-cookie
AKA_A2=A; expires=Tue, 27-Oct-2020 14:10:09 GMT; path=/; domain=michaels.com; secure; HttpOnly
link
<https://tags.tiqcdn.com>;rel="preconnect",<https://cdn.cquotient.com>;rel="preconnect"

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.michaels.com/welcome-darice
Set-Cookie
.ASPXBrowserOverride=Mozilla%2f4.0+(compatible%3b+MSIE+6.0%3b+Windows+CE%3b+IEMobile+8.12%3b+MSIEMobile+6.0); expires=Tue, 03-Nov-2020 14:10:08 GMT; path=/; secure; HttpOnly; SameSite=strict .ASPXBrowserOverride=Mozilla%2f4.0+(compatible%3b+MSIE+6.0%3b+Windows+CE%3b+IEMobile+8.12%3b+MSIEMobile+6.0); expires=Tue, 03-Nov-2020 14:10:08 GMT; path=/; secure; HttpOnly; SameSite=strict ANONAUTH=Zu9aL3FSOgwDOWGYH6ueLGfMokieMZCwg/7uDaI2vITvRlvNzhOnpQ==; expires=Wed, 27-Oct-2021 13:10:08 GMT; path=/; secure; HttpOnly; SameSite=strict ASP.NET_SessionId=o13noodxln4urs1sjfslixoi; path=/; secure; HttpOnly; SameSite=Lax; SameSite=strict MSCSProfile=1D3D06FBE7C3B4A1B9EE3D5B786E810584983040486E85ED1D43D016AD2D38EA80342AA659E70C6D7B2D5CA294DE76CAD6542B681846E2A73E26166F6EB53C3FA0844E162487FDA5832CFD8C43C753A048978F3A2B361AD5717AFDB6BCB50AB170D68A3F4038DE04900824C3CAFEE8EA39B063812AF0E7644ABEC357F1028801; path=/; secure; HttpOnly; SameSite=strict .ASPXBrowserOverride=Mozilla%2f4.0+(compatible%3b+MSIE+6.0%3b+Windows+CE%3b+IEMobile+8.12%3b+MSIEMobile+6.0); expires=Tue, 03-Nov-2020 14:10:08 GMT; path=/; secure; HttpOnly; SameSite=strict ANONAUTH=Zu9aL3FSOgwDOWGYH6ueLGfMokieMZCwg/7uDaI2vITvRlvNzhOnpQ==; expires=Wed, 27-Oct-2021 13:10:08 GMT; path=/; secure; HttpOnly; SameSite=strict ASP.NET_SessionId=o13noodxln4urs1sjfslixoi; path=/; secure; HttpOnly; SameSite=Lax; SameSite=strict MSCSProfile=1D3D06FBE7C3B4A1B9EE3D5B786E810584983040486E85ED1D43D016AD2D38EA80342AA659E70C6D7B2D5CA294DE76CAD6542B681846E2A73E26166F6EB53C3FA0844E162487FDA5832CFD8C43C753A048978F3A2B361AD5717AFDB6BCB50AB170D68A3F4038DE04900824C3CAFEE8EA39B063812AF0E7644ABEC357F1028801; path=/; secure; HttpOnly; SameSite=strict mped=; expires=Sun, 27-Oct-2019 13:10:08 GMT; path=/; secure; HttpOnly; SameSite=strict CampaignHistory=658,1665,1667,1087,1086,1085,1084,1109; path=/; secure; HttpOnly; SameSite=strict _DPPromADY=fa4eb618-584e-4577-9d50-47ebf1751b57; expires=Tue, 27-Oct-2020 13:25:08 GMT; path=/; secure; HttpOnly; SameSite=strict
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=86400; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Expect-CT
enforce, max-age=360000, report-uri="https://www.darice.com"
Date
Tue, 27 Oct 2020 13:10:08 GMT
Content-Length
156

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes

1 Cookies

Domain/Path Name / Value
.michaels.com/ Name: AKA_A2
Value: A