onmicrosoftonline.macksspaw.com
Open in
urlscan Pro
159.100.30.211
Public Scan
Effective URL: https://onmicrosoftonline.macksspaw.com/?82tGVK=ShWu&username=gpeters@trimontrea.com&sso_reload=true
Submission: On May 22 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 19th 2023. Valid for: 3 months.
This is the only time onmicrosoftonline.macksspaw.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.115.56 167.89.115.56 | 11377 (SENDGRID) (SENDGRID) | |
1 1 | 213.205.32.18 213.205.32.18 | 8612 (TISCALI-) (TISCALI-) | |
1 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
1 1 | 166.0.235.123 166.0.235.123 | 395111 (KVCNET-2009) (KVCNET-2009) | |
4 | 159.100.30.211 159.100.30.211 | 44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net) | |
7 | 3 |
ASN11377 (SENDGRID, US)
PTR: o16789115x56.outbound-mail.sendgrid.net
url2507.cheetahagency.com |
ASN395111 (KVCNET-2009, US)
PTR: ok1050.kvchosting.com
dacewebsolutions.com |
ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
onmicrosoftonline.macksspaw.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
macksspaw.com
onmicrosoftonline.macksspaw.com live.macksspaw.com Failed 8c6b27f4-7e36b161.macksspaw.com Failed |
426 KB |
1 |
dacewebsolutions.com
1 redirects
dacewebsolutions.com |
439 B |
1 |
web.app
docu-58ea4.web.app |
634 B |
1 |
tiscali.it
1 redirects
casa.tiscali.it |
1019 B |
1 |
cheetahagency.com
1 redirects
url2507.cheetahagency.com |
325 B |
7 | 5 |
Domain | Requested by | |
---|---|---|
4 | onmicrosoftonline.macksspaw.com |
docu-58ea4.web.app
onmicrosoftonline.macksspaw.com |
1 | dacewebsolutions.com | 1 redirects |
1 | docu-58ea4.web.app | |
1 | casa.tiscali.it | 1 redirects |
1 | url2507.cheetahagency.com | 1 redirects |
0 | 8c6b27f4-7e36b161.macksspaw.com Failed |
onmicrosoftonline.macksspaw.com
|
0 | live.macksspaw.com Failed |
onmicrosoftonline.macksspaw.com
|
7 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2023-05-10 - 2023-08-08 |
3 months | crt.sh |
macksspaw.com R3 |
2023-05-19 - 2023-08-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://onmicrosoftonline.macksspaw.com/?82tGVK=ShWu&username=gpeters@trimontrea.com&sso_reload=true
Frame ID: EE3BED73FD4ED6F3FFCA15FC1779842F
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://url2507.cheetahagency.com/ls/click?upn=o6XOAG1Wi1vsf1kAKjpjuYWy56xzbC-2BAkEMBOKSSiDzIucCrl6X-2FprvSHzt...
HTTP 302
https://casa.tiscali.it/promo/?u=https%3A%2F%2Fdocu-58ea4.web.app/g2vTQ3btQ3br5kZ07xtrinZ1H05ntrQ3ba... HTTP 302
https://docu-58ea4.web.app/g2vTQ3btQ3br5kZ07xtrinZ1H05ntrQ3bad0TR3wH05nZ1?c=351757 Page URL
-
https://dacewebsolutions.com/.ver.php?url=https://docu-58ea4.web.app/g2vTQ3btQ3br5kZ07xtrinZ1H05ntrQ3bad0...
HTTP 302
https://onmicrosoftonline.macksspaw.com/?82tGVK=ShWu&username=gpeters@trimontrea.com Page URL
- https://onmicrosoftonline.macksspaw.com/?82tGVK=ShWu&username=gpeters@trimontrea.com Page URL
- https://onmicrosoftonline.macksspaw.com/?82tGVK=ShWu&username=gpeters@trimontrea.com&sso_reload=true Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://url2507.cheetahagency.com/ls/click?upn=o6XOAG1Wi1vsf1kAKjpjuYWy56xzbC-2BAkEMBOKSSiDzIucCrl6X-2FprvSHztUu3kE6RcMjAsw3CyH7jNheT9boOh8wmi-2BQyWUsV0XY82aEAS-2FSG-2Fn3vX4VGbBRO4tksOJvnCsBZ-2BNhuZo0IUD2PMZNDXKpzT1xTA7kfBrLUcSmgRG55Kk3VGYoIjn5FKG-2BLJv9EuP_9jj1jQUG1eZCvPmbT8HJA1npF89dkC4U1oL7hsVImiOWwZNsCkQ53Ol0Nb4aaWOsTPDOHSxTRtPvPTv1emK50QuUhuWaV-2FxWcguboZUII-2BOKxRs0PZ5j7r1YCdxoSJewWwnNrnYCTnWMJ7XRSwlAoldGzX8g-2B9JznVkBMX7QAt-2BBAd-2BrkYML27WknudgKfAkl06ni0uf-2BqNQfC5N5dX79g-3D-3D
HTTP 302
https://casa.tiscali.it/promo/?u=https%3A%2F%2Fdocu-58ea4.web.app/g2vTQ3btQ3br5kZ07xtrinZ1H05ntrQ3bad0TR3wH05nZ1&c=351757 HTTP 302
https://docu-58ea4.web.app/g2vTQ3btQ3br5kZ07xtrinZ1H05ntrQ3bad0TR3wH05nZ1?c=351757 Page URL
-
https://dacewebsolutions.com/.ver.php?url=https://docu-58ea4.web.app/g2vTQ3btQ3br5kZ07xtrinZ1H05ntrQ3bad0TR3wH05nZ1?c=351757
HTTP 302
https://onmicrosoftonline.macksspaw.com/?82tGVK=ShWu&username=gpeters@trimontrea.com Page URL
- https://onmicrosoftonline.macksspaw.com/?82tGVK=ShWu&username=gpeters@trimontrea.com Page URL
- https://onmicrosoftonline.macksspaw.com/?82tGVK=ShWu&username=gpeters@trimontrea.com&sso_reload=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://url2507.cheetahagency.com/ls/click?upn=o6XOAG1Wi1vsf1kAKjpjuYWy56xzbC-2BAkEMBOKSSiDzIucCrl6X-2FprvSHztUu3kE6RcMjAsw3CyH7jNheT9boOh8wmi-2BQyWUsV0XY82aEAS-2FSG-2Fn3vX4VGbBRO4tksOJvnCsBZ-2BNhuZo0IUD2PMZNDXKpzT1xTA7kfBrLUcSmgRG55Kk3VGYoIjn5FKG-2BLJv9EuP_9jj1jQUG1eZCvPmbT8HJA1npF89dkC4U1oL7hsVImiOWwZNsCkQ53Ol0Nb4aaWOsTPDOHSxTRtPvPTv1emK50QuUhuWaV-2FxWcguboZUII-2BOKxRs0PZ5j7r1YCdxoSJewWwnNrnYCTnWMJ7XRSwlAoldGzX8g-2B9JznVkBMX7QAt-2BBAd-2BrkYML27WknudgKfAkl06ni0uf-2BqNQfC5N5dX79g-3D-3D HTTP 302
- https://casa.tiscali.it/promo/?u=https%3A%2F%2Fdocu-58ea4.web.app/g2vTQ3btQ3br5kZ07xtrinZ1H05ntrQ3bad0TR3wH05nZ1&c=351757 HTTP 302
- https://docu-58ea4.web.app/g2vTQ3btQ3br5kZ07xtrinZ1H05ntrQ3bad0TR3wH05nZ1?c=351757
- https://dacewebsolutions.com/.ver.php?url=https://docu-58ea4.web.app/g2vTQ3btQ3br5kZ07xtrinZ1H05ntrQ3bad0TR3wH05nZ1?c=351757 HTTP 302
- https://onmicrosoftonline.macksspaw.com/?82tGVK=ShWu&username=gpeters@trimontrea.com
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
g2vTQ3btQ3br5kZ07xtrinZ1H05ntrQ3bad0TR3wH05nZ1
docu-58ea4.web.app/ Redirect Chain
|
445 B 634 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
onmicrosoftonline.macksspaw.com/ Redirect Chain
|
351 KB 118 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
onmicrosoftonline.macksspaw.com/ |
200 B 341 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
onmicrosoftonline.macksspaw.com/ |
457 KB 156 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
onmicrosoftonline.macksspaw.com/ |
508 KB 153 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Me.htm
live.macksspaw.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js
8c6b27f4-7e36b161.macksspaw.com/shared/1.0/content/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- live.macksspaw.com
- URL
- https://live.macksspaw.com/Me.htm?v=3
- Domain
- 8c6b27f4-7e36b161.macksspaw.com
- URL
- https://8c6b27f4-7e36b161.macksspaw.com/shared/1.0/content/js/ConvergedLogin_PCore_s9lCYGipHOEtFkYXVZWDhg2.js
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.macksspaw.com/ | Name: aA4CSQ Value: N2UzNmIxNjEtY2NkNC00MWQ0LTkxZDEtMDZiYWFjYjBkN2U4OjhhNDUzYTMxLTliMGQtNDE3OC1hZjljLWMxNDNkYTQ0ZmZmMQ== |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
8c6b27f4-7e36b161.macksspaw.com
casa.tiscali.it
dacewebsolutions.com
docu-58ea4.web.app
live.macksspaw.com
onmicrosoftonline.macksspaw.com
url2507.cheetahagency.com
8c6b27f4-7e36b161.macksspaw.com
live.macksspaw.com
159.100.30.211
166.0.235.123
167.89.115.56
213.205.32.18
2620:0:890::100
25fd92e5ea8d49f9a7b096c8a32b00062f8bb97080ce4d333053a345e322890a
580d32425d9c46947cf17c3e4c448b67f01db1af6599825687f4f4648221f602
9b658c434a6f4c3d5fecb0b097c1d70167e8fea868048a7307622a47c8b75a22